Amazon Web Services (AWS) Certificate Solutions 1
1)A developer needs to be notified by email for all new object creation events in a specific amazon s3 bucket. Amazon sns will be used for sending the messages. How can be the developer enable these notifications?
Ans: create an event notification for all s3 object created api calls
2)you are a solutions architect for a multinational law firm based in london. Their operations are worldwide and they have several VPCs in the US, europe and asia regions. As part of the internal infra audit, your CTO wants to set up a single dashboard to collectively monitor all of the firm’s EC2 instances which are located in different Aws regions. Which of the following is the best option that will meet the requirement
Ans:Monitoring aws resources in multiple regions can be simply done using a single cloudwatch dashboard
3) A company has on-premises servers running a relational database . The current database serves high read traffic for users in different locations. The company wants to migrate to aws with the least amount of effort. The database solution should support disaster recovery
Ans: use a database in amazon rds with multi a-z and at least one read replica
4) An it automation architecture uses many aws lambda functions invoking one another as a large state machine. The coordiantion of this state machine is legacy custom code that breaks easily.
Ans: aws step functions
5) aws account and must secure aws account root user (choose two.)
Ans: Enable multi-factor authentication to the root user.
6) you are managing an online platform which allows people to easily buy, sell , spend, and manage their cryptocurrency. To meet the strict it audit requirements, each of the api calls on all of your aws resources shouldbe properly captured and recorded. You used cloudtrialin your vpc to help you in the compliance, operational auditing, and risk auditing of your AWS(Amazon Web Service) account.
Ans: amazon s3
7) a solutions architect is optimizing a website for an upcoming musical event. Videos of the performances will be streamed in real time
Ans: amazon cloudfront
8) A team of developers need to deploy a website for a development environment. The team do Manage the infrastructure and just need to upload node.js code to the instances.
Ans: create an aws elastic beanstalk environment
9) a company offers an online product brochure that is delivered from a static website running on amazon s3. The company’s customers are mainly in the united states, canada, and europe. The company is looking to cost-effectively reduce the latency for users in these regions.
Ans: Create an Amazon CloudFront distribution and set the price class to use only U.S, Canada and Europe.
10) a company has two accounts in an aws organization. The accounts are: prod1 and prod2. In amazon rds database runs in the prod1 account. Amazon ec2 instances run in the prod2
11)An application stores transactional data in an amazon s3 bucket. The data is analyzed for the first week and then must remain immediately available for occasional analysis.
12) an it automation architecture uses many aws lambda functions invoking one another as a large state machine. The coordination of this state machine is legacy custom mode that breaks easily.
Ans: aws step functions.
13) a company have 500 tb of data in an on-premises file share that needs to moved to amazon s3 Glacier. The migration must not saturate the company’s low-bandwidth internet connection and the migration must be completed within a few weeks. What is the most
14)which of the following distinguishes two cloudwatch metrics that are in the same namespace
Ans: dimension
15)A new application will be deployed using aws codedeploy to amazon elastic container service (ecs) . What must be supplied to codedeploy to specify the ecs service to deploy?
Ans: the appspec file
16) there are multiple aws accounts across multiple regions managed by a company. The operations Team require a single operational dashboard that displays some key performance metrics from these accounts and regions.
Ans: create an amazon cloudwatch cross-account cross-region dashboard.
17)an amazon vpc has been deployed with private and public subnets. Mysql database server running on an amazon ec2 instance will soon be launched. According to aws best practice, which subnet should the database server be launched into ?
Ans: the private subnet
18) your company has a set of resources hosted on the aws cloud. As a part of the new governing model, there is a requirement that all activity on aws resources should be monitored. What is the most efficient way to have this implemented?
Ans: use aws cloudtrial to monitor all api activity.
19) A developer needs to be notified by email for all new object creation events in a specific amazon s3 bucket. Amazon sns will be used for sending the messages. How can the developer enable these notifications?
Ans: create an event notification for all s3:objectcreated:’API calls
20) you have a large amount of data in amazon s3 and amazon s3 glacier that you need to move back to your on-premises datacenter. You have decided that you are going to use aws snowball to do your export. How will you export the data in amazon s3 glacier?
Ans: Restore the data from amazon s3 glacier and then create the export request
21) a dynamodb table is being used to store session information for users of an online game. A developer has noticed that the table size has increased considerably and much of the data is not required after a gaming session is completed.
Ans: enable a time to live (ttl) on the table add a timestamp attribute on new
22) A solution architect needs to select a low-cost, short-term option for adding resilience to an AWS direct connect connection. What is the most cost-effective solution to provide a backup for the direct connect connection?
Ans: configure aws transit gateway with IPSec vpn backup.
23) A CloudFormation template is going to be used by a global team to deploy infrastructure in several regions around the world. Which region of the template file can be used to set values based on a region?
Ans: mappings
24) a serverless application uses an iam role to authenticate and authorize access to an amazon dynamoDB table. A developer is troubleshooting access issues affecting the application. The developer has access to the iam role that the application is using.
25) an application exports documents to an amazon s3 bucket. The data must be encrypted at rest and company policy mandates that encryption keys must be rotated annually. How can this be achieved automatically and with the least effort?
Ans: use aws kms keys with automatic rotation enabled.
26) a developer needs to add sign-up and sign-in capabilities for a mobile app. The solution should integrate with social identity providers (idps) and saml idps. Which service should the developer use?
27) a company recently implemented hybrid cloud connectivity using aws direct connect and is migrating data to amazon s3. The company is looking for a fully managed solution that will automate and accelerate the replication of data between the on-premises storage systems and aws storage services.
28)an application running on amazon ec2 generates a large amount of small files (1kb each) Containing personally identifiable information that must be converted to ciphertext. The data will be stored on a proprietary network-attached file system. What is the safest way to encrypt the data using aws kms?
Ans: Encrypt the data directly with a customer managed customer master key
29) you’re running an rds instance that is running low on memory, resulting in slow read queries for your application . What's the most cost-effective and quickest way to resolve this?
30) a company needs to ingest several terabytes of data every hour from a large number of distributed sources. The messages are delivered continually 24hrs a day. Messages must be delivered in real time for security analysis and live operational dashboards.
Ans: use amazon kinesis data streams with kinesis client library to ingest and deliver messages.
31) a company is running an ecommerce application on amazon ec2. The application consists of a stateless web tier that requires a minimum of 10 instances, and a peak of 250 instances to support the application’s usage. The application requires 50 instances 80% of the time.
32) a static website that serves a collection of images runs an amazon s3 bucket in the us-east region. The website is gaining in popularity and a is now being viewed around the world. How can a developer improve the performance of the website for global users?
Ans: use cross region replication to the bucket to several global regions.
33) a company uses amazon s3 as its object storage solution. The company has thousands of s3 buckets uses to store data. Some of the s3 buckets have data that is accessed less frequently than others.
Ans: use s3 intelligent-tiering storage.
34) a developer needs to setup a new serverless application that includes aws lambda and amazon api gateway as part of a …. the developer needs to be able to locally build
Ans: aws serverless application model (sam)
35) a development team are currently creating a new application that uses a microservices design pattern and runs on docker containers. The team would like to run the platform on aws using a managed platform. They want minimize management overhead for the platform. Which service should the development team use?
Ans: amazon ecs with fragate launch type
36) A company has multiple AWS accounts for several environments (prod, Dev, Test etc). A solutions architect would like to copy an amazon EBS snapshot from dev to prod. The snapshot is from an ebs volume that was encrypted with a custom key. What steps must be performed to share the encrypted ebs snapshot with the prod account?
38) Choose the below statements are true or false for aws
i) when you create an iam user, you grant it permission by making it a member of a groupthat has
ii) you can also clone the permission of an existing iam user, which automatically makes the new user a member of
Ans: statement 1 and statement 2 are true
39)A solutions architect needs a solution for hosting a website that will be used bydevelopment team. The website contents will consist of html, css, client-side javascript, and images. Which solution is most cost-effective?
Ans: Create an Amazon S3 bucket and host the website there.
40) An amazon rds postgresql database is configured as multi-az. A solutions architect needsto scale read performance and the solution must be configured for high availability. What is the most cost-effective solution?
Ans: Create a read replica as a Multi-AZ DB instance
41) A company has deployed a new website on amazon ec2 instances behind an applicationload balancer (alb). Amazon route 53 is used for the dns service. The company has asked a solutions architect to create a backup website with support contact details that users will be directed to automatically if primary website is down. How should the solutions architect deploy this solution cost-effectively?
Ans: Use Amazon S3 website hosting for the backup website and Route 53 failover routing policy.
42) You have a large amount of data in Amazon s3 and Amazon s3 glacier that you need tomove back to your on-premises datacenter. You have decided that you are going to use aws snowball to do the export. How will you export the data in Amazon s3 glacier?
Ans: Restore the data from Amazon S3 Glacier and then create the export request.
43)Which of these is not needed for AWS Snowball setup?
Ans: AWS Snowball client unlock code
44) A company's application is running on Amazon EC2 instances m a single Region in the event of a disaster a solutions architect needs to ensure that the resources can also be deployed to a second Region. Which combination of actions should the solutions architect take to accomplish this-? (Select TWO)
Ans: Launch a new EC2 instance from an Amazon Machine image (AMI) in a new Region Copy an Amazon Machine Image (AMI) of an EC2 instance and specify a different Region for the destination
45) An application runs on Amazon EC2 instances across multiple Availability Zones. The instances run in an Amazon EC2 Auto Scaling group behind an Application Load Balancer. The application performs best when the CPU utilization of the EC2 instances is at or near 40%. What should a solutions architect do to maintain the desired performance across all instances m the group?
Ans: Use a target tracking policy to dynamically scale the Auto Scaling group
46) A company's website runs on Amazon EC2 instances behind an Application Load Balancer (ALB). The website has a mix of dynamic and static content Users around the globe are reporting that the website is slow. Which set of actions will improve website performance for users worldwide?
Ans: Create an Amazon CloudFront distribution and configure the ALB as an origin. Then update the Amazon Route 53 record to point to the CloudFront distribution
47) A decoupled application is using an Amazon SQS queue. The processing layer that is retrieving messages from the queue is not able to keep up with the number of messages being placed in the queue. What is the FIRST step the developer should take to increase the number of messages the application receives?
Ans: Use the ReceiveMessage API to retrieve up to 10 messages at a time
48)A solutions architect needs to ensure that API calls to Amazon DynamoDB from Amazon EC2 instances ina VPC do not traverse the internet What should the solutions architect do to accomplish this? (Select TWO )
Ans: Create a route table entry for the endpoint
Create a gateway endpoint for DynamoDB
48) A company hosts its product information webpages on AWS. The existing solution uses multiple Amazon C2 instances behind an Application Load Balancer in an Auto Scaling group. The website also uses a custom DNS name and communicates with HTTPS only using a dedicated SSL certificate. The company is planning a new product launch and wants to be sure that users from around the world have the best possible experience on the new website. What should a solutions architect do to meet these requirements?
Ans: Redesign the application to use Amazon CloudFront
49) A company has multiple AWS accounts for several environments (prod, Dev, Test etc). A solutions architect would like to copy an amazon EBS snapshot from dev to prod. The snapshot is from an ebs volume that was encrypted with a custom key. What steps must be performed to share the encrypted ebs snapshot with the prod account?
Ans: Share copy
Create a snapshots
50) A healthcare company stores highly sensitive patient records. Compliance requires that multiple copies be stored in different locations Each record must be stored for 7 years. The company has a service level agreement (SLA) to provide records to government agencies immediately for the first 30 days and then within 4 hours of a request thereafter. What should a solutions architect recommend?
Ans: Use Amazon S3 with cross-Region replication enabled. After 30 days, transition the data to Amazon S3 Glacier using lifecycle policy
51) A company Is seeing access requests by some suspicious IP addresses. The security team discovers the requests are horn different IP addresses under the same CIDR range. What should a solutions architect recommend to the team?
Ans: Add a deny rule in the Inbound table of the network ACL with a lower rule number than other rules.
52) A solutions architect is designing a two-tier web application. The application consists of a public-facing web tier hosted on Amazon EC2 in public subnets. The database tier consists of Microsoft SQL Server running on Amazon EC2 in a private subnet Security is a high priority for the company. How should security groups be configured in this situation? (Select TWO)
Ans: Configure the security group for the web tier to allow inbound traffic on port 443 from 0.0.0.0/0. B. Configure the security group for the web tier to allow outbound traffic on port 443 from 0.0.0.0/0. Configure the security group for the database tier to allow inbound traffic on port 1433 from the SecurityGroup for the web tier
53) A mobile app uploads usage information to a database. Amazon Cognito is being used for authentication, authorization and user management and users sign-in with Facebook IDs. In order to securely store data in DynamoDB, the design should use temporary AWS credentials. What feature of Amazon Cognito is used to obtain temporary credentials to access AWS services?
Ans: User Pools
54) A company has divested a single business unit and needs to move the AWS account owned by the business unit to another AWS Organization. How can this be achieved?
Ans: Migrate the account using the AWS Organizations console
55) A company hosts a static website on-premises and wants to migrate the website to AWS. The website should load as quickly as possible for users around the world. The company also wants the most costeffective solution. What should a solutions architect do to accomplish this?
Ans: Copy the website content to an Amazon S3 bucket. Configure the bucket to serve static webpage content. Configure Amazon CloudFront with the S3 bucket as the origin
56) A web application requires a minimum of six Amazon Elastic Compute Cloud (EC2) instances running at all times. You are tasked to deploy the application to three availability zones in the EU Ireland region (eu-west-la, eu-west-Ib, and euwest-Ic). It is required that the system is fault-tolerant up to the loss of one Availability Zone. Which of the following setup is the most cost-effective solution which also maintains the fault-tolerance of your system?
Ans: 3 instances in eu-west-la, 3 instances in eu-west-lb, and 3 instances in eu-west-lc
57) what is the most cost-effective option for synchrous database replication with RDS?
Ans: A multi
58) The aws well artchitectured framework does not provide.
Ans: Architectural pattern
59)While delivering business value through risk assessments and mitigation strategies, the security piller encompasses the ability to protect
Ans: Information
60) You send custom metrics to cloudwatch every 30 seconds.How should you store these metrics in cloudwatch to no matrics value are overwritten
Ans: As high resolution metrics
61) A solutions architect is optimizing a website for an upcoming musical event Videos of the performances will be streamed in real time and then will be available on demand. The event is expected to attract a global online audience. Which service will improve the performance of both the real-time and on-demand streaming?
Ans: Amazon CloudFront
62) A company currently operates a web application backed by an Amazon RDS MySQL database. It has automated backups that are run daily and are not encrypted. A security audit requires future backups to be encrypted and the unencrypted backups to be destroyed. The company will make at least one encrypted backup before destroying the old backups What should be done to enable encryption for future backups
Ans: Create a snapshot of the database. Copy it to an encrypted snapshot. Restore the database from the encrypted snapshot.
63) Your website has been suffering performance issues, and you have been able to determine that this is due to a spike in traffic to your servers. The servers are behind an ELB and the CPU on both Amazon EC2 instances hovers around 95% during this time frame. Your boss has asked you to find a way improve performance without impacting cost any more than is absolutely necessary, What should you do?
Ans: Creare an EC2 Auto Scaling group and have Amazon Cloud Watch trigger an autoscale event to scale up when the CPU reaches 80% and scale down when the CPU drops to 40%
64) A Developer wants to debug an application by searching and filtering log data. The application logs are stored in Amazon CloudWatch Logs. The Developer creates a new metric filter to count exceptions in the application logs. However, no results are returned from the logs. What is the reason that no filtered results are being returned?
Ans: CloudWatch Logs only publishes metric data for events that happen after the filter is created
65)when a developer calls the Amazon CloudWatch API, he receives HTTP 400: ThrottlingException errors sporadically. When a call is not successful, no data is obtained. Which best practice should be implemented first in order to remedy this issue?
Ans: Use the AWS CLI to get the metrics
66) A data-processing application runs on an i3.large EC2 instance with a single 100 GB EBS gp2 volume. The application stores temporary data in a small database (less than 30 GB) located on the EBS root volume. The application is struggling to process the data fast enough, and a Solutions Architect has determined that the I/O speed of the temporary database is the bottleneck. What is the MOST cost-efficient way to improve the database response times?
Ans: Move the temporary database onto instance storage.
67) A media company asked a Solutions Architect to design a highly available storage solution to serve as a centralized document store for their Amazon EC2 instances. The storage solution needs to be POSIX-compliant, scale dynamically, and be able to serve up to 100 concurrent EC2 instances.
Ans: Create an Amazon Elastic File System (Amazon EFS) to store and share the documents.
68) A Solutions Architect is designing a stateful web application that will run for one year (24/7) and then be decommissioned. Load on this platform will be constant, using a number of r4.8xlarge instances. Key drivers for this system include high availability, but elasticity is not required. What is the MOST cost-effective way to purchase compute for this platform?
Ans: Standard Reserved Instances
69)An organization developed an application that uses set of API that are served through amazon API gateway……custom authorization model?
Ans: Use Amazon Cognito user pools and a custom authorizer to authenticate and authorize users based on JSON Web Tokens.
70) When an enterprise migrates an application to the cloud as is, without making any modifications, what is this called?
Ans:Rehost
71) A solutions architect is designing a high performance computing (HPC) workload on Amazon EC2 The EC2 instances need to communicate to each other frequently and require network performance with low latency and high throughput Which EC2 configuration meets these requirements'?
Ans: Launch the EC2 instances in a cluster placement group in one Availability Zone
72) company's legacy application is currently relying on a single-instance Amazon RDS MySQL database without encryption Due to new compliance requirements, all existing and new data in this database must be encrypted How should this be accomplished?
Ans: Take a snapshot of the RDS instance Create an encrypted copy of the snapshot Restore the RDS instance from the encrypted snapshot
73) A company Is Penang to migrate a business-critical dataset to Amazon S3. The current solution design uses a single S3 bucket in the us-east-1 Region with versioning enabled to store the dataset. The company's disaster recovery policy states that all data multiple AWS Regions. How should a solutions architect design the S3 solution?
Ans: Create an additional S3 bucket with versioning in another Region and configure cross-Region replication.
74) A company's production application runs online transaction processing (OLTP) transactions on an Amazon RDS MySQL DB instance The company is launching a new reporting tool that will access the same data The reporting tool must be highly available and not impact the performance of the production application How can this be achieved'?
Ans: Create a Multi-AZ RDS Read Replica of the production RDS DB instance
75) A solutions architect is deploying a distributed database on multiple Amazon EC2 instances The database stores all data on multiple instances so it can withstand the loss of an instance The database requires block storage with latency and throughput to support several million transactions per second per server Which storage solution should the solutions architect use?
Ans: Amazon EBS
76) A company's web application is using multiple Linux Amazon EC2 instances and storing data on Amazon EBS volumes. The company is looking for a solution to increase the resiliency of the application in case of a failure and to provide storage that complies with atomicity, consistency, isolation, and durability (ACID). What should a solutions architect do to meet these requirements?
Ans: Create an Application Load Balancer with Auto Scaling groups across multiple Availability Zones.Store data on Amazon EFS and mount a target on each instance.
77) A solutions architect needs the static website within an Amazon S3 bucket. A solutions architect needs to ensure that data can be recovered in case of accidental deletion. Which action will accomplish this?
Ans:Enable Amazon S3 versioning
78) An application hosted on AWS is experiencing performance problems, and the application vendor wants to perform an analysis of the log file to troubleshoot further. The log file is stored on Amazon S3 and is 10 GB in size. The application owner will make the log file available to the vendor for a limited time. What is the MOST secure way to do this?
Ans: Generate a presigned URL and have the vendor download the log file before it expires
79) A solution architect has created two IAM policies: Policy1 and Policy2. Both policies are attached to an IAM group………………. A cloud engineer is added as an IAM user to the IAM group. Which action will the cloud engineer be able to perform?
Ans: Deleting Amazon EC2 instances
80)A Solutions Architect must design a storage solution for incoming billing reports in CSV format. The data does not need to be scanned frequently and is discarded after 30 days. Which service will be MOST cost-effective in meeting these requirements?
Ans: Write the files to an S3 bucket and use Amazon Athena to query the data.
81) A Solutions Architect must select the most appropriate database service for two use cases. A team of data scientists perform complex queries on a data warehouse that take several hours to complete. Another team of scientists need to run fast, repeat queries and update dashboards for customer support staff. Which solution delivers these requirements MOST costeffectively?
Ans: Redshift for both use cases.
82) A company has deployed a new website on Amazon EC2 instances behind an Application Load Balancer (ALB). Amazon Route 53 is used for the DNS service. The company has asked a Solutions Architect to create a backup website with support contact details that users will be directed to automatically if the primary website is down. How should the Solutions Architect deploy this solution cost-effectively?
Ans: Configure a static website using Amazon S3 and create a Route 53 failover routing policy
83) company recently expanded globally and wants to make its application accessible to users in those geographic locations. The application is deploying on Amazon EC2 instances behind an Application Load balancer in an Auto Scaling group. The company needs the ability shift traffic from resources in one region to another. What should a solutions architect recommend?
Ans: Configure an Amazon Route 53 geolocation routing policy
84) A company uses an amazon s3 bucket to store a large number of sensitive files relating to ecommerce transaction. The company has policy that states that all data written to the s3 bucket must be encrypted. How can a developer ensure compliance with this policy?
Ans: Create an S3 bucket policy that denies any S3 Put request that does not include the x-amz-server-side-encryption
85) A company runs multiple Amazon EC2 Linux instances in a VPC with applications that use a hierarchical directory structure. The applications need to rapidly and concurrently read and write to shared storage How can this be achieved?
Ans: Create an Amazon EFS file system and mount it from each EC2 instance.
86) Acompany's web application is running on Amazon EC2 instances behind an Application Load Balancer. The company recently changed its policy, which now requires the application to be accessed from one specific country only. Which configuration will meet this requirement?
Ans: Configure AWS WAF on the Application Load Balancer in a VPC.
87) Acompany runs an application on a group of Amazon Linux EC2 instances. The application writes log files using standard API calls. For compliance reasons, all log files must be retained indefinitely and will be analyzed by a reporting tool that must access all files concurrently. Which storage service should a solutions architect use to provide the MOST cost-effective solution?
Ans: Amazon S3
88) ccompany hosts a static website within an Amazon $3 bucket. A solutions architect needs to ensure that data can be recovered in case of accidental deletion. which action will accomplish this?
Ans: Enable Amazon S3 versioning
89) marketing company is storing CSV files in an Amazon $3 bucket for statistical analysis An application on an Amazon EC2 instance needs permission to efficiently process the CSV data stored in the $3 bucket. Which action will MOST securely grant the EC2 instance access to the S3 bucket?
Ans: Associate an IAM role with least privilege permissions to the EC2 instance profile
90) A company wants to migrate a high performance computing (HPC) application and data from on- premises to the AWS Cloud. SAA-C02_456q_September_2021_By_DrunkMonk The company uses tiered storage on-premises with hoi high-performance parallel storage to support the application during periodic runs of the application, and more economical cold storage to hold the data when the application is not actively running. Which combination of solutions should a solutions architect recommend to support the storage needs of the application? (Select TWO)
Ans: Amazon S3 for cold data storage
Amazon FSx for clustre tor high-performance parallel storage
91) A company is planning to use Amazon S3 lo store images uploaded by its users. The images must be encrypted at rest in Amazon S3. The company does not want to spend time managing and rotating the keys, but it does want to control who can access those keys. What should a solutions architect use to accomplish this?
Ans: Server-Side Encryption with AWS KMS-Managed Keys (SSE-KMS)
92) A company's application is running on Amazon EC2 instances within an Auto Scaling group behind an Elastic Load Balancer. Based on the application's history, the company anticipates a spike in traffic during a holiday each year. A solutions architect must design a strategy to ensure that the Auto Scaling group proactively SAA-C02_456q_September_2021_By_DrunkMonk increases capacity lo minimize any performance impact on application users. Which solution will meet these requirements?
Ans:Create a recurring scheduled action to scale up the Auto Scaling group before the expected period ofpeak demand.
93) You are responsible for deploying a critical application to AWS. It is required to ensure that the controls set for this application meet PCI compliance. Also, there is a need to monitor web application logs to identify any malicious activity. Which of the following services can be used to fulfill this requirement? Choose 2 answers from the options given below.
Ans: Amazon CloudWatch Logs Amazon CloudTrail
94) Which of the following are pillars of the AWS Well-Architected Framework?
Ans: Performance efficiency
Security
95) A company is migrating from an on-premises infrastructure to the AWS Cloud. One of the company's applications stores files on a Windows file server farm that uses Distributed File System Replication (DFSR) to keep data in sync. A solutions architect needs to replace the file server farm. Which service should the solutions architect use?
Ans: Amazon FSx
96) A Developer has been tasked by a client to create an application. The client has provided the following requirements for the application:
- Performance efficiency of seconds with up to a minute of latency
- Data storage requirements will be up to thousands of terabytes
- Per-message sizes may vary between 100 KB and 100 MB
- Data can be stored as key/value stores supporting eventual consistency What is the MOST cost-effective AWS service to meet these requirements?
Ans: Amazon S3
97) A company runs a multi-tier web application that hosts news content. The application runs on Amazon EC2 instances behind an Application Load Balancer. The instances run in an EC2 Auto Scaling group across multiple Availability Zones and use an Amazon Aurora database. A solutions architect needs to make the application more resilient to periodic increases in request rates. Which architecture should the solutions architect implement? (Select TWO )
Ans: Add Aurora Replica Add an Amazon CloudFront distribution in front of the Application Load Balancer
98) Based on the following AWS CLI command the resulting output, what has happened here? 1. $ aws lambda invoke --function-name MyFunction --invocation-type Event --payload ewogICJrZXkxIjogInZhbHVlMSIsCiAgImtleTIiOiAidmFsdWUyIiwKICAia2V5MyI6ICJ2YWx1ZTMiCn0= response.json 2. { 3. "StatusCode": 202 4. }
Ans: An AWS Lambda function has been invoked asynchronously and has completed successfully
99)A web application is being deployed on an amazon ecs cluster using the fargate launch type. The application is expected to receive a large volume of traffic initially.The company wishes to the performance is good for the launch and that costs reduceas demand decreases.
Ans: Use amazon ECS service Auto Scaling with target tracking policies to scale when ECS an Amazon CloudWatch alarm is breached.
100) A Solutions Architect needs to migrate an Oracle database running on RDS onto Amazon RedShift to improve performance and reduce cost. What combination of tasks using AWS services should be followed to execute the migration? (choose 2)
Ans: Migrate the database using the AWS Database Migration Service (DMS) Convert the schema using the AWS Schema Conversion Tool
101) A company allows its developers to attach existing IAM policies to existing IAM roles to enable faster experimentation and agility. However the security operations team is concerned that the developers could attach the existing administrator policy, which would allow the developers to circumvent any other security policies. How should a solutions architect address this issue?
Ans: Set an IAM permissions boundary on the developer IAM role that explicitly denies attaching theadministrator policy
102) A solutions architect is designing a web application that will run on Amazon EC2 instances behind an Application Load Balancer (ALB). The company strictly requires that the application be resilient against malicious internet activity and attacks, and protect against new common vulnerabilities and exposures. What should the solutions architect recommend?
Ans:Subscribe to AWS Shield Advanced and ensure common vulnerabilities and exposures are blocked
103) A Solutions Architect needs to design a solution that will allow Website Developers to deploy static web content without managing server infrastructure. All web content must be accessed over HTTPS with a custom domain name. The solution should be scalable as the company continues to grow.
Ans: Amazon CloudFront with an Amazon S3 bucket origin
104) A company recently deployed a new auditing system to centralize information about operating system versions, patching, and installed software for Amazon EC2 instances. A solutions architect must ensure all instances provisioned through EC2 Auto Scaling groups successfully send reports to the auditing system as soon as they are launched and terminated. Which solution achieves these goals MOST efficiently?
Ans: Use EC2 Auto Scaling lifecycle hooks to execute a custom script to send data to the audit system wheninstances are launched and terminated.
105) An application deployed on AWS Elastic Beanstalk experiences increased error rates during deployments of new application versions, resulting in service degradation for users. The Development team believes that this is because of the reduction in capacity during the deployment steps. The team would like to change the deployment policy configuration of the environment to an option that maintains full capacity during deployment while using the existing instances. Which deployment policy will meet these requirements while using the existing instances?
Ans: Rolling with additional batch
106) A company has an application that calls AWS Lambda functions. A recent code review found database credentials stored in the source code. The database credentials need to be removed from the Lambda source code. The credentials must then be securely stored and rotated on an ongoing basis to meet security policy requirements. What should a solutions architect recommend to meet these requirements?
Ans: Store the password in AWS Secrets Manager. Associate the Lambda function with a role that can retrieve the password from Secrets Manager given its secret ID.
107) A company is investigating methods to reduce the expenses associated with on-premises backup infrastructure. The Solutions Architect wants to reduce costs by eliminating the use of physical backup tapes. It is a requirement that existing backup applications and workflows should continue to function. What should the Solutions Architect recommend?
Ans: Connect the backup applications to an AWS Storage Gateway using an iSCSI-virtual tape library (VTL)
108) A Solutions Architect is designing an application for processing and extracting data from log files. The log files are generated by an application and the number and frequency of updates varies. The files are up to 1 GB in size and processing will take around 40 seconds for each file. Which solution is the most cost-effective?
Ans: Write the log files to an Amazon S3 bucket. Create an event notification to invoke an AWS Lambda function that will process the files
109) A company delivers content to subscribers distributed globally from an application running on AWS. The application uses a fleet of Amazon EC2 instance in a private subnet behind an Application Load Balancer (ALB). Due to an update in copyright restrictions, it is necessary to block access for specific countries. What is the EASIEST method to meet this requirement?
Ans: Use Amazon CloudFront to serve the application and deny access to blocked countries
110) A solutions architect needs to backup some application log files from an online ecommerce store to Amazon S3. It is unknown how often the logs will be accessed or which logs will be accessed the most. The solutions architect must keep costs as low as possible by using the appropriate S3 storage class. Which S3 storage class should be implemented to meet these requirements?
Ans: S3 Intelligent Tiering
111) A Developer created a new AWS account and must create a scalable AWS Lambda function that meets the following requirements for concurrent execution: ➠ Average execution time of 100 seconds ➠ 50 requests per second Which step must be taken prior to deployment to prevent errors?
Ans: Contact AWS Support to increase the concurrent execution limits
112) You update a custom CloudWatch metric with the timestamp of 15:57:08 and a value of 3. You then update the same metric with the timestamp of 15:57:37 and a value of 6. Assuming the metric is a high-resolution metric, which of the following will CloudWatch do?
Ans: Record both values with the given timestamp.
113) A development team manage a high-traffic e-Commerce site with dynamic pricing that is updated in real-time. There have been incidents where multiple updates occur simultaneously and cause an original editors updates to be overwritten. How can the developers ensure that overwriting does not occur?
Ans: Use conditional writes
114) an aws lambda function has been connected to a vpc to access an application running a private subnet. The lambda function also pulls data from an internet based service and is no longer able to connect to the interenet how can this be rectified
Ans: Add a NAT Gateway to public subnet and specify.
115)A development team is involved with migrating an on-premises MySQL database to amazon RDS. The database usage is very read-heavy. The development team wants to re-factor the application code to achieve optimum read performance for queries. How can this objective be met?
Ans: Add a connection string to use an RDS read replica for read queries
116) an organization has an account for each environment. Production, testing, development. A developer with an IAM user in the development account.
Ans:Create an IAM group in the production and testing account and add the developer from the development account to the groups.
117) A retail organization sends coupons out twice a week and this results in a predictable surge in sales traffic. The application runs on Amazon EC2 instances behind an Elastic Load Balancer. The organization is looking for ways to reduce cost without impacting performance or reliability. How can they achieve this goal?
Ans: Purchase scheduled reserved instances
118) A company is using AWS Lambda for processing small images that are uploaded to Amazon S3. This was working well until a large number of small files (several thousand) were recently uploaded and an error was generated by AWS Lambda (status code 429).
Ans: The concurrency execution limit for the account has been exceeded
119) An application requires an in-memory caching engine. The cache should provide high availability as repopulating data is expensive. How can this requirement be met?
Ans: Use Amazon ElastiCache Redis with replicas
120) An application is being migrated into the cloud. The application is stateless and will run on a fleet of Amazon EC2 instances. The application should scale elastically. How can a Developer ensure that the number of instances available is sufficient for current demand?
Ans: Create a launch configuration and use Amazon EC2 Auto Scaling