Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dpt65

SAA-C02 Questions and Answers

Question # 6

An Amazon EC2 administrator created the following policy associated with an IAM group containing several users

What is the effect of this policy?

A.

Users can terminate an EC2 instance in any AWS Region except us-east-1.

B.

Users can terminate an EC2 instance with the IP address 10 100 100 1 in the us-east-1 Region

C.

Users can terminate an EC2 instance in the us-east-1 Region when the user's source IP is 10.100.100.254.

D.

Users cannot terminate an EC2 instance in the us-east-1 Region when the user's source IP is 10.100 100 254

Full Access
Question # 7

A company must migrate 20 TB of data from a data centre to the AWS Cloud within 30 days. The company's network bandwidth is limited to 15 Mbps and cannot exceed 70% utilization.

What should a solutions architect do to meet these requirements?

A.

Use AWS Snowball.

B.

Use AWS DataSync

C.

Use a secure VPN connection.

D.

Use Amazon S3 Transfer Acceleration

Full Access
Question # 8

A computer is reviewing a recent migration of a three-tier application to a VPC. The security team discover that the principle of lest privilege is not being applied to Amazon EC2 security group ingress and egress rules between the application tiers.

What should a solution architect do to connect issue?

A.

Create security group rules using the instance ID as the source destination.

B.

Create security group rules using the security ID as the source or destination.

C.

Create security group rules using the VPC CDR blocks as the source or destination

D.

Create security group rules using the subnet CDR blocks as the source or destination

Full Access
Question # 9

A company needs to provide its employees with secure access to confidential and sensitive files. The company wants to ensure that the tiles can be accessed only by authorized users. The files must be downloaded securely to the employees' devices.

The files are stored in an on-premises Windows file server. However, due to an increase in remote usage, the file server is running out of capacity.

Which solution will meet these requirements?

A.

Migrate the file server to an Amazon EC2 instance in a public subnet. Configure the security group to limit inbound traffic to the employees' IP addresses.

B.

Migrate the files to an Amazon FSx for Windows File Server file system. Integrate the Amazon FSx file system with the on-premises Active Directory. Configure AWS Client VPN.

C.

Migrate the tiles to Amazon S3, and create a private VPC endpoint. Create a signed URL to allow download.

D.

Migrate the tiles to Amazon S3, and create a public VPC endpoint. Allow employees to sign on with AWS Single Sign-On.

Full Access
Question # 10

A company allows its developers to attach existing IAM policies to existing IAM roles to enable faster experimentation and agility. However, the security operations team is concerned that the developers could attach the existing administrator policy, which would allow the developers to circumvent any other security policies.

How should a solution architect address this issue?

A.

Create an Amazon SNS topic to send an alert every time a developer create a new policy.

B.

Use service control policies to disable IAM across all account in the organizational unit.

C.

Prevent the developers from attaching any policies and duties to the security option team.

D.

Set an IAM permission boundary on the developer IAM role that explicitly denies of attaching the administrator policy

Full Access
Question # 11

A company has a mobile chat application with a data store based in Amazon DynamoDB. Users would like new messages to be need with as little latency as possible. A possible architect needs design an optimal solution that requires minimal application changes.

Which method should the solution architect select?

A.

Configure amazon DynamoDB Accelerator (DAX) for the new messages table. Update the code to use DAX endpoint.

B.

AddDynamoDB read replicas to handle the increased read lead the application to point to the read endpoint for the read replicas.

C.

Double the number of read capacity units for the new messages table in DynamoDB. Continue to use the existing DynamoDB endpoint.

D.

Add an Amazon ElastiCache for Redis cache to the application stack. Update the application to point to the Redis cache endpoint of DynamoDB.

Full Access
Question # 12

A disaster response team is using drones to collect images of recent storm damage. The response team's laptops lack the storage and compute capacity to transfer the images and process the data While the team has Amazon EC2 instances for processing and Amazon S3 buckets for storage, network connectivity is intermittent and unreliable. The images need to be processed to evaluate the damage.

What should a solutions architect recommend'?

A.

Use AWS Snowball Edge devices to process and store the images

B.

Upload the images to Amazon Simple Queue Service (Amazon SQS) during intermittent connectivity to EC2 instances.

C.

Configure Amazon Kinesis Data Firehose to create multiple delivery streams aimed separately at the S3 buckets for storage and the EC2 instances for processing the images

D.

Use AWS Storage Gateway pre-installed on a hardware appliance to cache the images locally for Amazon S3 to process the images when connectivity becomes available.

Full Access
Question # 13

A manufacturing company has machine sensors that upload csv files to an Amazon S3 bucket These csv files must be converted into images and must be made available as soon as possible for the automatic generation of graphical reports.

The images become irrelevant after 1 month, but the csv files must be kept to train machine learning (ML) models twice a year. The ML trainings and audits are planned weeks in advance.

Which combination of steps will meet these requirements MOST cost-effectively? (Select TWO )

A.

Launch an Amazon EC2 Spot Instance that downloads the .csv files every hour, generates the image files, and uploads the images to the S3 bucket.

B.

Design an AWS Lambda function that converts the .csv files into images and stores the images in the S3 bucket Invoke the Lambda function when a csv file is uploaded.

C.

Create S3 Lifecycle rules for .csv files and image files in the S3 bucket Transition the csv files from S3 Standard to S3 Glacier 1 day after they are uploaded. Expire the image files after 30 days.

D.

Create S3 Lifecycle rules for csv files and image files in the S3 bucket Transition the csv files from S3 Standard to S3 One Zone-Infrequent Access (S3 One Zone-IA) 1 day after they are uploaded Expire the image files after 30 days

E.

Create S3 Lifecycle rules for .csv files and image files in the S3 bucket. Transition the csv files from S3 Standard to S3 Standard-Infrequent Access (S3 Standard-IA) 1 day after they are uploaded. Keep the image files in Reduced Redundancy Storage (RRS).

Full Access
Question # 14

A company has an application that calls AWS Lambda functions. A recent code review found database credentials stored in the source code. The database credentials needs to be removed from the Lambda source code. The credentials must then be securely stored and rotated on a on-going basis to meet security policy requirements.

What should a solutions architect recommend meet these requirements?

A.

Store the password in AWS CloudHSM. Associate the Lambda function with a role that can review the password from CloudHSM given key ID.

B.

Store the password in AWS Secrets Manager . A associate the Lambda function with a role that can retrieve the password from secrets Manager given its secret ID.

C.

Move the database password to an environment variable associate the Lambda function Retrieve the password from the environment variable upon execution.

D.

Store the password in AWS Key Management Service (AWS KMS). Associate the Lambda function with a role that can retrieve the password from AWS KMS given its key ID.

Full Access
Question # 15

A company is using AWS Key Management Service (AWS KMS) customer master keys (CMKs) to encrypt AWS Lambda environment variables A solutions architect needs to ensure that the required permissions are in place to decrypt and use the environment variables.

Which steps must the solutions architect take to implement the correct permissions? (Select TWO.)

A.

Add AWS KMS permissions in the Lambda resource policy

B.

Add AWS KMS permissions in the Lambda execution role

C.

Add AWS KMS permissions in the Lambda function policy.

D.

Allow the Lambda execution role in the AWS KMS key policy

E.

Allow the Lambda resource policy in the AWS KMS key policy.

Full Access
Question # 16

A startup company is hosting a website for its customers on an Amazon EC2 instance. The website consists of a stateless python application and a MySQL database. The website serves only a small amount of traffic. The company is concerned about the reliability of the instance and needs to migrate to a highly available architecture. The company cannot modify the application code.

Which combination of actions should a solution architect take to achieve high availability for the website? (Select TWO.)

A.

Provision an internet gateway in each Availability Zone in use.

B.

Migrate the database to on Amazon RDS for MySQL Multi-AZ DB instance

C.

Migrate the database to Amazon DynamoDB, and enable DynamoDB auto scaling.

D.

Use AWS DataSync to synchronize the database data across multiple EC2 instances

E.

Create an Application Load Balancer to distribute traffic to an Auto Scaling group or EC2 instances that are distributed across two Availability Zones.

Full Access
Question # 17

A company has been running a web application with an Oracle relational database in an on-premises data center for the past 15 years. The company must migrate the database to AWS. The company needs to reduce operational overhead without having to modify the application's code.

Which solution meets these requirements?

A.

Use AWS Database Migration Service (AWS DMS) to migrate the database servers to Amazon RDS.

B.

Use Amazon EC2 instances to migrate and operate the database servers.

C.

Use AWS Database Migration Service (AWS DMS) to migrate the database servers to Amazon DynamoDB.

D.

Use an AWS Snowball Edge Storage Optimized device to migrate the data from Oracle to Amazon Aurora.

Full Access
Question # 18

An application running on AWS uses an Amazon Aurora Multi-AZ deployment for its database When evaluating performance metrics, a solutions architect discovered that the database reads are causing high I/O and adding latency to the write requests against the database

What should the solutions architect do to separate the read requests from the write requests?

A.

Enable read-through caching on the Amazon Aurora database.

B.

Update the application to read from the Multi-AZ standby instance

C.

Create a read replica and modify the application to use the appropriate endpoint.

D.

Create a second Amazon Aurora database and link it to the primary database as a read replica

Full Access
Question # 19

The application's traffic is often low. but it occasionally grows significantly. During these sudden increases in traffic, DynamoDB returns throttling errors. The result is that error pages are displayed to end users.

What should a solutions architect do to reduce these errors?

A.

Change the DynamoDB table to use on-demand capacity mode.

B.

Create a DynamoDB read replica to scale the read traffic horizontally.

C.

Purchase DynamoDB reserved capacity of 1,000 RCUs and 500 WCUs.

D.

Configure the application to use strongly consistent reads for DynamoDB queries.

Full Access
Question # 20

A medical records company is hosting an application on Amazon EC2 instances. The application processes customer data files that are stored on Amazon S3. The EC2 instances are hosted in public subnets. The EC2 instances access Amazon S3 over the internet, but they do not require any other network access.

A new requirement mandates that the network traffic for file transfers take a private route and not be sent over the internet.

Which change to the network architecture should a solutions architect recommend to meet this requirement"?

A.

Create a NAT gateway. Configure the route table for the public subnets to send traffic to Amazon S3 through the NAT gateway.

B.

Configure the security group for the EC2 instances to restrict outbound traffic so that only traffic to the S3 prefix list is permitted.

C.

Move the EC2 instances to private subnets. Create a VPC endpoint for Amazon S3, and link the endpoint to the route table for the private subnets

D.

Remove the internet gateway from the VPC. Set up an AWS Direct Connect connection, and route traffic to Amazon S3 over the Direct Connect connection.

Full Access
Question # 21

A company needs to retain application logs files for a critical application for 10 years. The application team regularly accesses logs from the past month for troubleshooting, but logs older than 1 month are rarely accessed. The application generates more than 10 TB of logs per month.

Which storage option meets these requirements MOST cost-effectively?

A.

Store the Iogs in Amazon S3 Use AWS Backup lo move logs more than 1 month old to S3 Glacier Deep Archive

B.

Store the logs in Amazon S3 Use S3 Lifecycle policies to move logs more than 1 month old to S3 Glacier Deep Archive

C.

Store the logs in Amazon CloudWatch Logs Use AWS Backup to move logs more then 1 month old to S3 Glacier Deep Archive

D.

Store the logs in Amazon CloudWatch Logs Use Amazon S3 Lifecycle policies to move logs more than 1 month old to S3 Glacier Deep Archive

Full Access
Question # 22

A company stores data in an Amazon Aurora PostgreSQL DB cluster. The company must store all the data for 5 years and must delete all the data after 5 years. The company also must indefinitely keep audit logs of actions that are performed within the database. Currently, the company has automated backups configured for Aurora.

Which combination of steps should a solutions architect take to meet these requirements? (Select TWO.)

A.

Take a manual snapshot of the DB cluster.

B.

Create a lifecycle policy for the automated backups.

C.

Configure automated backup retention for 5 years.

D.

Configure an Amazon CloudWatch Logs export for the DB cluster.

E.

Use AWS Backup to take the backups and to keep the backups for 5 years.

Full Access
Question # 23

A company hosts an application on AWS. The application interacts with an Amazon DynamoDB table that has 10 read capacity units (RCUs) Data from Amazon CloudWatch alarms shows that throttling is occurring on read requests to the DynamoDB table. The company needs to prevent this issue from happening in the future as the application continues to grow.

What should a solutions architect recommend to meet these requirements?

A.

Add an Elastic Load Balancer in front of the DynamoDB table.

B.

Change the RCUs for the DynamoDB table to 20.

C.

Provision 20 write capacity units (WCUs) for the DynamoDB table to offset the throttling on read requests.

D.

Enable auto scaling for the DynamoDB table

Full Access
Question # 24

A company is deploying a web portal. The company wants to ensure that only the web portion of the application is publicly accessible. To accomplish this, the VPC was designed with two public subnets and two private subnets. The application will run on several Amazon EC2 instances in an Auto Scaling group. SSL termination must be offloaded from the EC2 instances.

What should a solutions architect do to ensure these requirements are met? Configure a Network Load Balancer in the public subnets. Configure the Auto Scaling

A.

group in the private subnets and associate it with an Application Load Balancer Configure a Network Load Balancer in the public subnets. Configure the Auto Scaling

B.

group in the public subnets and associate it with an Application Load Balancer.

C.

Configure an Application Load Balancer in the public subnets. Configure the Auto Scaling group in the private subnets and associate it with the Application Load

D.

Balancer, Configure an Application Load Balancer in the private subnets. Configure the Auto Scaling group in the private subnets and associate it with the Application Load Balancer.

Full Access
Question # 25

A company is concerned about the security of its public web application due to recent web attacks. The application uses an Application Load Balancer (ALB). A solutions architect must reduce the risk of DDoS attacks against the application

What should the solutions architect do to meet this requirement?

A.

Add an Amazon Inspector agent to the ALB

B.

Configure Amazon Made to prevent attacks.

C.

Enable AWS Shield Advanced to prevent attacks.

D.

Configure Amazon GuardDuty to monitor the ALB

Full Access
Question # 26

A company's application Is having performance issues The application staleful and needs to complete m-memory tasks on Amazon EC2 instances. The company used AWS CloudFormation to deploy infrastructure and used the M5 EC2 Instance family As traffic increased, the application performance degraded Users are reporting delays when the users attempt to access the application.

Which solution will resolve these issues in the MOST operationally efficient way?

A.

Replace the EC2 Instances with T3 EC2 instances that run in an Auto Scaling group. Made the changes by using the AWS Management Console.

B.

Modify the CloudFormation templates to run the EC2 instances in an Auto Scaling group. Increase the desired capacity and the maximum capacity of the Auto Scaling group manually when an increase is necessary

C.

Modify the CloudFormation templates. Replace the EC2 instances with R5 EC2 instances. Use Amazon CloudWatch built-in EC2 memory metrics to track the application performance for future capacity planning.

D.

Modify the CloudFormation templates. Replace the EC2 instances with R5 EC2 instances. Deploy the Amazon CloudWatch agent on the EC2 instances to generate custom application latency metrics for future capacity planning.

Full Access
Question # 27

A hospital recently deployed a RESTful API with Amazon API Gateway and AWS Lambda The hospital uses API Gateway and Lambda to upload reports that are in PDF format and JPEG format The hospital needs to modify the Lambda code to identify protected health information (PHI) in the reports

Which solution will meet these requirements with the LEAST operational overhead?

A.

Use existing Python libraries to extract the text from the reports and to identify the PHI from the extracted text.

B.

Use Amazon Textract to extract the text from the reports Use Amazon SageMaker to identify the PHI from the extracted text.

C.

Use Amazon Textract to extract the text from the reports Use Amazon Comprehend Medical to identify the PHI from the extracted text

D.

Use Amazon Rekognition to extract the text from the reports Use Amazon Comprehend Medical to identify the PHI from the extracted text

Full Access
Question # 28

An online retail company has more than 50 million active customers and receives more than 25,000 orders each day. The company collects purchase data for customers and stores this data in Amazon S3. Additional customer data is stored in Amazon RDS.

The company wants to make all the data available to various teams so that the teams can perform analytics. The solution must provide the ability to manage fine-grained permissions for the data and must minimize operational overhead.

Which solution will meet these requirements?

A.

Migrate the purchase data to write directly to Amazon RDS. Use RDS access controls to limit access.

B.

Schedule an AWS Lambda function to periodically copy data from Amazon RDS to Amazon S3. Create an AWS Glue crawler. Use Amazon Athena to query the data. Use S3 policies to limit access.

C.

Create a data lake by using AWS Lake Formation. Create an AWS Glue JOBC connection to Amazon RDS. Register the S3 bucket in Lake Formation. Use Lake

D.

Formation access controls to limit access. Create an Amazon Redshift cluster Schedule an AWS Lambda function to periodically copy data from Amazon S3 and Amazon RDS to Amazon Redshift. Use Amazon Redshift access controls to limit access.

Full Access
Question # 29

A company runs a latency-sensitive gaming service in the AWS Cloud. The gaming service runs on a fleet of Amazon EC2 instances behind an Application Load Balancer (ALB). An Amazon DynamoDB table stores the gaming data. All he infrastructure is in a single AWS Region. The main user base is in that same Region.

A solutions architect needs to update the architect to support a global expansion of the gaming service must operate with the least possible latency.

Which solution will meet these requirements?

A.

Create an Amazon CloudFront distribution in front of the ALB.

B.

Deploy an Amazon API Gateway regional API endpoint. Integrate the API endpoint with the ALB.

C.

Create an accelerator in AWS Global Accelerator. Add a listener. Configure the endpoint to point to the ALB.

D.

Deploy the ALB and the fleet of EC2 instances to another Region. Use Amazon Route 53 geolocation routing.

Full Access
Question # 30

A company wants to improve the availability and performance of its hybrid application. The application consists of a stateful TCP-based workload hosted on Amazon EC2 instances in different AWS Regions and a stateless UDP-based workload hosted on premises.

Which combination of actions should a solutions architect take to improve availability and performance? (Select TWO.)

A.

Create an accelerator using AWS Global Accelerator. Add the load balancers as endpoints.

B.

Create an Amazon CloudFront distribution with an origin that uses Amazon Route 53 latency-based routing to route requests to the load balancers.

C.

Configure two Application Load Balancers in each Region. The first will route to the EC2 endpoints, and the second will route to the on-premises endpoints.

D.

Configure a Network Load Balancer in each Region to address the EC2 endpoints. Configure a Network Load Balancer in each Region that routes to the on-premises endpoints.

E.

Configure a Network Load Balancer in each Region to address the EC2 endpoints. Configure an Application Load Balancer in each Region that routes to the on-premises endpoints.

Full Access
Question # 31

A company is building an ecommerce application and needs to store sensitive customer information. The company needs to give customers the ability to complete purchase transactions on the website. The company also needs to ensure that sensitive customer data is protected, even from database administrators.

Which solution meets these requirements?

A.

Store sensitive data in an Amazon Elastic Block Store (Amazon EBS) volume. Use EBS encryption to encrypt the data. Use an IAM instance role to restrict access.

B.

Store sensitive data in Amazon RDS for MySQL. Use AWS Key Management Service (AWS KMS) client-side encryption to encrypt the data.

C.

Store sensitive data in Amazon S3. Use AWS Key Management Service (AWS KMS) service-side encryption the data. Use S3 bucket policies to restrict access.

D.

Store sensitive data in Amazon FSx for Windows Server. Mount the file share on application servers. Use Windows file permissions to restrict access.

Full Access
Question # 32

A company that primarily runs its application servers on premises has deeded to migrate to AWS. The company wants to minimize its need to scale its Internet Small Computer Systems Interface (iSCSI) storage on premises. The company wants only its recently accessed data to remain stored locally

Which AWS solution should the company use to meet these requirements?

A.

Amazon S3 File Gateway

B.

AWS Storage Gateway Tape Gateway

C.

AWS Storage Gateway Volume Gateway stored volumes

D.

AWS Storage Gateway Volume Gateway cached volumes

Full Access
Question # 33

A company is deploying a new application lo Amazon Elastic Kubernetes Service (Amazon EKS) with an AWS Fargate duster The application needs a storage solution for data persistence The solution must be highly available and fault tolerant The solution also must be shared between multiple application containers

Which solution will meet these requirements with the LEAST operational overhead?

A.

Create Amazon Elastic Block Store (Amazon EBS) volumes In the same Availability Zones where EKS worker nodes are placed. Register the volumes In a StorageClass object on an EKS cluster Use EBS Multi-Attach to share the data between containers

B.

Create an Amazon Elastic File System (Amazon EFS) tile system Register the tile system in a StorageClass object on an EKS cluster Use the same file system for all containers

C.

Create an Amazon Elastic Block Store (Amazon EBS) volume Register the volume In a StorageClass object on an EKS cluster Use the same volume for all containers.

D.

Create Amazon Elastic File System (Amazon EFS) file systems In the same Availability Zones where EKS worker nodes are placed Register the file systems in a StorageClass obied on an EKS duster Create an AWS Lambda function to synchronize the data between file systems

Full Access
Question # 34

A company wants to move its on-premises network attached storage (NAS) to AWS The company wants to make the data available to any Linux instances within its VPC and ensure changes are automatically synchronized across all instances accessing the data store The majority of the data is accessed very rarely, and some files are accessed by multiple users at the same time

Which solution meets these requirements and is MOST cost-effective?

A.

Create an Amazon Elastic Block Store (Amazon EBS) snapshot containing the data. Share it with users within the VPC

B.

Create an Amazon S3 bucket that has a lifecycle policy set to transition the data to S3 Standard-Infrequent Access (S3 Standard-IA) after the appropriate number of days

C.

Create an Amazon Elastic File System (Amazon EFS) file system within the VPC Set the throughput mode to Provisioned and to the required amount of IOPS to support concurrent usage

D.

Create an Amazon Elastic File System (Amazon EFS) file system within the VPC Set the hfecycle policy to transition the data to EFS Infrequent Access (EFS IA) after the appropriate number of days

Full Access
Question # 35

A company wants to deploy a new public web application on AWS The application includes a web server tier that uses Amazon EC2 instances The application also includes a database tier that uses an Amazon RDS for MySQL DB instance

The application must be secure and accessible for global customers that have dynamic IP addresses

How should a solutions architect configure the security groups to meet these requirements'?

A.

Configure the security group tor the web servers lo allow inbound traffic on port 443 from 0.0.0. 0/0) Configure the security group for the DB instance to allow inbound traffic on port 3306 from the security group of the web servers

B.

Configure the security group for the web servers to allow inbound traffic on port 443 from the IP addresses of the customers Configure the security group for the DB instance lo allow inbound traffic on port 3306 from the security group of the web servers

C.

Configure the security group for the web servers to allow inbound traffic on port 443 from the IP addresses of the customers Configure the security group for the DB instance to allow inbound traffic on port 3306 from the IP addresses of the customers

D.

Configure the security group for the web servers to allow inbound traffic on port 443 from 0.0.0.0.0 Configure the security group for the DB instance to allow inbound traffic on port 3306 from 0.0.0.0/0)

Full Access
Question # 36

A company runs a photo processing application mat needs to frequently upload and download pictures from Amazon S3 buckets that are located in the same AWS Region A solutions architect has noticed an increased cost in data transfer lees and needs to implement a solution to reduce these costs

How can the solutions architect meet this requirement?

A.

Deploy Amazon API Gateway into a public subnet and adjust the route table to route S3 calls through it

B.

Deploy a NAT gateway into a public subnet and attach an endpoint policy that allows access to the S3 buckets

C.

Deploy the application into a public subnet and allow it to route through an internet gateway to access the S3 buckets

D.

Deploy an S3 VPC gateway endpoint into the VPC and attach an endpoint policy that allows access to the S3 buckets

Full Access
Question # 37

A company is planning to deploy a business-critical application in the AWS Cloud. The application requires durable storage with consistent, low-latency performance

Which type of storage should a solutions architect recommend to meet these requirements?

A.

Instance store volume

B.

Amazon ElastiCache for Memcached cluster

C.

Provisioned lOPS SSD Amazon Elastic Block Store (Amazon EBS> volume

D.

Throughput Optimized HDD Amazon Elastic Block Store (Amazon EBS) volume

Full Access
Question # 38

A company hosts a website on Amazon EC2 instances behind an Application Load Balancer (ALB) The website serves static content Website traffic is increasing, and the company is concerned about a potential increase in cost.

What should a solutions architect do to reduce the cost of the website?

A.

Create an Amazon CloudFront distribution to cache static files at edge locations.

B.

Create an Amazon ElastiCache cluster Connect the ALB to the ElastiCache cluster to serve cached files.

C.

Create an AWS WAF web ACL, and associate it with the ALB Add a rule to the web ACL to cache static files.

D.

Create a second ALB in an alternative AWS Region Route user traffic to the closest Region to minimize data transfer costs.

Full Access
Question # 39

A company has an on-premises MySQL database that handles transactional data The company is migrating the database to the AWS Cloud The migrated database must maintain compatibility with the company's applications that use the database The migrated database also must scale automatically during periods of increased demand.

Which migration solution will meet these requirements?

A.

Use native MySQL tools to migrate the database to Amazon RDS for MySQL Configure elastic storage scaling

B.

Migrate the database to Amazon Redshift by using the mysqldump utility Turn on Auto Scaling for the Amazon Redshift cluster

C.

Use AWS Database Migration Service (AWS DMS) to migrate the database to Amazon Aurora Turn on Aurora Auto Scaling.

D.

Use AWS Database Migration Service (AWS DMS) to migrate the database to Amazon DynamoDB Configure an Auto Scaling policy.

Full Access
Question # 40

A company hosts a serverless application on AWS. The application uses Amazon API Gateway. AWS Lambda, and an Amazon RDS for PostgreSQL database. The company notices an increase in application errors that result from database connection timeouts during times of peak traffic or unpredictable traffic. The company needs a solution that reduces the application failures with the least amount of change to the code.

What should a solutions architect do to meet these requirements?

A.

Reduce the Lambda concurrency rate.

B.

Enable RDS Proxy on the RDS DB instance.

C.

Resize the ROS DB instance class to accept more connections.

D.

Migrate the database to Amazon DynamoDB with on-demand scaling

Full Access
Question # 41

A company has an Amazon S3 data lake that is governed by AWS Lake Formation The company wants to create a visualization in Amazon QuickSight by joining the data in the data lake with operational data that is stored in an Amazon Aurora MySQL database The company wants to enforce column-level authorization so that the company's marketing team can access only a subset of columns in the database

Which solution will meet these requirements with the LEAST operational overhead?

A.

Use Amazon EMR to ingest the data directly from the database to the QuickSight SPICE engine Include only the required columns

B.

Use AWS Glue Studio to ingest the data from the database to the S3 data lake Attach an 1AM policy to the QuickSight users to enforce column-level access control. Use Amazon S3 as the data source in QuickSight

C.

Use AWS Glue Elastic Views to create a materialized view for the database in Amazon S3 Create an S3 bucket policy to enforce column-level access control for the QuickSight users Use Amazon S3 as the data source in QuickSight.

D.

Use a Lake Formation blueprint to ingest the data from the database to the S3 data lake Use Lake Formation to enforce column-level access control for the QuickSight users Use Amazon Athena as the data source in QuickSight

Full Access
Question # 42

A company wants to establish connectivity between its on-premlses data center and AWS (or an existing workload. The workload runs on Amazon EC2 Instances in two VPCs In different AWS Regions. The VPCs need to communicate with each other. The company needs to provide connectivity from Its data center to both VPCs. The solution must support a bandwidth of 600 Mbps to the data center.

Which solution will meet these requirements?

A.

Set up an AWS Site-to-Site VPN connection between the data center and one VPC. Create a VPC peering connection between the VPCs.

B.

Set up an AWS Site-to-Site VPN connection between the data center and each VPC. Create a VPC peering connection between the VPCs.

C.

Set up an AWS Direct Connect connection between the data center and one VPC. Create a VPC peering connection between the VPCs.

D.

Create a transit gateway. Attach both VPCs to the transit gateway. Create an AWS Slte-to-Site VPN tunnel to the transit gateway.

Full Access
Question # 43

A company has an ecommerce checkout workflow that writes an order to a database and calls a service to process the payment. Users are experiencing timeouts during the checkout process. When users resubmit the checkout form, multiple unique orders are created for the same desired transaction.

How should a solutions architect refactor this workflow to prevent the creation of multiple orders?

A.

Configure the web application to send an order message to Amazon Kinesis Data Firehose. Set the payment service to retrieve the message from Kinesis Data Firehose and process the order.

B.

Create a rule in AWS CloudTrail to invoke an AWS Lambda function based on the logged application path request Use Lambda to query the database, call the payment service, and pass in the order information.

C.

Store the order in the database. Send a message that includes the order number to Amazon Simple Notification Service (Amazon SNS). Set the payment service to poll Amazon SNS. retrieve the message, and process the order.

D.

Store the order in the database. Send a message that includes the order number to an Amazon Simple Queue Service (Amazon SQS) FIFO queue. Set the payment service to retrieve the message and process the order. Delete the message from the queue.

Full Access
Question # 44

A company is planning to use Amazon S3 to store images uploaded by its users. The images must be encrypted at rest in Amazon S3. The company does not want to spend time managing and rotating the keys, but it does want to control who can access those keys.

What should a solutions architect use to accomplish this?

A.

Server-Side Encryption with keys stored in an S3 bucket

B.

Server-Side Encryption with Customer-Provided Keys (SSE-C)

C.

Server-Side Encryption with Amazon S3-Managed Keys (SSE-S3)

D.

Server-Side Encryption with AWS KMS-Managed Keys (SSE-KMS)

Full Access
Question # 45

A company's order system sends requests from clients to Amazon EC2 instances The EC2 instances process the orders and then store the orders in a database on Amazon RDS. Users report that they must reprocess orders when the system fails. The company wants a resilient solution that can process orders automatically if a system outage occurs.

What should a solutions architect do to meet these requirements?

A.

Move the EC2 instances Into an Auto Scaling group. Create an Amazon EventBridge (Amazon CloudWatch Events) rule to target an Amazon Elastic Container Service (Amazon ECS) task

B.

Move the EC2 instances into an Auto Seating group behind an Application Load Balancer (Al B) Update the order system to send message to the ALB endpoint

C.

Move the EC2 instances into an Auto Scaling group. Configure the order system to send messages to an Amazon Simple Queue Service (Amazon SGS) queue. Configure the EC2 instances to consume messages from the queue.

D.

Create an Amazon Simple Notification Service (Amazon SNS) topic. Create an AWS Lambda function, and subscribe the function to the SNS topic Configure (he order system to send messages to the SNS topic. Send a command to the EC2 instances to process the messages by using AWS Systems Manager Run Command

Full Access
Question # 46

A company is hosting a static website on Amazon S3 and is using Amazon Route 53 for DNS. The website is experiencing increased demand from around the world. The company must decrease latency for users who access the website.

Which solution meets these requirements MOST cost-effectively?

A.

Replicate the S3 bucket that contains the website to all AWS Regions. Add Route 53 geolocation routing entries.

B.

Provision accelerators in AWS Global Accelerator. Associate the supplied IP addresses with the S3 bucket. Edit the Route 53 entries to point to the IP addresses of the accelerators.

C.

Add an Amazon CloudFront distribution in front of the S3 bucket. Edit the Route 53 entries to point to the CloudFront distribution.

D.

Enable S3 Transfer Acceleration on the bucket. Edit the Route 53 entries to point to the new endpoint.

Full Access
Question # 47

Which AWS service can a company use to store and manage Docker images?

A.

Amazon DynamoDB

B.

Amazon Kinesis Data Streams

C.

Amazon Elastic Container Registry (Amazon ECR)

D.

Amazon Elastic File System (Amazon EFS)

Full Access
Question # 48

A company has a remote factory that has unreliable connectivity. The factory needs to gather and process machine data and sensor data so that it can sense products on its conveyor belts and initiate a robotic movement to direct the products to the right location Predictable low-latency compute processing is essential for the on-premises control systems

Which solution should the factory use to process the data?

A.

Amazon CloudFront lambda©Edge functions

B.

An Amazon EC2 instance that has enhanced networking enabled

C.

An Amazon EC2 instance that uses an AWS Global Accelerator endpoint

D.

An Amazon Elastic Block Store (Amazon EBS) volume on an AWS Snowball Edge cluster

Full Access
Question # 49

A solutions architect observes that a nightly batch processing job is automatically scaled up for 1 hour before the desired Amazon EC2 capacity is reached The peak capacity is the same every night and the batch jobs always start at 1 AM The solutions architect needs to find a cost-effective solution that will allow for the desired EC2 capacity to be reached quickly and allow the Auto Scaling group to scale down after the batch jobs are complete

What should the solutions architect do to meet these requirements^

A.

Increase the minimum capacity for the Auto Scaling group

B.

Increase the maximum capacity for the Auto Scaling group

C.

Configure scheduled scaling to scale up to the desired compute level

D.

Change the scaling policy to add more EC2 instances during each scaling operation.

Full Access
Question # 50

A company wants to use AWS Systems Manager to manage a fleet ol Amazon EC2 instances. According to the company's security requirements, no EC2 instances can have internet access. A solutions architect needs to design network connectivity from the EC2 instances to Systems Manager while fulfilling this security obligation.

Which solution will meet these requirements?

A.

Deploy the EC2 instances into a private subnet with no route to the internet.

B.

Configure an interface VPC endpoint for Systems Manager. Update routes to use the endpoint.

C.

Deploy a NAT gateway into a public subnet. Configure private subnets with a default route to the NAT gateway.

D.

Deploy an internet gateway. Configure a network ACL to deny traffic to all destinations except Systems Manager.

Full Access
Question # 51

A company's web application uses an Amazon RDS PostgreSQL DB instance to store its application data During the financial closing period at the start of every month, Accountants run large queries that impact the database's performance due to high usage The company wants to minimize the impact that the reporting activity has on the web application

What should a solutions architect do to reduce the impact on the database with the LEAST amount of effort?

A.

Create a read replica and direct reporting traffic to the replica

B.

Create a Multi-AZ database and direct reporting traffic to the standby

C.

Create a cross-Region read replica and direct reporting traffic to the replica.

D.

Create an Amazon Redshift database and direct reporting traffic to the Amazon Redshift database

Full Access
Question # 52

A company wants to migrate its 1 PB on-premises image repository to AWS. The images will be used by a serverless web application Images stored in the repository are rarely accessed, but they must be immediately available Additionally, the images must be encrypted at rest and protected from accidental deletion

Which solution meets these requirements?

A.

Implement client-side encryption and store the images in an Amazon S3 Glacier vault Set a vault lock to prevent accidental deletion

B.

Store the images in an Amazon S3 bucket in the S3 Standard-Infrequent Access (S3 Standard-IA) storage class Enable versioning default encryption and MFA Delete on the S3 bucket.

C.

Store the images in an Amazon FSx for Windows File Server file share Configure the Amazon FSx file share to use an AWS Key Management Service (AWS KMS) customer master key (CMK) to encrypt the images in the file share Use NTFS permission sets on the images to prevent accidental deletion

D.

Store the images in an Amazon Elastic File System (Amazon EFS) file share in the Infrequent Access storage class Configure the EFS file share to use an AWS Key Management Service (AWS KMS) customer master key (CMK) to encrypt the images in the file share. Use NFS permission sets on the images to prevent accidental deletion

Full Access
Question # 53

A company is running a highly sensitive application on Amazon EC2 backed by an Amazon RDS database Compliance regulations mandate that all personally identifiable information (Pll) be encrypted at rest.

Which solution should a solutions architect recommend to meet this requirement with the LEAST amount of changes to the infrastructure?

A.

Deploy AWS Certificate Manager to generate certificates Use the certificates to encrypt the database volume

B.

Deploy AWS CloudHSM, generate encryption keys, and use the customer master key (CMK) to encrypt database volumes

C.

Configure SSL encryption using AWS Key Management Service customer master keys (AWS KMS CMKs) to encrypt database volumes.

D.

Configure Amazon Elastic Block Store (Amazon EBS) encryption and Amazon RDS encryption with AWS Key Management Service (AWS KMS) keys to encrypt instance and database volumes

Full Access
Question # 54

A company with multiple accounts and teams wants to set up a new multi-account AWS environment.

Which AWS service supports this requirement?

A.

AWS CloudFormation

B.

AWS Control Tower

C.

AWS Config

D.

Amazon Virtual Private Cloud (Amazon VPC)

Full Access
Question # 55

A solutions architect finds that an Amazon Aurora cluster with On-Demand Instance pricing is being underutilized for a blog application The application is used only for a few minutes several times each day for reads

What should a solutions architect do to optimize utilization MOST cost-effectively?

A.

Enable Auto Scaling on the original Aurora database

B.

Convert the original Aurora database to Aurora parallel query

C.

Convert the original Aurora database to an Aurora global database

D.

Convert the original Aurora database to Amazon Aurora Serverless

Full Access
Question # 56

An online learning company is migrating to the AWS Cloud. The company maintains its student records in a PostgreSQL database. The company needs a solution in which its data is available and online across multiple AWS Regions at all times.

Which solution will meet these requirements with the LEAST amount of operational overhead?

A.

Migrate the PostgreSQL database to a PostgreSQL cluster on Amazon EC2 instances

B.

Migrate the PostgreSQL database to an Amazon RDS for PostgreSQL DB instance with the Multi-AZ feature turned on

C.

Migrate the PostgreSQL database to an Amazon RDS for PostgreSQL DB instance Create a read replica in another Region

D.

Migrate the PostgreSQL database to an Amazon RDS for PostgreSQL DB instance Set up DB snapshots to be copied to another Region.

Full Access
Question # 57

A trucking company is deploying an application that will track the GPS coordinates of all the company's trucks The company needs a solution that will generate real-time statistics based on metadata lookups with high read throughput and microsecond latency The database must be fault tolerant and must minimize operational overhead and development effort.

Which combination of steps should a solutions architect take to meet these requirements? (Select TWO.)

A.

Use Amazon DynamoDB as the database.

B.

Use Amazon Aurora MySQL as the database.

C.

Use Amazon RDS for MySQL as the database.

D.

Use Amazon ElastiCache as the caching layer.

E.

Use Amazon DynamoDB Accelerator (DAX) as the caching layer.

Full Access
Question # 58

A solution architect is designing an application for a two-step order across. The first step is synhronous and must return to the user with little latency. The second step takes longer so it will be implemented in a separate component. Orders must be processed exacity once and in the order in which they are received.

How should the solutions architect integrate these components?

A.

Use Amazon SQS FIFO queues

B.

Use an AWS Lambda function along with Amazon SQS standard queues.

C.

Create an SNS topic and subscribe an Amazon SQS FIFO queue to that topic.

D.

Create an SNS topic subscribe an Amazon SQS Standard queue to that topic.

Full Access
Question # 59

A company designed a stateless two-tier application that uses Amazon EC2 in a single Availability Zone and an Amazon RDS Multi-AZ DB instance. New company management wants to ensure the application is highly available.

What should a solutions architect do to meet this requirement?

A.

Configure the application to use Multi-AZ EC2 Auto Scaling and create an Application Load Balancer.

B.

Configure the application to take snapshots of the EC2 instances and send them to a different AWS Regan

C.

Configure the application to use Amazon Route 53 latency-based routing to feed requests to the application.

D.

Configure Amazon Route S3 rules to handle incoming requests and create a Multi-AZ Application Load Balancer.

Full Access
Question # 60

A company performs monthly maintenance on its AWS infrastructure. During these maintenance activities, the company needs to rotate the credentials tor its Amazon ROS tor MySQL databases across multiple AWS Regions

Which solution will meet these requirements with the LEAST operational overhead?

A.

Store the credentials as secrets in AWS Secrets Manager Use multi-Region secret replication for the required Regions Configure Secrets Manager to rotate the secrets on a schedule

B.

Store the credentials as secrets in AWS Systems Manager by creating a secure string parameter Use multi-Region secret replication for the required Regions Configure Systems

C.

Manager to rotate the secrets on a schedule

D.

Store the credentials in an Amazon S3 bucket that has server-side encryption (SSE) enabled Use Amazon EventBridge (Amazon CloudWatch Events) to invoke an AWS Lambda function to rotate the credentials

E.

Encrypt the credentials as secrets by using AWS Key Management Service (AWS KMS) multi-Region customer managed keys Store the secrets in an Amazon DynamoDB global table Use an AWS Lambda function to retrieve the secrets from DynamoDB Use the RDS API to rotate the secrets.

Full Access
Question # 61

A business's backup data totals 700 terabytes (TB) and is kept in network attached storage (NAS) at its data center. This backup data must be available in the event of occasional regulatory inquiries and preserved for a period of seven years. The organization has chosen to relocate its backup data from its on-premises data center to Amazon Web Services (AWS). Within one month, the migration must be completed. The company's public internet connection provides 500 Mbps of dedicated capacity for data transport.

What should a solutions architect do to ensure that data is migrated and stored at the LOWEST possible cost?

A.

Order AWS Snowball devices to transfer the data. Use a lifecycle policy to transition the files to Amazon S3 Glacier Deep Archive.

B.

Deploy a VPN connection between the data center and Amazon VPC. Use the AWS CLI to copy the data from on premises to Amazon S3 Glacier.

C.

Provision a 500 Mbps AWS Direct Connect connection and transfer the data to Amazon S3. Use a lifecycle policy to transition the files to Amazon S3 Glacier Deep Archive.

D.

Use AWS DataSync to transfer the data and deploy a DataSync agent on premises. Use the DataSync task to copy files from the on-premises NAS storage to Amazon S3 Glacier.

Full Access
Question # 62

A company is migrating to the AWS Cloud. A file server is the first workload to migrate Users must be able to access the file share using the Server Message Block (SMB) protocol.

Which AWS managed service meets these requirements?

A.

Amazon EBS

B.

Amazon EC2

C.

Amazon FSx

D.

Amazon S3

Full Access
Question # 63

A meteorological startup company has a custom web application to sell weather data to its users online. The company uses Amazon DynamoDB to store is data and wants to bu4d a new service that sends an alert to the managers of four Internal teams every time a new weather event is recorded. The company does not want true new service to affect the performance of the current application

What should a solutions architect do to meet these requirement with the LEAST amount of operational overhead?

A.

Use DynamoDB transactions to write new event data to the table Configure the transactions to notify internal teams.

B.

Have the current application publish a message to four Amazon Simple Notification Service (Amazon SNS) topics. Have each team subscribe to one topic.

C.

Enable Amazon DynamoDB Streams on the table. Use triggers to write to a mingle Amazon Simple Notification Service (Amazon SNS) topic to which the teams can subscribe.

D.

Add a custom attribute to each record to flag new items. Write a cron job that scans the table every minute for items that are new and notifies an Amazon Simple Queue Service (Amazon SOS) queue to which the teams can subscribe.

Full Access
Question # 64

A company is using Amazon Route 53 latency-based routing to route requests to its UDP-based application for users around the world. The application is hosted on redundant servers in the company's on-premises data centers in the United States. Asia, and Europe. The company's compliance requirements state that the application must be hosted on premises The company wants to improve the performance and availability of the application

What should a solutions architect do to meet these requirements?

A.

A Configure three Network Load Balancers (NLBs) in the three AWS Regions to address the on-premises endpoints Create an accelerator by using AWS Global Accelerator, and register the NLBs as its endpoints. Provide access to the application by using a CNAME that points to the accelerator DNS

B.

Configure three Application Load Balancers (ALBs) in the three AWS Regions to address the on-premises endpoints. Create an accelerator by using AWS Global Accelerator and register the ALBs as its endpoints Provide access to the application by using a CNAME that points to the accelerator DNS

C.

Configure three Network Load Balancers (NLBs) in the three AWS Regions to address the on-premises endpoints In Route 53. create a latency-based record that points to the three NLBs. and use it as an origin for an Amazon CloudFront distribution Provide access to the application by using a CNAME that points to the CloudFront DNS

D.

Configure three Application Load Balancers (ALBs) in the three AWS Regions to address the on-premises endpoints In Route 53 create a latency-based record that points to the three ALBs and use it as an origin for an Amazon CloudFront distribution- Provide access to the application by using a CNAME that points to the CloudFront DNS

Full Access
Question # 65

A company is managing health records on-peruses. The company must keep these records Indefinitely, disable any modifications to the records once they are stored, and granularly audit access at all levels. The chief technology officer (CTO) is concerned because there are already millions of record not being used by any application, and the current infrastructure is running out of space. The CTO has requested solutions architect design a solution to move easting data and support future records.

Which services can the solutions architect recommend to meet these requirements?

A.

Use AWS DataSync to move existing data to AWS Use Amazon S3 to store existing and new data Enable Amazon S3 object lock and enable AWS CloudTrail with data events

B.

Use AWS Storage Gateway to move existing data to AWS Use Amazon S3 to store existing and new data Enable Amazon S3 object lock and enable AWS CloudTrail with management events

C.

Use AWS DataSync to move exiting data to AWS Use Amazon S3 to store existing and new data. Enable Amazon S3 object lock and enable AWS CloudTrail with management events.

D.

Use AWS Storage Gateway to move existing data to AWS Use Amazon Elastic Block Stores (Amazon EBS) to store existing and new data. Enable Amazon S3 object lock and enable Amazon S3 server access logging

Full Access
Question # 66

A company is hosting its website on Amazon S3 and is using Amazon CloudFront to cache content The company has an upcoming product launch An employee accidentally published marketing content to the website before the official release of the product The company needs to remove the marketing content from the website as quickly as possible

Which solution will meet these requirements?

A.

Deploy the updated version of the website to another S3 bucket Update the origin for CloudFront

B.

Delete the marketing content in the existing S3 bucket Invalidate the file path in CloudFront

C.

Create a new CloudFront cache policy with a low TTL Associate the new policy with the existing CloudFront distribution

D.

Delete the marketing content in the existing S3 bucket Update the S3 bucket policy to block requests to the file path

Full Access
Question # 67

A company needs to save the results from a medical trial to an Amazon S3 repository. The repository must allow a few scientists to add new dies and must restrict all other users to read-only access No users can have the ability to modify or delete any files in the repository. The company must heap every lie in the repository for a minimum of 1 year after its creation date.

Which solution will meet these requirements?

A.

Use S3 Object Lock In governance mode with a legal hold of 1 year

B.

Use S3 Object Lock in compliance mode with a retention period of 365 days.

C.

Use an IAM role to restrict all users from deleting or changing objects in the S3 bucket Use an S3 bucket policy to only allow the IAM role

D.

Configure the S3 bucket to invoke an AWS Lambda function every tune an object is added Configure the function to track the hash of the saved object to that modified objects can be marked accordingly

Full Access
Question # 68

A solutions architect is implementing a document review application using an Amazon S3 bucket for storage. The solution must prevent accidental deletion of the documents and ensure that all versions of the documents are available Users must be able to download, modify, and upload documents.

Which combination of actions should be taken to meet these requirements? (Select TWO.)

A.

Enable a read-only bucket ACL

B.

Enable versioning on the bucket.

C.

Attach an IAM policy to the bucket

D.

Enable MFA Delete on the bucket.

E.

Encrypt the bucket using AWS KMS.

Full Access
Question # 69

A company runs an online marketplace web application on AWS. The application serves hundreds of thousands of users during peak hours. The company needs a scalable, near-real-time solution to share the details of millions of financial transactions with several other internal applications Transactions also need to be processed to remove sensitive data before being stored in a document database for low-latency retrieval.

What should a solutions architect recommend to meet these requirements?

A.

Store the transactions data into Amazon DynamoDB Set up a rule in DynamoDB to remove sensitive data from every transaction upon write Use DynamoDB Streams to share the transactions data with other applications

B.

Stream the transactions data into Amazon Kinesis Data Firehose to store data in Amazon DynamoDB and Amazon S3 Use AWS Lambda integration with Kinesis Data Firehose to remove sensitive data. Other applications can consume the data stored in Amazon S3

C.

Stream the transactions data into Amazon Kinesis Data Streams Use AWS Lambda integration to remove sensitive data from every transaction and then store the transactions data in Amazon DynamoDB Other applications can consume the transactions data off the Kinesis data stream.

D.

Store the batched transactions data in Amazon S3 as files. Use AWS Lambda to process every file and remove sensitive data before updating the files in Amazon S3 The Lambda function then stores the data in Amazon DynamoDB Other applications can consume transaction files stored in Amazon S3.

Full Access
Question # 70

A company has an application that generates a large number of files, each approximately 5 MB in size. The files are stored in Amazon S3. Company policy requires the files to be stored for 4 years before they can be deleted Immediate accessibility is always required as the files contain critical business data that is not easy to reproduce. The files are frequently accessed in the first 30 days of the object creation but are rarely accessed after the first 30 days

Which storage solution is MOST cost-effective?

A.

Create an S3 bucket lifecycle policy to move Mm from S3 Standard to S3 Glacier 30 days from object creation Delete the Tiles 4 years after object creation

B.

Create an S3 bucket lifecycle policy to move tiles from S3 Standard to S3 One Zone-infrequent Access (S3 One Zone-IA] 30 days from object creation. Delete the fees 4 years after object creation

C.

Create an S3 bucket lifecycle policy to move files from S3 Standard-infrequent Access (S3 Standard -lA) 30 from object creation. Delete the ties 4 years after object creation

D.

Create an S3 bucket Lifecycle policy to move files from S3 Standard to S3 Standard-Infrequent Access (S3 Standard-IA) 30 days from object creation Move the files to S3 Glacier 4 years after object carton.

Full Access
Question # 71

A solutions architect Is designing a new API using Amazon API Gateway that will receive requests from users. The volume of requests is highly variable: several hours can pass without receiving a single request. The data processing will take place asynchronously, but should be completed within a few seconds after a request la made.

Which compute service should the solutions architect have the API invoke to deliver the requirements at the lowest cost?

A.

An AWS Glue job

B.

An AWS Lambda function

C.

A containerized service hosted in Amazon Elastic Kubemetes Service {Amazon EKS)

D.

A containerized service hosted in Amazon ECS with Amazon EC2

Full Access
Question # 72

A company has a mutt-tier application deployed on several Amazon EC2 instances m an Auto Scaling group. An Amazon RDS for Oracle instance is the application’s data layer that uses Oracle-specific

PL/'SQL functions. Traffic to the application has been steadily Increasing. This is causing the EC2 instances to become overloaded and the RDS instance to run out of storage. The Auto Scaling group does not have any scaling metrics and defines the minimum healthy instance count only. The company predicts that traffic will continue to increase at a steady but unpredictable rate before levelling off.

What should a solutions architect do to ensure the system can automatically scale for the increased traffic? (Select TWO.)

A.

Configure storage Auto Scaling on the RDS for Oracle Instance.

B.

Migrate the database to Amazon Aurora to use Auto Scaling storage.

C.

Configure an alarm on the RDS for Oracle Instance for low free storage space

D.

Configure the Auto Scaling group to use the average CPU as the scaling metric

E.

Configure the Auto Scaling group to use the average free memory as the seeing metric

Full Access
Question # 73

An image-processing company has a web application that users use to upload images. The application uploads the images into an Amazon S3 bucket. The

company has set up S3 event notifications to publish the object creation events to an A company has a service that produces event queue. The SQS queue serves as the event source for an AWS Lambda function that processes the images and sends the results to users through email.

Users report that they are receiving multiple email messages for every uploaded image. A solutions architect determines that SQS messages are invoking the Lambda function more than once, resulting in multiple email messages.

What should the solutions architect do to resolve this issue with the LEAST operational overhead?

A.

Set up long polling in the SQS queue by increasing the ReceiveMessage wait time to 30 seconds.

B.

Change the SQS standard queue to an SQS FIFO queue. Use the message deduplication ID to discard duplicate messages.

C.

Increase the visibility timeout in the SQS queue to a value that is greater than the total of the function timeout and the batch window timeout.

D.

Modify the Lambda function to delete each message from the SQS queue immediately after the message is read before processing.

Full Access
Question # 74

A company wants to use an AWS Region as a disaster recovery location for its on-premises infrastructure. The company has 10 TB of existing data and the on-premises data center has a 1Gbps internet connection A solution architect must find a solution so the company can have its existing data on AWS in 72 hours without transmitting it using an unencrypted channel.

Which solution should the solutions architect

select

A.

Send the initial 10 TB of data to AWS using FTP.

B.

Send the initial 10 TB of data lo AWS using AWS Snowball.

C.

Establish a VPN connection between Amazon VPC and the company's data center

D.

Establish an AWS Direct Connect connection between Amazon VPC and the company's data canter

Full Access
Question # 75

A company has an application that scans millions of connected devices for security threats and pushes the scan logs to an Amazon S3 bucket. A total of 70 GB of data is generated each week, and the company needs to store 3 years of data for historical reporting. The company must process aggregate, and enrich the data from Amazon S3 by performing complex analytical queries and joins in the least amount of time The aggregated dataset is visualized on an Amazon QuickSight dashboard.

What should a solutions architect recommend to meet these requirements?

A.

Create and run an ETL job in AWS Glue to process the data from Amazon S3 and load it into Amazon Redshift Perform the aggregation queries on Amazon Redshift

B.

Use AWS Lambda functions based on S3 PutObject event triggers to copy the incremental changes to Amazon DynamoDB Perform the aggregation queries on DynamoDB.

C.

Use AWS Lambda functions based on S3 PutObject event triggers to copy the incremental changes to Amazon Aurora MySQL Perform the aggregation queries on Aurora MySQL.

D.

Use AWS Glue to catalog the data in Amazon S3. Perform the aggregation queries on the cataloged tables by using Amazon Athena Query the data directly from Amazon S3

Full Access
Question # 76

A company collects 10 GB of telemetry data dairy from various machines. The company stores the data in an Amazon S3 bucket in a source data account.

The company has hired several consuming agencies to use this data for analysis. Each agency needs read access to the data for its analysis. The company must share the data from tie source data account by choosing a solution that maximizes security and operational efficiency. Which solution will meet these requirements?

A.

Configure S3 global tables to replicate data tor each agency

B.

Make the S3 bucket public for a limited time Inform only the agencies

C.

Configure cross-account access for the S3 bucket to the accounts that the agencies own.

D.

Set up an IAM user for each analyst In the source data account Grant each user access to the S3 bucket

Full Access
Question # 77

An entertainment company is using Amazon DynamoDB to store media metadata. The application Is read intensive and experience delays The company does not have staff to handle additional operational overhead and needs to Improve the performance efficiency of DynamoDB without reconfiguring the application

What should a solutions architect recommend to meet this requirement?

A.

Use Amazon ElastiCache for Redis

B.

Use Amazon DynamoDB Accelerator (DAX).

C.

Replicate data by using DynamoDB global tables

D.

Use Amazon ElasoCache for Merncached with Auto Discovery enabled

Full Access
Question # 78

A company is running an application on AWS to process weather sensor data that is stored in an Amazon S3 bucket. Three batch jobs run hourly to process the data in the S3 bucket for different purposes. The company wants to reduce the overall processing time by running. The three applications in parallel using an event-based approach.

What should a solutions architect do to meet these requirements?

A.

Enable S3 Event Notifications for new objects to an Amazon Simple Queue Service (Amazon SOS) FIFO queue Subscribe al applications to the queue for processing.

B.

Enable S3 Event Notifications for new objects to an Amazon Simple Queue Service (Amazon SOS) standard queue Create an additional SOS queue for all applications, and subscribe all applications to the meal queue for processing.

C.

Enable S3 Event Notifications for new objects to separate Amazon Simple Queue Service (Amazon SOS) FIFO queues Create an additional SOS queue (or each application and subscribe each queue to the initial topic for processing

D.

Enable S3 Event Notifications tor new objects to an Amazon Simple Notification Service (Amazon SNS) topic. Create an Amazon Simple Queue Service (Amazon SOS) queue for each application, and subscribe each queue to the topic for processing

Full Access
Question # 79

A business application is hosted on Amazon EC2 and uses Amazon S3 for encrypted object storage. The chief information security officer has directed that no application traffic between the two services should traverse the public internet.

Which capability should the solutions architect use to meet the compliance requirements?

A.

AW3 Key Management Service (AWS KMS)

B.

VPC endpoint

C.

Private subnet

D.

Virtual private gateway

Full Access
Question # 80

A company develops web applications. As part of its development process, the company constantly launches and deletes Application Load Balancers (ALBs) in multiple AWS Regions.

The company wants to create an allow list on its firewall device. The allow list will contain the IP addresses of an the load balancers. A solutions architect needs a one-line, highly available solution that will accomplish that goal and will help reduce the number of IP addresses that the firewall needs to allow.

Which solution will meet these requirements with the LEAST amount of operational overhead?

A.

Create an AWS Lambda function to keep track of the IP addressee tor al the ALBs in different Regions. Keep refreshing this list.

B.

Set up a Network Load Balancer (NLB) with Elastic IP addresses Register the private IP addresses of all the ALBs as targets for the NLB

C.

Launch AWS Global Accelerator Create endpoints for each of the Regions that are m use. Register all the ALBs in the Regions to the corresponding endpoints.

D.

Set up an Amazon EC2 Instance Assign an Elastic IP address to the EC2 instance. Configure the EC2 instance as a proxy to forward traffic to all the ALBs

Full Access
Question # 81

A company uses an application to present metrics from sporting events to the public. The application must scale quickly during live events and must store these metrics for log-term reporting purposes. The company’s architecture includes the following:

* Amazon EC2 instances that run in an Auto Scaling group in private subnets

* A network Load Balancer That runs in public subnets

* A MongoDB database cluster that runs across multiple EC2 instances

A solutions architect must implement a solution that minimizes operational overhead The solution alto must be able to Kale automatically. What should the solutions architect set up to meet these requirements?

A.

An Amazon DynamoDB database

B.

An Amazon ROS for MySQL D6 instance

C.

EC2 instances that run MySQL

D.

Amazon Redshift

Full Access
Question # 82

An ecommerce company is running a multi-tier application on AWS. The front-end and backend tiers run on Amazon EC2, and the database runs on Amazon RDS for MYSQL. The backend tier communities with the RDS instance. There are frequent calls to return identical database from the database that are causing performance slowdowns.

Which action should be taken to improve the performance of the backend?

A.

Implement Amazon SNS to store the database calls.

B.

Implement Amazon ElasticCache to cache the large database.

C.

Implement an RDS for MySQL read replica to cache database calls.

D.

Implement Amazon Kinesis Data Firehose to stream the calls to the database.

Full Access
Question # 83

A company is rebelling its data canter and wants to securely transfer 50 TB of data lo AWS *ilhm 2 weeks. The existing data center has a Site-to-Site VPN connection to AWS that is 90 % utilized

Which AWS service should a solutions architect use to meet these requirements?

A.

AWS DataSync with a VPC endpoint

B.

AWS Direct Conned

C.

AWS Snowball Edge Storage Optimized

D.

AWS Storage Gateway

Full Access
Question # 84

A customer is running an application on Amazon EC2 instances hosted in a private subnet of a VPC. The EC2 instances are configured in an Auto Scaling group behind an Elastic Load Balancer (ELB). The EC2 instances use a NAT gateway outbound internet access However, the EC2 instances are not able to connect to the public internet to download software updates.

A.

The ELB is not configured with a proper health check.

B.

The route tables in the VPC are configured incorrectly.

C.

The EC2 instances are not associated with an Elastic IP address.

D.

The security group attached to the NAT gateway is configured incorrectly.

E.

The outbound rules on the security group attachment to the EC2 instances are configured incorrectly.

Full Access
Question # 85

A company is performing an AWS Well-Architected Framework review of an existing workload deployed on AWS The review Identified a public-facing website running on the same Amazon EC2 instance as a Microsoft Active Directory domain controller that was installed recently to support other AWS services A solutions architect needs to recommend a new design that would improve the security of the architecture and minimize the administrative demand on IT staff

What should the solutions architect recommend?

A.

Use AWS Directory Service to create a managed Active Directory Uninstall Active Directory on the current EC2 instance

B.

Create another EC2 instance in the same subnet and reinstall Active Directory on it Uninstall Active Directory on the current EC2 instance

C.

Use AWS Directory Service to create an Active Directory connector Proxy Active Directory requests to the Active Directory domain controller running on the current EC2 instance

D.

Enable AWS Single Sign-On (AWS SSO) with Security Assertion Markup Language (SAML) 2 0 federation with the current Active Directory controller Modify the EC2 instance's security group to deny public access to Active Directory

Full Access
Question # 86

A solution architect is designing he architect of a new application being deployed to the AWS Cloud. The application will run on Amazon EC2 On-Demand instances and will automatically scale across multiple Availability Zones. The EC2 instances will scale up and down frequently the day. An

Application load balancer (ALB) will handle the load distribution. The architecture needs to support distributed session data management. The company is willing to make charges to code if needed.

What should the solutions architect do to ensure that the architecture supports distributed session data management?

A.

Use Amazon ElastiCache to manage and store session data.

B.

Use session affinity (sticky sessions) of the ALB to manage session data.

C.

Use Session Manager from AWS Systems Manager to manage the session.

D.

Use the GetSessionToken API operation in AWS Security Token Service (AWS STS) to manage the session.

Full Access
Question # 87

A company has an AWS Lambda function that needs read access to an Amazon S3 bucket that is located in the same AWS account. Which solution will meet these requirement in the MOST secure manner?

A.

Apply an S3 bucket pokey that grants road access to the S3 bucket

B.

Apply an IAM role to the Lambda function Apply an IAM policy to the role to grant read access to the S3 bucket

C.

Embed an access key and a secret key In the Lambda function's coda to grant the required IAM permissions for read access to the S3 bucket

D.

Apply an IAM role to the Lambda function. Apply an IAM policy to the role to grant read access to all S3 buckets In the account

Full Access
Question # 88

A company hosts its static website content from an Amazon S3 bucket in the us-east-1 Region Content is made available through an Amazon CloudFront origin pointing to that bucket Cross-Region replication is set up to create a second copy of the bucket in the ap-southeast-1 Region Management wants a solution that provides greater availability for the website

Which combination of actions should a solutions architect take to increase availability'? (Select TWO.

A.

Add both buckets to the CloudFront origin

B.

Configure failover routing in Amazon Route 53

C.

Create a record in Amazon Route 53 pointing to the replica bucket

D.

Create an additional CloudFront origin pointing to the ap-southeast-1 bucket

E.

Set up a CloudFront origin group with the us-east-1 bucket as the primary and the ap-southeast-1 bucket as the secondary

Full Access
Question # 89

A solutions architect is creating an application that will handle batch processing of large amounts of data The input data will be held in Amazon S3 and the output data will be stored in a different S3 bucket For processing, the application will transfer the data over the network between multiple Amazon EC2 instances

What should the solutions architect do to reduce the overall data transfer costs?

A.

Place ail the EC2 instances in an Auto Scaling group

B.

Place all the EC2 instances in the same AWS Region

C.

Place ail the EC2 instances in the same Availability Zone

D.

Place all the EC2 Instances in private subnets in multiple Availability Zones

Full Access
Question # 90

A company has a production web application in which users upload documents through a web interlace or a mobile app. According to a new regulatory requirement, new documents cannot be modified or deleted after they are stored.

What should a solutions architect do to meet this requirement?

A.

Store the uploaded documents in an Amazon S3 bucket with S3 Versioning and S3 Object Lock enabled

B.

Store the uploaded documents in an Amazon S3 bucket. Configure an S3 Lifecycle policy to archive the documents periodically.

C.

Store the uploaded documents in an Amazon S3 bucket with S3 Versioning enabled Configure an ACL to restrict all access to read-only.

D.

Store the uploaded documents on an Amazon Elastic File System (Amazon EFS) volume. Access the data by mounting the volume in read-only mode.

Full Access
Question # 91

A weather forecasting company needs to process hundreds of gigabytes of data with sub-mill (second latency. The company has a high performance computing (HPC) environment in its data center and wants to expand its forecasting capabilities

A solutions architect must identify a highly available cloud storage solution that can handle large amounts of sustained throughput Files that are stored in the solution should be accessible to thousands of compute instances that will simultaneously access and process the entire dataset

What should the solutions architect do to meet these requirements?

A.

Use Amazon FSx for Lustre scratch file systems.

B.

Use Amazon FSx for Lustre persistent file systems

C.

Use Amazon Elastic File System (Amazon EFS) with Bursting Throughput mode

D.

Use Amazon Elastic File System (Amazon EFS) with Provisioned Throughput mode

Full Access
Question # 92

A company runs a web-based portal that provides users with global breaking news local alerts, and weather updates The portal delivers each user a personalized view by using a mixture of static and dynamic content Content is served over HTTPS through an API server running on an Amazon EC2 instance behind an Application Load Balancer (ALB) The company wants the portal to provide this content to its users across the world as quickly as possible

How should a solutions architect design the application to ensure the LEAST amount of latency for all users?

A.

Deploy the application stack in a single AWS Region Use Amazon CloudFront to serve all static and dynamic content by specifying the ALB as an origin

B.

Deploy the application stack in two AWS Regions Use an Amazon Route 53 latency routing policy to serve all content from the ALB in the closest Region

C.

Deploy the application stack in a single AWS Region Use Amazon CloudFront to serve the static content Serve the dynamic content directly from the ALB

D.

Deploy the application stack in two AWS Regions Use an Amazon Route 53 geolocation routing policy to serve all content from the ALB in the closest Region

Full Access
Question # 93

A company needs the ability to analyze the log files of its proprietary application. The logs are stored in JSON format in an Amazon S3 bucket Queries will be simple and will run on-demand A solutions architect needs to perform the analysis with minimal changes to the existing architecture

What should the solutions architect do to meet these requirements with the LEAST amount of operational overhead?

A.

Use Amazon Redshift to load all the content into one place and run the SQL queries as needed

B.

Use Amazon CloudWatch Logs to store the logs Run SQL queries as needed from the Amazon CloudWatch console

C.

Use Amazon Athena directly with Amazon S3 to run the queries as needed

D.

Use AWS Glue to catalog the logs Use a transient Apache Spark cluster on Amazon EMR to run the SQL queries as needed

Full Access
Question # 94

A company has an on-premises application that collects data and stores it to an on-premises NFS server The company recently set up a 10 Gbps AWS Direct Connect connection The

company is running out of storage capacity on premises. The company needs to migrate the application data from on premises to the AWS Cloud while maintaining low-latency access to the data from the on-premises application

What should a solutions architect do to meet these requirements?

A.

Deploy AWS Storage Gateway for the application data and use the file gateway to store the data in Amazon S3 Connect the on-premises application servers to the file gateway using NFS

B.

Attach an Amazon Elastic File System (Amazon EFS) file system to the NFS server and copy the application data to the EFS file system. Then connect the on-premises application to Amazon EFS

C.

Configure AWS Storage Gateway as a volume gateway Make the application data available to the on-premises application from the NFS server and with Amazon Elastic Block Store {Amazon EBS) snapshots

D.

Create an AWS DataSync agent with the NFS server as the source location and an Amazon Elastic File System (Amazon EFS) file system as the destination for application data transfer Connect the on-premises application to the EFS file system

Full Access
Question # 95

A company has a web application with sporadic usage patterns There is heavy usage at the beginning of each month moderate usage at the start of each week and unpredictable usage during the week The application consists of a web server and a MySQL database server running inside the data center The company would like to move the application to the AWS Cloud and needs to select a cost-effective database platform that will not require database modifications

Which solution will meet these requirements?

A.

Amazon DynamoDB

B.

Amazon RDS for MySQL

C.

MySQL-compatible Amazon Aurora Serverless

D.

MySQL deployed on Amazon EC2 in an Auto Scaling group

Full Access
Question # 96

A security learn needs to enforce the rotation of all IAM users' access keys every 90 days If an access key Is found to be older, the key must be made inactive and removed A solutions architect must create a solution that will check for and remediate any keys older than 90 days

Which solution meets these requirements with the LEAST operational effort?

A.

Create an AWS Config rule to check for the key age Configure the AWS Config rule to run an AWS Batch job to remove the key

B.

Create an Amazon EventBridge (Amazon CloudWatch Events) rule to check for the key age Configure the rule to run an AWS Batch job to remove the key

C.

Create an AWS Config rule to check for the key age Define an Amazon EventBridge (Amazon CloudWatch Events) rule to schedule an AWS Lambda function to remove the key

D.

Create an Amazon EventBridge (Amazon CloudWatch Events) rule to check for the key age Define an EventBridge (CloudWatch Events) rule to run an AWS Batch job to remove the key

Full Access
Question # 97

A company runs an application using Amazon ECS. The application creates resized versions of an original Image and then makes Amazon S3 API calls to store the resized images in Amazon S3

How can a solutions architect ensure that the application has permission to access Amazon S3?

A.

Update the S3 role in AWS IAM to allow read/write access from Amazon ECS and then relaunch the container.

B.

Create an IAM role with S3 permissions and then specify that role as the taskRoleArn in the task definition.

C.

Create a security group that allows access from Amazon ECS to Amazon S3 and update the launch configuration used by the ECS cluster.

D.

Create an IAM user with S3 permissions, and then relaunch the Amazon EC2 instances for the ECS cluster while logged in as this account.

Full Access
Question # 98

A solutions architect is optimizing a website for an upcoming musical event Videos of the performances will be streamed in real time and then will be available on demand The event is

expected to attract a global online audience

Which service will improve the performance of both the real-time and on-demand streaming?

A.

Amazon CloudFront

B.

AWS Global Accelerator

C.

Amazon Route 53

D.

Amazon S3 Transfer Acceleration

Full Access
Question # 99

A company has a Windows-based application that must be migrated to AWS. The application requires the use of a shared Windows Me system attached to multiple Amazon EC2 Windows instances that are deployed across multiple Availability Zones

What should a solutions architect do to meet this requirement?

A.

Configure AWS Storage Gateway in volume gateway mode Mount the volume to each Windows instance

B.

Configure Amazon FSx for Windows File Server Mount the Amazon FSx file system to each Windows instance

C.

Configure a file system by using Amazon Elastic File System (Amazon EFS) Mount the EPS file system to each Windows instance

D.

Configure an Amazon Elastic Block Store (Amazon EBS) volume with the required size Attach each EC2 instance to the volume Mount the file system within the volume to each Windows instance

Full Access
Question # 100

A company receives structured and semi-structured data from various sources once every day A solutions architect needs to design a solution that leverages big data processing frameworks The data should be accessible using SQL queries and business intelligence tools

What should the solutions architect recommend to build the MOST high-performing solution**

A.

Use AWS Glue to process data and Amazon S3 to store data

B.

Use Amazon EMR to process data and Amazon Redshift to store data

C.

Use Amazon EC2 to process data and Amazon Elastic Block Store (Amazon EBS) to store data

D.

Use Amazon Kinesis Data Analytics to process data and Amazon Elastic File System (Amazon EFS) to store data

Full Access
Question # 101

A startup company is using me AWS Cloud to develop a traffic control monitoring system for a large city The system must be highly available and must provide near-real-time results for residents and city officials even during peak events

Gigabytes of data will come in daily from loT devices that run at intersections and freeway ramps across the city The system must process the data sequentially to provide the correct timeline However results need to show only what has happened in the last 24 hours.

Which solution will meet these requirements MOST cost-effectively?

A.

Deploy Amazon Kinesis Data Firehose to accept incoming data from the loT devices and write the data to Amazon S3 Build a web dashboard to display the data from the last 24 hours

B.

Deploy an Amazon API Gateway API endpoint and an AWS Lambda function to process incoming data from the loT devices and store the data in Amazon DynamoDB Build a web dashboard to display the data from the last 24 hours

C.

Deploy an Amazon API Gateway API endpoint and an Amazon Simple Notification Service (Amazon SNS) tope to process incoming data from the loT devices Write the data to Amazon Redshift Build a web dashboard to display the data from the last 24 hours

D.

Deploy an Amazon Simple Queue Service (Amazon SOS) FIFO queue and an AWS Lambda function to process incoming data from the loT devices and store the data in an Amazon RDS DB instance Build a web dashboard to display the data from the last 24 hours

Full Access
Question # 102

A company hosts more than 300 global websites and applications. The company requires a platform to analyze more than 30 TB of clickstream data each day.

What should a solutions architect do to transmit and process the clickstream data?

A.

Design an AWS Data Pipeline to archive the data to an Amazon S3 bucket and run an Amazon EMR duster with the data to generate analytics

B.

Create an Auto Scaling group of Amazon EC2 instances to process the data and send it to an Amazon S3 data lake for Amazon Redshift to use tor analysis

C.

Cache the data to Amazon CloudFron: Store the data in an Amazon S3 bucket When an object is added to the S3 bucket, run an AWS Lambda function to process the data tor analysis.

D.

Collect the data from Amazon Kinesis Data Streams. Use Amazon Kinesis Data Firehose to transmit the data to an Amazon S3 data lake Load the data in Amazon Redshift for analysis

Full Access
Question # 103

A company plans to store sensitive user data on Amazon S3 internal security compliance requirement mandate encryption of data before secured it to Amazon S3.

What should a solutions architect recommend to safely these requirements?

A.

Server-side encryption with customer-provided encryption keys.

B.

Client-side encryption with Amazon S3 managed encryption keys.

C.

Service-side encryption with keys stored in AWS Management Service (AWS KMS)

D.

Client-side encryption with a master stored in AWS Management Service (AWS KMS)

Full Access
Question # 104

A company is hosting a three-tier ecommerce application in the AWS Cloud. The company hosts the website on Amazon S3 and integrates the website with an API that handles sales requests. The company hosts the API on three Amazon EC2 instances behind an Application Load Balancer (ALB). The API consists of static and dynamic front-end content along with backend workers that process sales requests asynchronously.

The company is expecting a significant and sudden increase in the number of sales requests during events for the launch of new products

What should a solutions architect recommend to ensure that all the requests are processed successfully?

A.

Add an Amazon CloudFront distribution for the dynamic content. Increase the number of EC2 instances to handle the increase in traffic.

B.

Add an Amazon CloudFront distribution for the static content. Place the EC2 instances in an Auto Scaling group to launch new instances based on network traffic.

C.

Add an Amazon CloudFront distribution for the dynamic content. Add an Amazon ElastiCache instance in front of the ALB to reduce traffic for the API to handle.

D.

Add an Amazon CloudFront distribution for the static content. Add an Amazon Simple Queue Service (Amazon SOS) queue to receive requests from the website for later processing by the EC2 instances.

Full Access
Question # 105

A company has an automobile sales website that stores its listings in a database on Amazon RDS When an automobile is sold the listing needs to be removed from the website and the data must be sent to multiple target systems.

Which design should a solutions architect recommend?

A.

Create an AWS Lambda function triggered when the database on Amazon RDS is updated to send the information to an Amazon Simple Queue Service (Amazon SQS> queue for the targets to consume

B.

Create an AWS Lambda function triggered when the database on Amazon RDS is updated to send the information to an Amazon Simple Queue Service (Amazon SQS) FIFO queue for the targets to consume

C.

Subscribe to an RDS event notification and send an Amazon Simple Queue Service (Amazon SQS) queue fanned out to multiple Amazon Simple Notification Service (Amazon SNS) topics Use AWS Lambda functions to update the targets

D.

Subscribe to an RDS event notification and send an Amazon Simple Notification Service (Amazon SNS) topic fanned out to multiple Amazon Simple Queue Service (Amazon SQS) queues Use AWS Lambda functions to update the targets

Full Access
Question # 106

A solutions architect is designing the storage architecture tor a new web application used for storing and viewing engineering drawings All application components will be deployed on the AWS infrastructure.

The application design must support caching to minimize the amount of time that users wait for the engineering drawings to load The application must be able to store petabytes of data.

Which combination of storage and caching should the solutions architect use?

A.

Amazon S3 with Amazon CloudFront

B.

Amazon S3 Glacier with Amazon ElastiCache

C.

Amazon Elastic Block Store (Amazon BBS) volumes with Amazon CloudFront

D.

AWS Storage Gateway with Amazon ElastiCache

Full Access
Question # 107

A company has a large Microsoft SharePoint deployment running on-premises that requires Microsoft Windows shared file storage The company wants to migrate this workload to the AWS Cloud and is considering various storage options. The storage solution must be highly available and integrated with Active Directory for access control

Which solution will satisfy these requirements?

A.

Configure Amazon EFS storage and set the Active Directory domain for authentication

B.

Create an SMB Me share on an AWS Storage Gateway tile gateway in two Availability Zones

C.

Create an Amazon S3 bucket and configure Microsoft Windows Server to mount it as a volume

D.

Create an Amazon FSx for Windows File Server file system on AWS and set the Active Directory domain for authentication

Full Access