option
My Daypo

2changsoo_C01

COMMENTS STADISTICS RECORDS
TAKE THE TEST
Title of test:
2changsoo_C01

Description:
2changsoo_C01

Author:
iamcslee
(Other tests from this author)

Creation Date:
25/11/2021

Category:
Others

Number of questions: 100
Share the Test:
Facebook
Twitter
Whatsapp
Share the Test:
Facebook
Twitter
Whatsapp
Last comments
No comments about this test.
Content:
NO.1 A company has an on-premises application that collects data and stores it to an on-premises NFS server The company recently set up a 10 Gbps AWS Direct Connect connection. The company is running out of storage capacity on premises. The company needs to migrate the application data from on premises to the AWS Cloud while maintaining low-latency access to the data from the on-premises application What should a solutions architect do to meet these requirements? A. Deploy AWS Storage Gateway for the application data and use the file gateway to store the data in Amazon S3 Connect the on-premises application servers to the file gateway using NFS B. Attach an Amazon Elastic File System (Amazon EFS) file system to the NFS server and copy the application data to the EFS file system. Then connect the on-premises application to Amazon EFS C. Configure AWS Storage Gateway as a volume gateway Make the application data available to the on-premises application from the NFS server and with Amazon Elastic Block Store {Amazon EBS) snapshots D. Create an AWS Data-Sync agent with the NFS server as the source location and an Amazon Elastic File System (Amazon EFS) file system as the destination for application data transfer Connect the on-premises application to the EFS file system.
NO.2 A gaming company hosts a browser-based application on AWS The users of the application consume a large number of videos and images that are stored in Amazon S3. This content is the same for all users The application has increased in popularity, and millions of users worldwide are accessing these media files. The company wants to provide the files to the users while reducing the load on the origin Which solution meets these requirements MOST cost-effectively? A. Deploy an AWS Global Accelerator accelerator in front of the web servers B. Deploy an Amazon CloudFront web distribution in front of the S3 bucket C. Deploy an Amazon ElastiCache for Redis instance in front of the web servers D. Deploy an Amazon ElastiCache for Memcached instance in front of the web servers.
NO.3 An administrator of a large company wants to monitor for and prevent any cryptocurrency related attacks on the company's AWS accounts Which AWS service can the administrator use to protect the company against attacks? A. Amazon Cognito B. Amazon GuardDuty C. Amazon Inspector D. Amazon Macie .
NO.4 A company operates a website on Amazon EC2 Linux instances Some of the instances are failing. Troubleshooting points to insufficient swap space on the failed instances. The operations team lead needs a solution to monitor this. What should a solutions architect recommend? A. Configure an Amazon CloudWatch SwapUsage metric dimension Monitor the SwapUsage dimension in the EC2 metrics in CloudWatch. B. Use EC2 metadata to collect information, then publish it to Amazon CloudWatch custom metrics Monitor SwapUsage metrics in CloudWatch C. Install an Amazon CloudWatch agent on the instances. Run an appropriate script on a set schedule. Monitor SwapUtilization metrics in CloudWatch D. Enable detailed monitoring in the EC2 console Create an Amazon CloudWatch SwapUtilization custom metric Monitor SwapUtilization metrics in CloudWatch.
NO.5 A solutions architect must design a solution that uses Amazon CloudFront with an Amazon S3 origin to store a static website. The company's security policy requires that all website traffic be inspected by AWS WAF. How should the solutions architect comply with these requirements? A. Configure an S3 bucket policy to accept requests coming from the AWS WAF Amazon Resource Name (ARN) only. B. Configure Amazon CloudFront to forward all incoming requests to AWS WAF before requesting content from the S3 origin. C. Configure a security group that allows Amazon CloudFront IP addresses to access Amazon S3 only. Associate AWS WAF to CloudFront. D. Configure Amazon CloudFront and Amazon S3 to use an origin access identity (OAI) to restrict access to the S3 bucket Enable AWS WAF on the distribution.
NO.6 A company has applications that are deployed in multiple AWS Regions. The applications use an architecture that is based on Amazon EC2, Amazon Elastic Block Store (Amazon EBS), Amazon Elastic File System (Amazon EFS). and Amazon DynamoDB The company lacks a mechanism for centralized data backup. A solutions architect must centralize data backup with the least possible operational effort. What should the solutions architect do to meet these requirements? A. Tag all resources by project Use AWS Systems Manager to set up snapshots by project and set DynamoDB incremental backups. B. Tag all resources by project. Create backup plans in AWS Backup to back up the data by tag name according to each project's needs. C. Tag all resources by project Create an AWS Lambda function to run on schedule and take snapshots of each EC2 instance. EBS volume, and EFS file system by project Configure the function to invoke DynamoDB on-demand backup. D. Use AWS CloudFormation to create a template for every new project so that all resources can be recreated at any time. Set the template to take daily snapshots of each EC2 instance r EBS volume and EFS file system Set the template to use DynamoDB on-demand backup for daily backups.
NO.7 A company runs its Infrastructure on AWS and has a registered base of 700.000 users for res document management application The company intends to create a product that converts large pdf files to jpg Imago files. The .pdf files average 5 MB in size. The company needs to store the original files and the converted files. A solutions architect must design a scalable solution to accommodate demand that will grow rapidly over lime. Which solution meets these requirements MOST cost-effectively? A. Save the pdf files to Amazon S3 Configure an S3 PUT event to invoke an AWS Lambda function to convert the files to jpg format and store them back in Amazon S3 B. Save the pdf files to Amazon DynamoDB. Use the DynamoDB Streams feature to invoke an AWS Lambda function to convert the files to jpg format and store them hack in DynamoDB C. Upload the pdf files to an AWS Elastic Beanstalk application that includes Amazon EC2 instances. Amazon Elastic Block Store (Amazon EBS) storage and an Auto Scaling group. Use a program In the EC2 instances to convert the files to jpg format Save the .pdf files and the .jpg files In the EBS store. D. Upload the .pdf files to an AWS Elastic Beanstalk application that includes Amazon EC2 instances, Amazon Elastic File System (Amazon EPS) storage, and an Auto Scaling group. Use a program in the EC2 instances to convert the file to jpg format Save the pdf files and the jpg files in the EBS store.
NO.8 A company recently implemented hybrid cloud connectivity using AWS Direct Connect and is migrating data to Amazon S3. The company is looking for a fully managed solution that will automate and accelerate the replication of data between the on-premises storage systems and AWS storage services. Which solution should a solutions architect recommend to keep the data private? A. Deploy an AWS DataSync agent for the on-premises environment Configure a sync job to replicate the data and connect it with an AWS service endpoint B. Deploy an AWS DataSync agent for the on-premises environment. Schedule a batch job to replicate point-in-time snapshots to AWS. C. Deploy an AWS Storage Gateway volume gateway for the on-premises environment. Configure it to store data locally, and asynchronously back up point-in-time snapshots to AWS. D. Deploy an AWS Storage Gateway file gateway for the on-premises environment Configure it to store data locally, and asynchronously back up point-m-time snapshots to AWS.
NO.9 A recently created startup built a three-tier web application. The front end nas static content The application layer is based on mtcroservtces User data is stored as JSON documents that need to be accessed with low latency. The company expects regular traffic to be tow during the first year with peaks in traffic when it publicizes new features every month. The startup team needs to minimize operational overhead costs What should a solutions architect recommend to accomplish this? A. Use Amazon S3 static website hosting to store and serve the front end Use AWS Elastic Beanstalk tor the application layer Use Amazon DynamoDB to store user data B. Use Amazon S3 static website hosting to store and serve the front end Use Amazon Elastic Kubernetes Service (Amazon EKSJ for the application layer Use Amazon DynamoDB lo store user data C. Use Amazon S3 static website hosting to store and serve the front end Use Amazon API Gateway and AWS Lambda function for the application layer Use Amazon DynamoDB to store user data D. Use Amazon S3 static website hosting to store and serve the front end Use Amazon API Gateway and AWS Lambda function for the application layer Use Amazon RDS with read replicas to store user data.
NO.10 A company has an Amazon S3 bucket that contains confidential information in its production AWS account The company has turned on AWS CloudTrail for the account. The account sends a copy of its logs to Amazon CloudWatch Logs. The company has configured the S3 bucket to log read and write data events. A company auditor discovers that some objects in the S3 bucket have been deleted A solutions architect must provide the auditor with information about who deleted the objects What should the solutions architect do to provide this information? A. Create a CloudWatch Logs fitter to extract the S3 write API calls against the S3 bucket B. Query the CloudTrail togs with Amazon Athena to identify the S3 write API calls against the S3 bucket C. Use AWS Trusted Advisor to perform security checks for S3 write API calls that deleted the content D. Use AWS Config to track configuration changes on the S3 bucket Use these details to track the S3 write API calls that deleted the content.
NO.11 A company runs en application on a large fleet of Amazon EC2 instances. The applicationreads and write entries into an Amazon DynamoDB table The size of the OynamoDB table continuously grows but the application needs only data from the last 30 days The company needs a solution that minimizes cost and development effort Which solution meets these requirements? A. Use an AWS CloudFormation template to deploy the complete solution Redeploy the Cloud Formation stack every 30 days, and delete the original stack B. Use an EC2 instance that runs a monitoring application from AWS Marketplace Configure the monitoring application to use Amazon DynamoOB Streams to store the timestamp when a new item is created in the table Use a script that runs on the EC2 instance to delete items that have a timestamp that is older than 30 days C. Configure Amazon DynamoDB Streams to invoke an AWS Lambda function when a new item is created in the table Configure the Lambda function to delete items m the table that are older than 30 days D. Extend the application to add an attribute that has a value of the current timestamp plus 30 days to each new item that is created in the table Configure DynamoDB to use the attribute as the TTL attribute.
NO.12 A company runs an application In a branch office within a small data closet with no vitalized compute resources. The application data is stored on an NFS volume Compliance standards require a daily offsite backup of the NFS volume. Which solution meets these requirements? A. Install an AWS Storage Gateway fie gateway on premises to replicate the data to Amazon S3 B. Install an AWS Storage Gateway fie gateway hardware appliance on premises to replicate the data to Amazon S3. C. Install an AWS Storage Gateway volume gateway with stored volumes on premises to replicate the data to Amazon S3 D. Install an AWS Storage Gateway volume gateway with cached volumes on premises to replicate the data to Amazon S3.
NO.13 A company needs to store data from its healthcare application. The application's data frequently changes. A new regulation requires audit access at all levels of the stored data. The company hosts the application on an on-premises infrastructure that is running out of storage capacity. A solutions architect must securely migrate the existing data to AWS while satisfying the new regulation. Which solution will meet these requirements? A. Use AWS DataSync to move the existing data to Amazon S3. Use AWS CloudTrail to log data events. B. Use AWS Snowcone to move the existing data to Amazon S3. Use AWS CloudTrail to log management events. C. Use Amazon S3 Transfer Acceleration to move the existing data to Amazon S3. Use AWS CloudTrail to log data events. D. Use AWS Storage Gateway to move the existing data to Amazon S3. Use AWS CloudTrail to log management events.
NO.14 A news company that has reporters ail over the world is hosting its broadcast system on AWS The reporters send live broadcasts to the broadcast system The reporters use software on their phones to send live streams through the Real Time Messaging Protocol (RTMP). A solutions architect must design a solution that gives the reporters the ability to send the highest quality streams. The solution must provide accelerated TCP connections back to the broadcast system. What should the solutions a use to meet these requirements? A. Amazon CloudFront B. AWS Global Accelerator C. AWS Client VPN D. Amazon EC2 Instances and AWS Elastic IP addresses .
NO.15 A company is running a media store across multiple Amazon EC2 instances distnbuted across multiple Availability Zones in a single VPC. The company wants a high-performing solution to share data between all the EC2 instances, and prefers to keep the data within the VPC only What should a solutions architect recommend? A. Create an Amazon S3 bucket and call the service APIs from each instance's application. B. Create an Amazon S3 bucket and configure all instances to access it as a mounted volume C. Configure an Amazon Elastic Block Store (Amazon EBS) volume and mount it across ail instances. D. Configure an Amazon Elastic File System (Amazon EPS) file system and mount it across all instances IT Certification Guaranteed, The Easy Way!.
NO.16 A solutions architect is designing a shared storage solution for a web application that is deployed across multiple Availability Zones. The web application runs on Amazon EC2 instances that are in an Auto Scaling group. The company plans to make frequent changes to the content. The solution must have strong consistency in returning the new content as soon as the changes occur. Which solutions meet these requirements? (Select TWO.) A. Use AWS Storage Gateway Volume Gateway Internet Small Computer Systems Interface (ISCSI) block storage that is mounted to the individual EC2 instances. B. Create an Amazon Elastic File System (Amazon EFS) file system. Mount the EFS file system on the individual EC2 instances. C. Create a shared Amazon Elastic Block Store (Amazon EBS) volume. Mount the EBS volume on the individual EC2 instances. D. Use AWS DataSync to perform continuous synchronization of data between EC2 hosts in the Auto Scaling group. E. Create an Amazon S3 bucket to store the web content. Set the metadata for the Cache-Control header to no-cache. Use Amazon CloudFront to deliver the content.
NO.17 A company wants to move from many standalone AWS accounts to a consolidated, multi-account architecture. The company plans to create many new AWS accounts for different business units The company needs to authenticate access to these AWS accounts by using a centralized corporate directory service Which combination of actions should a solutions architect recommend to meet these requirements? (Select TWO ) A. Create a new organization in AWS Organizations with all features turned on Create the new AWS accounts in the organization B. Set up an Amazon Cognito identity pool Configure AWS Single Sign-On to accept Amazon Cognito authentication C. Configure a service control policy (SCP) to manage the AWS accounts Add AWS Single Sign-On to AWS Directory Service D. Create a new organization in AWS Organizations Configure the organization's authentication mechanism to use AWS Directory Service directly E. Set up AWS Single Sign-On (AWS SSO) in the organization Configure AWS SSO and integrate it with the company's corporate directory service.
NO.18 A company receives data from millions of users totalling about 1 TB each day. The company providers its users with usage report going back 12 months. All usage data must be stored for at least 5 years to comply with regularly and auditing requirement? Which storage solution is MOST cost-effective? A. Store the data in Amazon S3 Standard Set a lifecycle Set a lifecycle rule to transmission the data S3 Glacier Deep after 1 year. Set a lifecycle rule to data the data after 5 years. B. Store the data in Amazon S3 One Zone-Infrequent Access (S3 One Zone-IA) Set a lifecycle rule to transition the data to S3 Glacier after 1 year set the lifecycle rule to delete the data after 5 years. C. Store the data in Amazon Standard Set a lifecycle rule to transmission the data to S3 Standard infrequence Access (S3 Standard-IA) after 1 year Set a lifecycle rule to delete the data after 5 years. D. Store the data in Amazon S3 Standard Set a lifecycle rule to transition the data to S3 Zone-Infrequent Access (S3 One Zones-IA) after 1 year. Set a lifecycle rule to delete the data after 5 years.
NO.19 A company wants to replicate its data to AWS to recover in the event of a disaster Today a system administrator has scripts that copy data to a NFS share Individual backup files need to be accessed with low latency by application administrators to deal with errors in processing What should a solutions architect recommend to meet these requirements? A. Modify the script to copy data to an Amazon S3 bucket instead of the on-premises NFS share B. Modify the script to copy data to an Amazon S3 Glacier Archive instead of the on-premises NFS share C. Modify the script to copy data to an Amazon Elastic File System (Amazon EFS) volume instead of the on-premises NFS share D. Modify the script to copy data to an AWS Storage Gateway for File Gateway virtual appliance instead of the on-premises NFS share.
NO.20 A company hosts its static website content from an Amazon S3 bucket in the us-east-1 Region Content is made available through an Amazon CloudFront origin pointing to that bucket Cross-Region replication is set up to create a second copy of the bucket in the ap-southeast-1 Region Management wants a solution that provides greater availability for the website Which combination of actions should a solutions architect take to increase availability'? (Select TWO) A. Add both buckets to the CloudFront origin B. Configure failover routing in Amazon Route 53 C. Create a record in Amazon Route 53 pointing to the replica bucket D. Create an additional CloudFront origin pointing to the ap-southeast-1 bucket E. Set up a CloudFront origin group with the us-east-1 bucket as the primary and the ap-southeast-1 bucket as the secondary.
NO.21 A company uses on-premises servers to host Its application. The company is running out of storage capacity. The applications use both block storage and NFS storage. The company needs a high-performing solution that supports local caching without re-architecting its existing applications Which combination of actions should a solutions architect take to meet these requirements'? (Select TWO.) A. Mount Amazon S3 as a file system to the on-premises servers B. Deploy an AWS Storage Gateway Me gateway to replace NFS storage C. Deploy AWS Snowball Edge to provision NFS mounts to on-premises servers D. Deploy an AWS Storage Gateway volume gateway to replace the block storage E. Deploy Amazon Elastic File System (Amazon EFS) volumes and mount them to on-premises servers.
NO.22 A company is designing a new web service that will run on Amazon EC2 instances behind an Elastic Load Balancer. However, many of the web service clients can only reach IP addresses whitelisted on their firewalls. What should a solutions architect recommend to meet the clients' needs? A. A Network Load Balancer with an associated Elastic IP address B. An Application Load Balancer with an associated Elastic IP address C. An A record in an Amazon Route 53 hosted zone pointing to an Elastic IP address D. An EC2 instance with a public IP address running as a proxy in front of the load balancer.
NO.23 A company runs a web-based portal that provides users with global breaking news local alerts, and weather updates The portal delivers each user a personalized view by using a mixture of static and dynamic content Content is served over HTTPS through an API server running on an Amazon EC2 instance behind an Application Load Balancer (ALB) The company wants the portal to provide this content to its users across the world as quickly as possible How should a solutions architect design the application to ensure the LEAST amount of latency for all users? A. Deploy the application stack in a single AWS Region Use Amazon CloudFront to serve all static and dynamic content by specifying the ALB as an origin B. Deploy the application stack in two AWS Regions Use an Amazon Route 53 latency routing policy to serve all content from the ALB in the closest Region C. Deploy the application stack in a single AWS Region Use Amazon CloudFront to serve the static content Serve the dynamic content directly from the ALB D. Deploy the application stack in two AWS Regions Use an Amazon Route 53 geolocation routing policy to serve all content from the ALB in the closest Region.
NO.24 A company's web application uses an Amazon RDS PostgreSQL DB instance to store its application data During the financial closing period at the start of every month, Accountants run large queries that impact the database's performance due to high usage The company wants to minimize the impact that the reporting activity has on the web application What should a solutions architect do to reduce the impact on the database with the LEAST amount of effort? A. Create a read replica and direct reporting traffic to the replica B. Create a Multi-AZ database and direct reporting traffic to the standby C. Create a cross-Region read replica and direct reporting traffic to the replica. D. Create an Amazon Redshift database and direct reporting traffic to the Amazon Redshift database.
NO.25 A company hosts multiple production applications. One of the applications consists of resources from Amazon EC2. AWS Lambda. Amazon RDS. Amazon Simple Notification Service (Amazon SNS), and Amazon Simple Queue Service (Amazon SOS) across multiple AWS Regions. All company resources are tagged with a tag name of "application" and a value that corresponds to each application. A solutions architect must provide the quickest solution for identifying all of the tagged components. Which solution meets these requirements? A. Use AWS CloudTrail to generate a list of resources with the application tag. B. Use the AWS CLI to query each service across all Regions to report the tagged components. C. Run a query in Amazon CloudWatch Logs Insights to report on the components with the application tag. D. Run a query with the AWS Resource Groups Tag Editor to report on the resources globally with the application tag.
NO.26 Some of the company's customers are retrieving records frequently, leading to an increase in costs for the company. The company wants to limit retrieved requests in the future. The company also wants to ensure that if one customer reaches its retrieval limit other customers will not affected. Which solution will meet these requirements? A. Set up server-side throttling limits for API Gateway. B. Limit DynamoDB read throughput on the table lo an amount that results m the maximum cost that the company is willing to incur. C. Set up a usage plan for API Gateway Implement throttling limits tor each customer. and distribute API keys to each customer D. Set up AWS Budgets. Monitor the usage of API Gateway and DynamoDB Configure an alarm to provide an alert when the cost exceeds a certain threshold each month.
NO.27 A company built an application with Docker containers and needs to run the application in the AWS Cloud. The company wants to use a managed service to host the application. The solution must scale in and out appropriately according to demand on the individual container services. The solution also must not result in additional operational overhead or infrastructure to manage. Which solutions will meet these requirements? (Select TWO.) A. Use Amazon Elastic Container Service (Amazon ECS) with AWS Fargate. B. Use Amazon Elastic Kubernetes Service (Amazon EKS) with AWS Fargate. C. Provision an Amazon API Gateway API. Connect the API to AWS Lambda to run the containers. D. Use Amazon Elastic Container Service (Amazon ECS) with Amazon EC2 worker nodes. E. Use Amazon Elastic Kubernetes Service (Amazon EKS) with Amazon EC2 worker nodes.
NO.28 A media company is evaluating the possibility ot moving rts systems to the AWS Cloud The company needs at least 10 TB of storage with the maximum possible I/O performance for video processing. 300 TB of very durable storage for storing media content, and 900 TB of storage to meet requirements for archival media that is not in use anymore Which set of services should a solutions architect recommend to meet these requirements? A. Amazon EBS for maximum performance, Amazon S3 for durable data storage, and Amazon S3 Glacier for archival storage B. Amazon EBS for maximum performance, Amazon EFS for durable data storage and Amazon S3 Glacier for archival storage C. Amazon EC2 instance store for maximum performance. Amazon EFS for durable data storage and Amazon S3 for archival storage D. Amazon EC2 Instance store for maximum performance. Amazon S3 for durable data storage, and Amazon S3 Glacier for archival storage.
NO.29 A company's application is running on Amazon EC2 instances within an Auto Scaling group behind an Elastic Load Balancer Based on the application's history the company anticipates a spike in traffic during a holiday each year A solutions architect must design a strategy to ensure that the Auto Scaling group proactively increases capacity to minimize any performance impact on application users. Which solution will meet these requirements'? A. Create an Amazon CloudWatch alarm to scale up the EC2 instances when CPU utilization exceeds 90% B. Create a recurring scheduled action to scale up the Auto Scaling group before the expected period of peak demand C. Increase the minimum and maximum number of EC2 instances in the Auto Scaling group during the peak demand period D. Configure an Amazon Simple Notification Service (Amazon SNS) notification to send alerts when there are autoscaling EC2_INSTANCE_LAUNCH events.
NO.30 A company plant to host a survey website on AWS The company anticipates an unpredictable amount of traffic This traffic results m asynchronous updates to the database. The company wants to ensure mat writes to the database hosted on AWS do not gel dropped How should the company write its application to hand to these database requests? A. Configure the application to publish to an Amazon Simple Notification Service (Amazon SNS) topic Subscribe the database to the SNS topic. B. Configure the application to subscribe to an Amazon Simple Notification Service (Amazon SNS) topic. Publish the database updates to the SNS topic C. Use Amazon Simple Queue Service (Amazon SOS) FIFO queues to queue the database connection until the database has resources to wrist the data. D. Use Amazon Simple Queue Service (Amazon SOS) FIFO queues tor capturing the writes and draining the queue as each write is made to the database.
NO.31 A company allows users to upload and store photos through its website The website has users from all around the world. All images that users upload are stored in a centralized Amazon S3 bucket The company wants to increase the speed in which its entire user base can upload photos through the website. What should a solutions architect recommend to meet these requirements? A. Create an Amazon CloudFront distribution. Use the Amazon S3 Standard storage class to store files B. Create an Amazon CloudFront distribution. Configure the distribution settings and origin. C. Configure S3 Transfer Acceleration on the S3 bucket Use the standard S3 endpoint to upload files D. Configure S3 Transfer Acceleration on the S3 bucket Use the S3 Accelerate endpoint to upload files.
NO.32 A company wants to migrate its accounting system from an on-premises data center to the AWS Cloud m a single AWS Region. Data security and an immutable audit log are the top priorities. The company must monitor all AWS activities for compliance auditing. The company that enabled AWS CloudTrail but wants to make sure it meets meat requirements Which actions should a solutions architect take lo protect and secure CloudTrail? (Select TWO.) A. Enable CloudTrail log file validation. B. Enable the CloudTrail Proceeding Library. C. Enable logging of Insights events in CloudTrail. D. Enable custom logging from the on-premises resources E. Create an AWS Config rule to monitor whether CloudTrail is configured to use server-side encryption with AWS KMS managed encryption keys (SSE-KMS).
NO.33 A company runs a web application that is backed by Amazon RDS. A new database administrator caused data loss by accidentally editing information in a database table To help recover from this type of incident, the company wants the ability to restore the database to its state from 5 minutes before any change within the last 30 days. Which feature should the solutions architect include in the design to meet this requirement? A. Read replicas B. Manual snapshots C. Automated backups D. Multi-AZ deployments.
NO.34 A social media company allows users to upload images to its website. The website runs on Amazon EC2 instances. During upload requests, the website resizes the images to a standard size and stores the resized images in Amazon S3. Users are experiencing slow upload requests to the website. The company needs to reduce coupling within the application and improve website performance A solutions architect must design the most operationally efficient process for image uploads Which combination of actions should the solutions architect take to meet these requirements'? (Select TWO.) A. Configure the application to upload images to S3 Glacier. B. Configure the web server to upload the original images to Amazon S3. C. Configure the application to upload images directly from each user's browser to Amazon S3 through the use of a pre signed URL. D. Configure S3 Event Notifications to invoke an AWS Lambda function when an image is uploaded. Use the function to resize the image E. Create an Amazon Event Bridge (Amazon CloudWatch Events) rule that invokes an AWS Lambda function on a schedule to resize uploaded images.
NO.35 A company used an AWS Direct Connect connection to copy 1 PB of data from a colocation facility to an Amazon S3 bucket in the us-east-1 Region. The company now wants to copy the data to another S3 bucket in the us-weet-2 Region. Which solution will meet this requirement? A. Use an AWS Snowball Edge Storage Optimized device to copy the data from the colocation facility to ua-weet-2 B. Use the S3 console to copy the data horn the source S3 bucket to the target S3 bucket. C. Use S3 Transfer Acceleration and the S3 copy-object command to copy the data from the source S3 bucket to the target S3 bucket D. Add an S3 Cross-Region Replication configuration to copy the data from the source S3 bucket to the target S3 bucket.
NO.36 A company has a corporate network on premises and has three VPCs in the AWS Cloud. The company has one VPC each for development, test, and, production. The company wants its system administrators to security gain remote command-line access from the corporate network to Amazon EC2 instances in the VPCs. Which solution meets these requirements MOST cost-effectively? A. Set up a VPN connection between the corporate network and each of the three VPCs by using AWS VPN Use Remote Desktop Protocol (RDP) or SSH over the VPN connection to access the EC2 instances remotely. B. Configure the EC2 instances to use an instance profile that trusts AWS Systems Manager Use Systems Manager Session Manager to gain console access to the EC2 instances C. Create a new VPC Purchase and install a virtual router from AWS Marketplace Establish a VPN connection from the corporate network to this router. Establish another VPN connection from the 'outer to the other three VPCs Use Remote Desktop Protocol (RDP) or SSH over the VPN connection to access the EC2 instances remotely. D. Create a new VPC Establish a VPN connection to the new VPC. Configure peering connections between the new VPC and the existing VPCs In the new VPC create an EC2 bastion host to serve as a jump box lo EC2 instances in the other VPCs Use Remote Desktop Protocol (RDP) or SSH over the VPN connection to the bastion host.
NO.37 A company has a Windows-based application that must be migrated to AWS. The application requires the use of a shared Windows Me system attached to multiple Amazon EC2 Windows instances that are deployed across multiple Availability Zones What should a solutions architect do to meet this requirement? A. Configure AWS Storage Gateway in volume gateway mode Mount the volume to each Windows instance B. Configure Amazon FSx for Windows File Server Mount the Amazon FSx file system to each Windows instance C. Configure a file system by using Amazon Elastic File System (Amazon EFS) Mount the EPS file system to each Windows instance D. Configure an Amazon Elastic Block Store (Amazon EBS) volume with the required size Attach each EC2 instance to the volume Mount the file system within the volume to each Windows instance.
NO.38 A company wants to build an immutable infrastructure for its software applications The company wants to test the software applications before sending traffic to them The company seeks an efficient solution that limits the effects of application bugs Which combination of steps should a solutions architect recommend? {Select TWO) A. Use AWS Cloud Formation to update the production infrastructure and roll back the stack if the update fails B. Apply Amazon Route 53 weighted routing to test the staging environment and gradually increase the traffic as the tests pass C. Apply Amazon Route 53 failover routing to test the staging environment and fail over to the production environment if the tests pass D. Use AWS Cloud Formation with a parameter set to the staging value in a separate environment other than the production environment E. Use AWS Cloud Formation to deploy the staging environment with a snapshot deletion policy and reuse the resources in the production environment if the tests pass.
NO.39 A company has a service that produces event data. The company wants to use AWS to process the event data as it is received. The data is written in a specific order that must be maintained throughout processing. The company wants to implement a solution that minimizes operational overhead. How should a solutions architect accomplish this? A. Create an Amazon Simple Queue Service (Amazon SQS) FIFO queue to hold messages Set up an AWS Lambda function to process messages from the queue B. Create an Amazon Simple Notification Service (Amazon SNS) topic to deliver notifications containing payloads to process Configure an AWS Lambda function as a subscriber. C. Create an Amazon Simple Queue Service (Amazon SQS) standard queue to hold messages. Set up an AWS Lambda function to process messages from the queue independently D. Create an Amazon Simple Notification Service (Amazon SNS) topic to deliver notifications containing payloads to process. Configure an Amazon Simple Queue Service (Amazon SQS) queue as a subscriber.
NO.40 A bicycle sharing company is developing a multi-tier architecture to track the location of its bicycles during peak operating hours The company wants to use these data points in its existing analytics platform A solutions architect must determine the most viable multi-tier option to support this architecture The data points must be accessible from the REST API. Which action meets these requirements for storing and retrieving location data? A. Use Amazon Athena with Amazon S3 B. Use Amazon API Gateway with AWS Lambda C. Use Amazon QuickSight with Amazon Redshift. D. Use Amazon API Gateway with Amazon Kinesis Data Analytics .
NO.41 A company is using AWS Key Management Service (AWS KMS) customer master keys (CMKs) to encrypt AWS Lambda environment variables A solutions architect needs to ensure that the required permissions are in place to decrypt and use the environment variables. Which steps must the solutions architect take to implement the correct permissions? (Select TWO.) A. Add AWS KMS permissions in the Lambda resource policy B. Add AWS KMS permissions in the Lambda execution role C. Add AWS KMS permissions in the Lambda function policy. D. Allow the Lambda execution role in the AWS KMS key policy E. Allow the Lambda resource policy in the AWS KMS key policy.
NO.42 A company's website is used to sell products to the public The site runs on Amazon EC2 instances in an Auto Scaling group behind an Application Load Balancer (ALB) There is also an Amazon CloudFront distribution and AWS WAF Is being used to protect against SQL injection attacks The ALB is the origin for the CloudFront distribution A recent review of security logs revealed an external malicious IP that needs to be blocked from accessing the website What should a solutions architect do to protect the application? A. Modify the network ACL on the CloudFront distribution to add a deny rule for the malicious IP address B. Modify the configuration of AWS WAF to add an IP match condition to block the malicious IP address C. Modify the network ACL for the EC2 instances in the target groups behind the ALB to deny the malicious IP address D. Modify the security groups for the EC2 instances in the target groups behind the ALB to deny the malicious IP address.
NO.43 A company is planning to store sensitive documents in an Amazon S3 bucket. The documents must be encrypted al rest. The company wants to manage the underlying keys that are used lor encryption However, the company does not want to manage the encryption and decryption process. Which solutions will meet these requirements? (Select TWO.) A. Use server-side encryption with customer-provided encryption keys (SSE-C). B. Use client-side encryption with AWS managed keys. C. Use server-side encryption with S3 managed encryption keys (SSE-S3). D. Use server-side encryption with AWS KMS managed encryption keys (SSE-KMS) with a key policy document that is 40 KB in size E. Use server-side encryption with AWS KMS managed encryption keys (SSE-KMS) that the company uploads to AWS KMS.
NO.44 A company manages and runs a critical data management application in containers that are hosted on Amazon Elastic Container Service (Amazon ECS). The application has endpoints that are exposed through Application Load Balancers (ALBs). The application uses an Amazon Elastic File System (Amazon EFS) file system mount for persistent data storage. The company has configured Amazon ECS to use a minimal IAM instance role. Which combination of actions should a solutions architect take to improve the overall security posture of the application? (Select TWO.) A. Decompose the Amazon ECS IAM instance role. Use only ECS task roles. B. Enable EFS encryption in transit to protect data that is being written to Amazon EFS. C. Use AWS Config to define patch management policies on the container instances. D. Use Amazon Macie integration with Amazon EFS to monitor and protect sensitive information in the file system. E. Use Amazon GuardDuty to authenticate data access between the ALBs and the container instances.
NO.45 A company runs an application on a group of Amazon Linux EC2 instances. For compliance reasons, the company must retain all application log files for 7 years. The log files will be analyzed by a reporting tool that must be able to access all the files concurrently. Which storage solution meets these requirements MOST cost-effectively? A. Amazon Elastic Block Store (Amazon EBS) B. Amazon Elastic File System (Amazon EFS) C. Amazon EC2 instance store D. Amazon S3 .
NO.46 A company uses GPS trackers to document the migration patterns of thousands of sea turtles The trackers check every 5 minutes to see if a turtle has moved more than 100 yards (91 4 meters) If a turtle has moved its tracker sends the new coordinates to a web application running on three Amazon EC2 instances that are in multiple Availability Zones in one AWS Region Recently, the web application was overwhelmed while processing an unexpected volume of tracker data Data was lost with no way to replay the events A solutions architect must prevent this problem from happening again and needs a solution with the least operationa overhead What should the solutions architect do to meet these requirements'' A. Create an Amazon S3 bucket to store the data Configure the application to scan for new data in the bucket for processing B. Create an Amazon API Gateway endpomt to handle transmitted location coordinates Use an AWS Lambda function to process each item concurrently C. Create an Amazon Simple Queue Service (Amazon SQS) queue to store the incoming data Configure the application to poll for new messages for processing D. Create an Amazon DynamoDB table to store transmitted location coordinates Configure the application to query the table for new data for processing Use TTL to remove data that has been processed.
NO.47 A social media company is building a feature tor its website. The feature will give users the ability to upload photos. The company expects significant increases in demand during large events and must ensure that the website can handle the upload traffic from users. Which solution meets these requirements with the MOST scalability? A. Upload files from the user's browser to the application servers Transfer the files to an Amazon S3 bucket. B. Provision an AWS Storage Gateway file gateway. Upload files directly from the user's browser to the file gateway. C. Generate Amazon S3 presigned URLs in the application. Upload files directly from the user's browser into an S3 bucket D. Provision an Amazon Elastic File System (Amazon EFS) file system. Upload files directly from the user's browser to the file system.
NO.48 A company allows its developers to attach existing IAM policies to existing IAM roles to enable faster experimentation and agility. However, the security operations team is concerned that the developers could attach the existing administrator policy, which would allow the developers to circumvent any other security policies. How should a solution architect address this issue? A. Create an Amazon SNS topic to send an alert every time a developer create a new policy. B. Use service control policies to disable IAM across all account in the organizational unit. C. Prevent the developers from attaching any policies and duties to the security option team. D. Set an IAM permission boundary on the developer IAM role that explicitly dries of attaching the administrator policy.
NO.49 A company uses a simple state website and wants to host it on AWS. The company already has a domain that it uses for email. The company needs a hosting solution that supports HTTPS. Which solution will meet these requirements MOST cost-effectively? A. Create an Amazon S3 bucket with a name to match the website. Upload the website to the S3 bucket. Set up website hosting for the S3 bucket. Set up the DNS to point to the S3 website endpoint. B. Create an Amazon S3 bucket upload the website to the S3 bucket. Set up an HTTPS certificate by using AWS Certificate Manage (ACM). Create in Amazon CloudFront distribution for the S3 bucket and choose Price Class All. C. Set up an open-source content management system (CMS) from AWS Marketplace Deploy the CMS across two Availability Zones Copy the website onto the CMS Set up the DNS to point to me CMS D. Create an Amazon S3 bucket Upload the website to the S3 bucket Sat up an HTTPS certificate by using AWS Certifcate Manager (ACM) Create an Amazon CloudFront distribution for the S3 bucket and choose Price Class 100 Point to the CloudFront distribution .
NO.50 A company is running an ASP.NET MVC application on a single Amazon EC2 instance. A recent increase in application traffic is causing slow response times for users during lunch hours. The company needs to resolve this concern with the least amount of configuration. What should a solutions architect recommend to meet these requirements? A. Move the application to AWS Elastic Beanstalk. Configure load-based auto scaling and time-based scaling to handle scaling during lunch hours B. Move the application to Amazon Elastic Container Service (Amazon ECS) Create an AWS Lambda function to handle scaling during lunch hours. C. Move the application to Amazon Elastic Container Service (Amazon ECS). Configure scheduled scaling for AWS Application Auto Scaling during lunch hours. D. Move the application to AWS Elastic Beanstalk. Configure load-based auto scaling and create an AWS Lambda function to handle scaling during lunch hours. .
NO.51 A company needs to save the results from a medical trial to an Amazon S3 repository. The repository must allow a few scientists to add new dies and must restrict all other users to read-only access No users can have the ability to modify or delete any files in the repository. The company must heap every lie in the repository for a minimum of 1 year after its creation date. Which solution will meet these requirements? A. Use S3 Object Lock In governance mode with a legal hold of 1 year B. Use S3 Object Lock in compliance mode with a retention period of 365 days C. Use an IAM role to restrict all users from deleting or changing objects in the S3 bucket Use an S3 bucket policy to only allow the IAM role D. Configure the S3 bucket to invoke an AWS Lambda function every tune an object is added Configure the function to track the hash of the saved object to that modified object can be marked accordingly.
NO.52 A company needs to connect its on-premises data center network to a new VPC. The data center network has a 100 Mbps symmetrical internet connection. An application that is running on premises will transfer multiple gigabytes of data each day. The application will use an Amazon Kinesis Data Firehose delivery stream for processing What should a solutions architect recommend for maximum performance? A. Create a VPC peering connection between the on-premises network and the VPC Configure routing for the on-premises network to use the VPC peering connection. B. Procure an AWS Snowball Edge Storage Optimized device. After several days' worth of data has accumulated, copy the data to the device and ship the device to AWS for expedited transfer to Kinesis Data Firehose Repeat as needed C. Create an AWS Site-to-Site VPN connection between the on-premises network and the VPC Configure BGP routing between the customer gateway and the virtual private gateway. Use the VPN connection to send the data from on premises to Kinesis Data Firehose. D. Use AWS PrivateLink to create an interface VPC endpoint for Kinesis Data Firehose in the VPC. Set up a 1 Gbps AWS Direct Connect connection between the on-premises network and AWS Use the PrivateLink endpoint to send the data from on premises to Kinesis Data Firehose.
NO.53 A company offers a food delivery service that is growing rapidly Because of the growth the company's order processing system is experiencing scaling problems during peak traffic hours. The current architecture includes the following; * A group of Amazon EC2 instances that run in an Amazon EC2 Auto Scaling group to collect orders from the application * Another group of EC2 instances that run in an Amazon EC2 Auto Scaling group to fulfill orders The order collection process occurs quickly, but the order fulfillment process can take longer Data must not be lost because of a scaling event A solutions architect must ensure that the order collection process and the order fulfillment process can both scale properly during peak traffic hours The solution must optimize utilization of the company's AWS resources Which solution meets these requirements'? A. Use Amazon CloudWatch metrics to monitor the CPU of each instance in the Auto Scaling groups. Configure each Auto Scaling group's minimum capacity according to peak workload values B. Use Amazon CloudWatch metrics to monitor the CPU of each instance in the Auto Scaling groups Configure a CloudWatch alarm to invoke an Amazon Simple Notification Service (Amazon SNS) topic that creates additional Auto Scaling groups on demand C. Provision two Amazon Simple Queue Service (Amazon SQS) queues one for order collection and another for order fulfillment Configure the EC2 instances to poll their respective queue Scale the Auto Scaling groups based on notifications that the queues send D. Provision two Amazon Simple Queue Service (Amazon SQS) queues one for order collection and another for order fulfillment. Configure the EC2 instances to poll their respective queue. Create a metric based on a backlog per instance calculation Scale the Auto Scaling groups based on this metric.
NO.54 A company runs a shopping application that uses Amazon DynamoDB to store customer information. In case of data corruption, a solutions architect needs to design a solution that meets a recovery point objective (RPO) of 15 minutes and a recovery time objective (RTO> of 1 hour. What should the solutions architect recommend to meet these requirements? A. Configure DynamoDB global tables. For RPO recovery, point the application to a different AWS Region. B. Configure DynamoDB point-in-time recovery. For RPO recovery, restore to the desired point in time. C. Export the DynamoDB data to Amazon S3 Glacier on a daily basis. For RPO recovery, import the data from S3 Glacier to DynamoDB. D. Schedule Amazon Elastic Block Store (Amazon EBS) snapshots for the DynamoDB table every 15 minutes. For RPO recovery, restore the DynamoDB table by using the EBS snapshot.
NO.55 A solution architect has configured the following IAM policy. Which action will be allowed by the policy? A. An AWS Lambda function can be deleted from any network. B. An AWS Lambda function can be created from any network. C. An AWS Lambda function can be deleted from the 100.220.0.0/20 network. D. An AWS Lambda function can be deleted from the 220.100.16.0/20 network .
NO.56 A solutions architect plans to convert a company's monolithic web application into a multitier application The company wants to avoid managing its own Infrastructure The minimum requirements for the web application are high availability, scalability, and regional low latency during peak hours The solution should also store and retrieve data with millisecond latency using the application's API. Which solution meets these requirements? A. Use AWS Fargate to host the web application with backend Amazon RDS Multi-AZ DB instances B. Use Amazon API Gateway with an edge-optimized API endpoint. AWS Lambda for compute, and Amazon DynamoDB as the data store C. Use an Amazon Route 53 routing policy with geolocation that points to an Amazon S3 bucket with static website hosting and Amazon DynamoDB as the data store D. Use an Amazon CloudFront distribution that points to an Elastic Load Balancer with an Amazon EC2 Auto Scaling group, along with Amazon RDS Multi-AZ DB instances .
NO.57 A company is planning to migrate a TCP-based application into the company's VPC The application is publicly accessible on a nonstandard TCP port through a hardware appliance in the company's data center. This public endpoint can process up to 3 million requests per second with low latency. The company requires the same level of performance for the new public endpoint in AWS. What should a solutions architect recommend to meet this requirement? A. Deploy a Network Load Balancer (NLB). Configure the NLB to be publicly accessible over the TCP port that the application requires. B. Deploy an Application Load Balancer (ALB). Configure the ALB to be publicly accessible over the TCP port that the application requires C. Deploy an Amazon CloudFront distribution that listens on the TCP port that the application requires Use an Application Load Balancer as the origin. D. Deploy an Amazon API Gateway API that is configured with the TCP port that the application requires. Configure AWS Lambda functions with provisioned concurrency to process the requests.
NO.58 A company has an on-premises MySQL database used by the global tales team with infrequent access patterns. The sales team requires the database to have minimal downtime. A database administrate wants to migrate this database to AWS without selecting a particular instance type in anticipation of more users In the future. Which service should a solutions architect recommend? A. Amazon Aurora MySQL B. Amazon Aurora Serverless tor MySQL C. Amazon Redshift Spectrum D. Amazon RDS for MySQL.
NO.59 A solutions architect must design a database solution for a high-traffic ecommerce web application. The database stores customer profiles and shopping cart information. The database must support a peak load of several million requests each second and deliver responses in milliseconds The operational overhead for managing and scaling the database must be minimized Which database solution should the solutions architect recommend? A. Amazon Aurora B. Amazon DynamoDB C. Amazon RDS D. Amazon Redshift.
NO.60 A company captures ordered clickstream data from multiple websites and uses batch processing to analyze the data. The company receives 100 million event records, all approximately 1 KB in size, each day. The company loads the data into Amazon Redshift each night, and business analysts consume the data. The company wants to move toward near-real-time data processing for timely insights. The solution should process the streaming data while requiring the least possible operational overhead. Which combination of AWS services will meet these requirements MOST cost-effectively? (Select TWO.) A. Amazon EC2 B. AWS Batch C. Amazon Simple Queue Service (Amazon SQS) D. Amazon Kinesis Data Firehose E. Amazon Kinesis Data Analytics .
NO.61 A company has an application in which users create a large number of files The company plans to migrate the application from its on-premises data center to AWS Currently, the application uploads the files to a shared storage system A separate fleet of servers then processes the files Access to the files is controlled through Linux file system permissions The company needs to migrate the fleet of servers to Amazon EC2 instances The company must maximize storage scalability and durability without changing the code of the existing application Which solution will meet these requirements? A. Migrate the files to an Amazon S3 bucket Mount the S3 bucket on the EC2 instances B. Migrate the files to a set of Amazon EC2 instance store volumes Mount the instance store volumes on the EC2 instances C. Migrate the files to a set of Amazon Elastic Block Store (Amazon EBS) volumes Mount the EBS volumes on the EC2 instances D. Migrate the files to an Amazon Elastic File System (Amazon EFS) file system Mount the EFS file system on the EC2 instances.
NO.62 A company has an Amazon S3 bucket that contains mission-critical data. The company wants to ensure this data is protected from accidental deletion. The data should still be accessible, and a user should be able to delete the data internationally. Which combination of steps should a solutions architect take to accomplish this? (Select TWO.) A. Enable versioning on the S3 bucket. B. Enable MFA Delete on the S3 bucket. C. Create a bucket policy on the S3 bucket D. Enable default encryption on the S3 bucket. E. Create a lifecycle policy for the objects in the S3 bucket.
NO.63 A company runs an online ticketing application with backend services that run on Amazon EC2 instances. The EC2 instances belong to an Auto Scaling group and run behind an Application Load Balancer. The application experiences periods of high user traffic when a popular event is posted online. The company wants a solution that will be able to handle increases in user traffic without affecting the user experience. What should a solutions architect do to meet these requirements? A. Configure a scheduled scaling policy for peak hours with a recurrence schedule set to every day. B. Configure a target tracking scaling policy that uses the average aggregate CPU utilization target metric. C. Configure a step scaling policy that is based on an Amazon CloudWatch alarm that monitors CPU utilization. D. Configure an Application Load Balancer health check that increases the Auto Scaling group capacity whenever the application returns HTTP 503 error codes.
NO.64 A company's website hosted on Amazon EC2 instances processes classified data stored in Amazon S3. Due to security concerns, the company requires a private and secure connection between its EC2 resources and Amazon S3. Which solution meets these requirements? A. Set up S3 bucket policies to allow access from a VPC endpoint B. Set up an IAM policy to grant read-write access to the S3 bucket, C. Set up a NAT gateway to access resources outside the private subnet D. Set up an access key ID and a secret access key to access the S3 bucket.
NO.65 A company is migrating Us applications to AWS Currently applications that run on premises generate hundreds of terabytes of data that is stored on a shared file system The company Is running an analytics application in the cloud that runs hourly to generate Insights from this data The company needs a solution to handle the ongoing data transfer between the on-premises shared file system and Amazon S3 The solution also must be able to handle occasional interruptions m internet connectivity Which solution should the company use for the data transfer to meet these requirements? A. AWS DataSync B. AWS Migration Hub C. AWS Snowball Edge Storage Optimized D. AWS Transfer for SFTP.
NO.66 Organizers for a global event want to put daily reports online as static HTML pages. The pages are expected to generate millions of views from users around the work. The files are stored in an Amazon S3 Ducket A solutions architect has been asked to design an efficient and effective solution Which action should the solutions architect take to accomplish this? A. Generate presigned URLs for the files B. Use cross-Region replication to all Regions C. Use the geoproximity feature of Amazon Route 53 D. Use Amazon CloudFront with the S3 bucket as its origin.
NO.67 A media streaming company collects real-time data and stores it in a disk-optimized database system. The company is not getting the expected throughput and wants an m-memory database storage solution that performs faster and provides high availability using data replication. Which database should a solutions architect recommend? A. Amazon RDS for MySQL B. Amazon RDS for PostgreSQL C. Amazon ElastiCache for Redis D. Amazon ElastiCache for Memcached.
NO.68 An ecommerce company has noticed performance degradation of its Amazon RDS based web application The performance degradation is attributed to an increase in the number of read-only SQL queries triggered by business analysts A solutions architect needs to solve the problem with minimal changes to the existing web application What should the solutions architect recommend'' A. Export the data to Amazon DynamoDB and have the business analysts run their queries B. Load the data into Amazon ElastiCache and have the business analysts run their queries C. Create a read replica of the primary database and have the business analysts run their queries D. Copy the data into an Amazon Redshift cluster and have the business analysts run their queries.
NO.69 A company build an application that gives users the ability to check in to places they visit, rank the places and add reviews about their experiences. The application is successful and is experiencing a rapid increase in the number of users every month. The company uses a single Amazon RDS for MySQL DB instance for its database. The company fears that the database might not be able to handle the load for the upcoming month because the DB instance has activated alarms that are related to resource exhaustion. A solutions architect must design a solution that prevents service interruptions at the database layer. The solutions architect also must minimize any changes to code. Which solution meets these requirements? A. Create RDS read replicas. Redirect read-only traffic to the read replica endpoints B. Create an Amazon EMR cluster. Migrate the data to a Hadoop Distributed File System (HDFS) with a replication factor of 3 C. Create an Amazon ElastiCache cluster. Redirect all read-only traffic to the cluster. Set up the cluster to be deployed in three Availability Zones D. Turn on the Multi-AZ feature for the DB instance. Redirect read-only traffic to the standby replica endpoint.
NO.70 A solutions architect needs to design a system to store client case files. The tiles are core company assets and are important. The number of tiles will grow over time. The files must be simultaneously accessible from multiple application servers that run on Amazon EC2 instances. The solution must have built-in redundancy. Which solution meets these requirements? A. Amazon Elastic File System (Amazon EFS) B. Amazon Elastic Block Store (Amazon EBS) C. Amazon S3 Glacier Deep Archive D. AWS Backup .
NO.71 A solutions architect wants all new users to have specific complexity requirements and mandatory rotation periods tor IAM user passwords What should the solutions architect do to accomplish this? A. Set an overall password policy for the entire AWS account B. Set a password policy for each IAM user in the AWS account C. Use third-party vendor software to set password requirements D. Attach an Amazon CloudWatch rule to the Create_newuser event to set the password with the appropriate requirements.
NO.72 A company is building a shopping application on AWS. The application offers a catalog that changes once each month and needs to scale with traffic volume. The company wants the lowest possible latency from the application. Data from each user's shopping cart needs to be highly available. User session data must be available even if the user is disconnected and reconnects. What should a solutions architect do to ensure that the shopping cart data is preserved at all times? A. Configure an Application Load Balancer to enable the sticky sessions feature (session affinity) for access to the catalog in Amazon Aurora. B. Configure Amazon ElastiCache for Redis to cache catalog data from Amazon DynamoDB and shopping cart data from the user's session. C. Configure Amazon Elasticsearch Service (Amazon ES) to cache catalog data from Amazon DynamoDB and shopping can data from the user's session. D. Configure an Amazon EC2 instance with Amazon Elastic Block Store (Amazon EBS) storage for the catalog and shopping cart. Configure automated snapshots.
NO.73 A company is preparing to store confidential data in Amazon S3 For compliance reasons the data must be encrypted at rest Encryption key usage must be logged tor auditing purposes. Keys must be rotated every year. Which solution meets these requirements and the MOST operationally efferent? A. Server-side encryption with customer-provided keys (SSE-C) B. Server-side encryption with Amazon S3 managed keys (SSE-S3) C. Server-side encryption with AWS KMS (SSE-KMS) customer master keys (CMKs) with manual rotation D. Server-side encryption with AWS KMS (SSE-KMS) customer master keys (CMKs) with automate rotation.
NO.74 A company recently expanded globally and wants to make its application accessible to users in those geographic locations. The application is deployed on Amazon EC2 instances behind an Application Load Balancer in an Auto Scaling group. The company needs the ability to shift traffic from resources in one region to another. What should a solutions architect recommend? A. Configure an Amazon Route 53 latency routing policy. B. Configure an Amazon Route 53 geolocation routing policy. C. Configure an Amazon Route 53 geoproximity routing policy. D. Configure an Amazon Route 53 multivalue answer routing policy.
NO.75 A website runs a web application that receives a burst of traffic each day at noon. The users upload new pictures and context daily, but have complaining of timeout. The architect uses Amazon EC2 Auto Scaling groups, and the custom application consistently takes 1 minutes to initiate upon boot up before responding to user requests. How should a solutions architect redesign the architect to better respond to changing traffic? A. Configure a Network Load Balancer with a slow start configuration. B. Configure AWS ElastiCache for Redis to offload direct requests to the servers. C. Configure an Auto Scaling step scaling policy with an instance warmup condition. D. Configure Amazon CloudFront to use an Application Load Balancer as the origin.
NO.76 A solutions architect is redesigning a monolithic application to be a loosely coupled application composed of two microservices: Microservice A and Microservice B Microservice A places messages in a mam Amazon Simple Queue Service (Amazon SOS) queue for Microservice B to consume When Microservice B fails to process a message after four retries, the message needs to be removed from the queue and stored for further investigation. What should the solutions architect do to meet these requirements? A. Create an SQS dead-letter queue Microservice B adds failed messages to that queue after it receives and fails to process the message four times. B. Create an SQS dead-letter queue Configure the main SQS queue to deliver messages to the deadletter queue after the message has been received four times. C. Create an SQS queue for failed messages Microservice A adds failed messages to that queue after Microservice B receives and fails to process the message four times. D. Create an SQS queue for failed messages. Configure the SQS queue for failed messages to pull messages from the main SQS queue after the original message has been received four times.
NO.77 A company asks a solutions architect to design a new network architecture for its on-premises applications. The company has five application VPCs Each application VPC supports a different application. All the application VPCs need to reach a shared services VPC for enterprise services. The application VPCs need to communicate with each other. The number of VPCs will increase as the company grows The company needs a solution that minimizes operational overhead during setup and maintenance Which solution will meet these requirements? A. Use VPC endpoint services from the application VPCs to reach services on the shared services VPC. B. Use VPC peering connections between the application VPCs and the shared services VPC. Add a peering connection and routes between the application VPCs as needed. C. Use AWS Transit Gateway to connect the shared services VPC to each of the application VPCs. Configure routing to allow the application VPCs to access the shared services network. D. Use a virtual private gateway and VPNs in each application VPC to reach the company network. Transfer the network traffic between the application VPCs by using dynamic routing to the on-premises network.
NO.78 A company is building a website that relies on reading and writing to an Amazon DynamoDB database The website experiences high traffic during normal business hours, but the traffic declines drastically overnight and during weekends The company is concerned about operating costs Which solution will meet the website's traffic demands MOST cost-effectively? A. Enable DynamoDB Accelerator (DAX) to cache the data B. Enable DynamoDB auto scaling when creating the tables. C. Enable Multi-AZ replication for the DynamoDB database D. Enable DynamoDB on-demand capacity allocation when creating the tables.
NO.79 A company is developing a mobile game that streams score updates to a backend processor and then posts results on a leaderboard A solutions architect needs to design a solution that can handle large traffic spikes process the mobile game updates in order of receipt and store the processed updates in a highly available database The company also wants to minimize the management overhead required to maintain the solution What should the solutions architect do to meet these requirements? A. Push score updates to Amazon Kinesis Data Streams Process the updates in Kinesis Data Streams with AWS Lambda Store the processed updates in Amazon DynamoDB B. Push score updates to Amazon Kinesis Data Streams Process the updates with a fleet of Amazon EC2 instances set up for Auto Scaling Store the processed updates in Amazon Redshifi C. Push score updates to an Amazon Simple Notification Service (Amazon SNS) topic Subscribe an AWS Lambda function to the SNS topic to process the updates Store the processed updates in a SQL database running on Amazon EC2 D. Push score updates to an Amazon Simple Queue Service (Amazon SQS) queue Use a fleet ofAmazon EC2 instances with Auto Scaling to process the updates in the SQS queue Store the processed updates in an Amazon RDS Multi-AZ DB instance.
NO.80 A large media company hosts a web application on AWS. The company wants to start caching confidential media files so that users around the 'world will have reliable access to the files. The content is stored in Amazon S3 buckets. The company must deliver the content quickly, regardless of where the requests originate geographically Which solution will meet these requirements? A. Use AWS DataSync to correct the S3 buckets to the web application B. Deploy AWS Global Accelerator to connect the S3 buckets to the web application C. Deploy Amazon CloudFront to connect me S3 buckets to CloudFront edge servers D. Use Amazon Simple Queue Service (Amazon SQS) to connect the S3 buckets to the web application Answer: C.
NO.81 A disaster relief company is designing a new solution to analyze real-time csv data. The data is collected by a network of thousands of research stations met are distributed across the world. The data volume is consistent and constant, and the size of each data We is 512 KB. The company needs to stream the data and analyze the data in real time. Which combination of actions should a solutions architect take to meet these requirements? (Select TWO.) A. Provision an appropriately sized Amazon Simple Queue Service (Amazon SOS) queue. Use the AWS SDK at the research stations to write the data into the SOS queue B. Provision an appropriately sized Amazon Kinesis Data Firehose delivery stream. Use the AWS SDK at the research stations to write the data into the delivery stream and then into an Amazon S3 bucket. C. Provision an appropriately sized Amazon Kinesis Data Analytics application. Use the AWS CLI to configure Kinesis Data Analytics with SOL queries D. Provision an AWS Lambda function to process the data. Set up the BatchSize property on the Lambda event source. E. Provision an AWS Lambda function to process the data. Set up an Amazon EventBridge (Amazon CloudWatch Events) cron expression rule to invoke the Lambda function.
NO.82 A company is planning to build a new web application on AWS The company expects predictable traffic most of the year and very high traffic on occasion. The web application needs to be highly available and fault tolerant with minimal latency. What should a solutions architect recommend to meet these requirements? A. Use an Amazon Route 53 routing policy to distribute requests to two AWS Regions each with one Amazon EC2 instance B. Use Amazon EC2 instances in an Auto Scaling group with an Application Load Balancer across multiple Availability Zones C. Use Amazon EC2 instances in a cluster placement group with an Application Load Balancer across multiple Availability Zones D. Use Amazon EC2 instances in a cluster placement group and include the cluster placement group within a new Auto Scaling group.
NO.83 A company is running a mission-critical application on Amazon EC2 instances henna an Application Load Balancer The instances run in an Auto Scaling group in a single AWS Region The application is using a database in Ama2on Aurora as the data tier. A recent audit revealed that the current deployment of Aurora is not highly available. What should a solutions architect do to improve the availability of the database A. Configure an Aurora Replica B. Configure storage replication. C. Configure storage auto scaling. D. Configure cross-Region replication .
NO.84 A solutions architect must transfer 750 TB of data from an on-premises network-attached file system to Amazon S3 Glacier. The migration must not saturate the on-premises 10 Mbps internet connection. Which solution will meet these requirements? A. Create an AWS Site-to-Site VPN tunnel to an S3 bucket Transfer the files directly by using the AWS CLI. B. Order 10 AWS Snowball Edge Storage Optimized devices and select an S3 Glacier vault as the destination. C. Mount the network-attached file system to an S3 bucket and copy the files directly. Create an S3 Lifecycle policy to transition the S3 objects to S3 Glacier. D. Order 10 AWS Snowball Edge Storage Optimized devices and select an S3 bucket as the destination. Create an S3 Lifecycle policy to transition the S3 objects to S3 Glacier. .
NO.85 A company runs an online marketplace web application on AWS. The application serves hundreds of thousands of users during peak hours. The company needs a scalable, near-real-time solution to share the details of millions of financial transactions with several other internal applications Transactions also need to be processed to remove sensitive data before being stored in a document database for low-latency retrieval What should a solutions architect recommend to meet these requirements? A. Store the transactions data into Amazon DynamoDB Set up a rule in DynamoDB to remove sensitive data from every transaction upon write Use DynamoDB Streams to share the transactions data with other applications B. Stream the transactions data into Amazon Kinesis Data Firehose to store data in Amazon DynamoDB and Amazon S3 Use AWS Lambda integration with Kinesis Data Firehose to remove sensitive data. Other applications can consume the data stored in Amazon S3 C. Stream the transactions data into Amazon Kinesis Data Streams Use AWS Lambda integration to remove sensitive data from every transaction and then store the transactions data in Amazon DynamoDB Other applications can consume the transactions data off the Kinesis data stream. D. Store the batched transactions data in Amazon S3 as files. Use AWS Lambda to process every file and remove sensitive data before updating the files in Amazon S3 The Lambda function then stores the data in Amazon DynamoDB Other applications can consume transaction files stored in Amazon S3.
NO.86 An Amazon EC2 administrator created the following policy associated with an IAM group containing several users What is the effect of this policy? A. Users can terminate an EC2 instance in any AWS Region except us-east-1. B. Users can terminate an EC2 instance with the IP address 10 100 100 1 in the us-east-1 Region C. Users can terminate an EC2 instance in the us-east-1 Region when the user's source IP is 10.100.100.254. D. Users cannot terminate an EC2 instance in the us-east-1 Region when the user's source IP is 10.100 100 254.
NO.87 A company is developing a serverless web application that gives users the ability to interact with real-time analytics from online games. The data from the games must be streamed in real time. The company needs a durable, low-latency database option for user data. The company does not know how many users will use the application Any design considerations must provide response times of single-digit milliseconds as the application scales. Which combination of AWS services will meet these requirements? (Select TWO.) A. Amazon CloudFront B. Amazon DynamoDB C. Amazon Kinesis D. Amazon RDS E. AWS Global Accelerator.
NO.88 A company is running a three-tier web application to process credit card payments The frontend user interface consists of static webpages The application tier can have long-running processes The database tier uses MySQL The application is currently running on a single general purpose large Amazon EC2 instance A solutions architect needs to decouple the services to make the web application highly available Which solution would provide the HIGHEST availability A. Move static assets to Amazon CloudFront Leave the application in EC2 in an Auto Scaling group Move the database to Amazon RDS to deploy Multi-AZ B. Move static assets and the application into a medium EC2 instance Leave the database on me large instance Place both instances in an Auto Scaling group C. Move static assets to Amazon S3 Move the application to AWS Lambda with the concurrency limit set Move the database to Amazon DynamoDB with on-demand enabled D. Move static assets to Amazon S3 Move the application to Amazon Elastic Container Service (Amazon ECS) containers with Auto Scaling enabled Move the database to Amazon RDS to deploy Multi-AZ.
NO.89 A solutions architect is creating a new VPC design There are two public subnets for the load balancer, two private subnets for web servers and two private subnets for MySQL. The web servers use only HTTPS The solutions architect has already created a security group tor the load balancer allowing port 443 from 0 0 0 0/0 Company policy requires that each resource has the teas! Access required to still be able to perform its tasks Which additional configuration strategy should the solutions architect use to meet these requirements? A. Create a security group for the web servers and allow port 443 from 0 00 0/0 Create a security group for the MySQL servers and allow port 3306 from the web servers security group B. Create a network ACL for the web servers and allow port 443 from 0 0 0 0*0 Create a network ACL (or the MySQL servers and allow port 3306 from the web servers security group C. Create a security group for the web servers and allow port 443 from the load balancer Create a security group for the MySQL servers and allow port 3306 from the web servers security group D. Create a network ACL 'or the web servers and allow port 443 from the load balancer Create a network ACL for the MySQL servers and allow port 3306 from the web servers security group.
NO.90 A three-tier web application processes orders from customers. The web tier consists of Amazon EC2 instances behind an Application Load Balancer, a middle tier of three EC2 instances decoupled from the web tier using Amazon SQS. and an Amazon DynamoDB backend At peak times customers who submit orders using the site have to wait much longer than normal to receive confirmations due to lengthy processing times A solutions architect needs to reduce these processing times Which action will be MOST effective in accomplishing this? A. Replace the SQS queue with Amazon Kinesis Data Firehose B. Use Amazon ElastiCache for Redis in front of the DynamoDB backend tier C. Add an Amazon CloudFront distribution to cache the responses for the web tier. D. Use Amazon EC2 Auto Scaling to scale out the middle tier instances based on the SQS queue depth.
NO.91 A company is hosting an application in its own data center The application uses Amazon S3 for data storage The application transfers several hundred terabytes of data every month to and from Amazon S3 The company needs to minimize the cost of this data transfer Which solution meets this requirement? A. Establish an AWS Direct Connect connection between the AWS Region in use and the company's data center Route traffic to Amazon S3 over the Direct Connect connection B. Establish an AWS Site-to-Site VPN connection between the company's data center and a VPC in the AWS Region in use. Create a VPC endpoint for Amazon S3 in the VPC. Route traffic to Amazon S3 over the VPN connection to the S3 endpoint. C. Create an AWS Storage Gateway file gateway Deploy the software appliance in the company's data center Configure the application to use the file gateway to store and retrieve files D. Create an FTPS server by using AWS Transfer Family. Configure the application to use the FTPS server to store and retrieve files.
NO.92 A company is planning to migrate a legacy application to AWS. The application currently uses NFS to communicate to an on-premises storage solution to store application data. The application cannot be modified to use any other communication protocols other than NFS for this purpose Which storage solution should a solutions architect recommend for use after the migration? A. AWS DataSync B. Amazon Elastic Block Store (Amazon EBS) C. Amazon Elastic File System (Amazon EFS) D. Amazon EMR File System (Amazon EMRFS).
NO.93 A company wants to host a web application on AWS that will communicate to a database within a VPC. The application should be highly available. What should a solutions architect recommend? A. Create two Amazon EC2 instances to host the web servers behind a load balancer and then deploy the database on a large instance B. Deploy a load balancer in multiple Availability Zones with an Auto Scaling group for the web servers, and then deploy Amazon RDS in multiple Availability Zones C. Deploy a load balancer in the public subnet with an Auto Scaling group for the web servers, and then deploy the database on an Amazon EC2 instance in the private subnet D. Deploy two web servers with an Auto Scaling group, configure a domain that points to the two web servers, and then deploy a database architecture in multiple Availability Zones.
NO.94 Which AWS service can a company use to store and manage Docker images? A. Amazon DynamoDB B. Amazon Kinesis Data Streams C. Amazon Elastic Container Registry (Amazon ECR) D. Amazon Elastic File System (Amazon EFS).
NO.95 A company uses an Amazon S3 bucket to store static images for its website. The company configured permissions to allow access to Amazon S3 objects by privileged users only. What should a solutions architect do to protect against data loss? (Select TWO.) A. Enable versioning on the S3 bucket B. Enable access togging on the S3 bucket. C. Enable server-side encryption on the S3 bucket. D. Configure an S3 lifecycle rule to transition objects to Amazon S3 Glacier. E. Use MFA Delete to require multi-factor authentication to delete an object.
NO.96 A company recently launched its website to servo content to its global user base. The company wants to store and accelerate the delivery of static content to its users by leveraging Amazon CloudFront with an Amazon EC2 instance attached as its origin How should a solutions architect optimize high availability tor the application? A. Use lambda@Edge for CloudFront B. Use Amazon S3 Transfer Acceleration for CloudFront C. Configure another EC2 instance m a different Availability Zone as part of the origin group D. Configure another EC2 instance as part of the origin server cluster in the same Availability Zone.
NO.97 A company is automating an order management application. The company's development team has decided to use SFTP to transfer and store the business-critical information files The files must be encrypted and must be highly available. The files also must be automatically deleted a month after they are created. Which solution meets these requirements with the LEAST operational overhead? A. Configure an Amazon S3 bucket with encryption enabled. Use AWS transfer for SFTP to securely transfer the files to the S3 bucket Apply an AWS Transfer for SFTP file retention policy to delete the files after a month B. Install an SFTP service on an Amazon EC2 instance Mount an Amazon Elastic File System (Amazon EFS) file share on the EC2 instance. Enable cron to delete the files after a month C. Configure an Amazon Elastic File System (Amazon EFS) file system with encryption enabled. Use AWS Transfer for SFTP to securely transfer the files to the EFS file system. Apply an EFS lifecycle policy to automatically delete the files after a month. D. Configure an Amazon S3 bucket with encryption enabled. Use AWS Transfer for SFTP to securely transfer the files to the S3 bucket. Apply S3 Lifecycle rules to automatically delete the files after a month.
NO.98 A company is using a VPC peering strategy to connect its VPCs in a single Region to allow for cross-communication. A recent increase in account creations and VPCs has made it difficult to maintain the VPC peering strategy, and the company expects to grow to hundreds of VPCs. There are also new requests to create site-to-site VPNs some of the VPCs. A solution architect has been tasked with creating a centrally managed networking setup for multiple account, VPCs and VPNs. Which networking solution these requirements? A. Configure shared VPCs and VPNs and share to each other. B. Configure a hub-and-spoke VPC and route all traffic through VPC peering. C. Configure an AWS Direct Connect connection between al VPCs and VPNs. D. Configure a transit gateway with Transit Gateway and connect all VPCs and VPNs.
NO.99 A company is developing a new online gaming application. The application will run on Amazon EC2 instances in multiple AWS Regions and will have a high number of globally distributed users A solutions architect must design the application to optimize network latency for the users. Which actions should the solutions architect take to meet these requirements? (Select TWO.) A. Configure AWS Global Accelerator Create Regional endpoint groups in each Region where an EC2 fleet is hosted B. Create a content delivery network (CDN) by using Amazon CloudFront Enable caching for static and dynamic content, and specify a high expiration period C. Integrate AWS Client VPN into the application. Instruct users to select which Region is closest to them after they launch the application. Establish a VPN connection to that Region D. Create an Amazon Route 53 weighted routing policy Configure the routing policy to give the highest weight to the EC2 instances in the Region that has the largest number of users. E. Configure an Amazon API Gateway endpoint in each Region where an EC2 fleet is hosted Instruct users to select which Region is closest to them after they launch the application. Use the API Gateway endpoint that is closest to them.
NO.100 Application developers have noticed that a production application is very slow when business reporting users run large production reports against the Amazon RDS instance backing the application The CPU and memory utilization metrics for the RDS instance do not exceed 60% while the reporting queries are running The business reporting users must be able to generate reports without affecting the application's performance. Which action will accomplish this? A. Increase the size of the RDS instance B. Create a read replica and connect the application to it C. Enable multiple Availability Zones on the RDS instance D. Create a read replica and connect the business reports to it.
Report abuse Terms of use
HOME
CREATE TEST
COMMENTS
STADISTICS
RECORDS
Author's Tests