Copy and Edit

Aws Solutions Architect - Associate (4/5)

Description

Profissionalizante Informática Quiz on Aws Solutions Architect - Associate (4/5), created by Romulo Maciel on 09/08/2020.
Romulo Maciel
Quiz by Romulo Maciel, updated more than 1 year ago
Romulo Maciel
Created by Romulo Maciel almost 4 years ago
913
0
0

Resource summary

Question 1

Question
A company has an application that posts messages to Amazon SQS, another application polls the queue and processes the messages in an l/O-intensive operation. The company has a service level agreement (SLA) that specifies the maximum amount of time that can elapse between receiving the messages and responding to the users. Due to an increase in the number of messages the company has difficulty meeting its SLA consistently. What should a solutions architect do to help improve the application's processing time and ensure it can handle the load at any level?
Answer
  • A. Create an Amazon Machine Image (AMI) from the instance used for processing Terminate the instance and replace it with a larger size.
  • B. Create an Amazon Machine Image (AMI) from the instance used for processing Terminate the instance and replace it with an Amazon EC2 Dedicated Instance.
  • C. Create an Amazon Machine image (AMI) from the instance used for processing Create an Auto Scaling group using this image in its launch configuration Configure the group with a target tracking policy to keep us aggregate CPU utilization below 70%.
  • D. Create an Amazon Machine Image (AMI) from the instance used for processing Create an Auto Scaling group using this image in its launch configuration Configure the group with a target tracking policy based on the age of the oldest message in the SQS queue.

Question 2

Question
A company is planning to deploy an Amazon RDS DB instance running Amazon Aurora. The company has a backup retention policy requirement of 90 days Which solution should a solutions architect recommend?
Answer
  • A. Set the backup retention period to 90 days when creating the RDS DB instance.
  • B. Configure RDS to copy automated snapshots to a user-managed Amazon S3 bucket with a lifecycle policy set to delete after 90 days.
  • C. Create an AWS Backup plan to perform a daily snapshot of the RDS database with the retention set to 90 days Create an AWS Backup job to schedule the execution of the backup plan daily.
  • D. Use a daily scheduled event with Amazon CloudWatch Events to execute a custom AWS Lambda function that makes a copy of the RDS automated snapshot Purge snapshots older than 90 days.

Question 3

Question
A company is using a tape backup solution to store its key application data offsite The daily data volume is around 50 TB The company needs to retain the backups for 7 years for regulatory purposes. The backups are rarely accessed and a week's notice is typically given if a backup needs to be restored. The company is now considering a cloud-based option to reduce the storage costs and operational burden of managing tapes The company also wants to make sure that the transition (rom tape backups to the cloud minimizes disruptions. Which storage solution is MOST cost-effective'?
Answer
  • A. Use Amazon Storage Gateway to back up to Amazon Glacier Deep Archive.
  • B. Use AWS Snowball Edge to directly integrate the backups with Amazon S3 Glacier.
  • C. Copy the backup data to Amazon S3 and create a lifecycle policy to move the data to Amazon S3 Glacier.
  • D. Use Amazon Storage Gateway to back up to Amazon S3 and create a lifecycle policy to move the backup to Amazon S3 Glacier.

Question 4

Question
A company relies on an application that needs at least 4 Amazon EC2 instances during regular traffic and must scale up to 12 EC2 instances during peak loads. The application is critical to the business and must be highly available. Which solution will meet these requirements?
Answer
  • A. Deploy the EC2 instances in an Auto Scaling group Set the minimum to 4 and the maximum to M, with 2 in Availability Zone A and 2 in Availability Zone B.
  • B. Deploy the EC2 instances in an Auto Scaling group Set the minimum to 4 and the maximum to 12, with all 4 in Availability Zone A.
  • C. Deploy the EC2 instances in an Auto Scaling group Set the minimum to 8 and the maximum to 12, with 4 in Availability Zone A and 4 in Availability Zone B.
  • D. Deploy the EC2 instances in an Auto Scaling group Set the minimum to 8 and the maximum to 12 with all 8 in Availability Zone A.

Question 5

Question
A company is planning to migrate its virtual server-based workloads to AWS The company has internet-facing load balancers backed by application servers. The application servers rely on patches from an internet-hosted repository. Which services should a solutions architect recommend be hosted on the public subnet ? (Select TWO.)
Answer
  • A. NAT gateway
  • B. Amazon RDS DB instances
  • C. Application Load Balancers
  • D. Amazon EC2 application servers
  • E. Amazon Elastic File System (Amazon EFS) volumes

Question 6

Question
An application is running on Amazon EC2 instances Sensitive information required for the application is stored in an Amazon S3 bucket. The bucket needs to be protected from internet access while only allowing services within the VPC access to the bucket. Which combination of actions should a solutions archived take to accomplish this'' (Select TWO.)
Answer
  • A. Create a VPC endpoint for Amazon S3.
  • B. Enable server access logging on the bucket
  • C. Apply a bucket policy to restrict access to the S3 endpoint.
  • D. Add an S3 ACL to the bucket that has sensitive information
  • E. Restrict users using the IAM policy to use the specific bucket

Question 7

Question
A solutions architect is designing a multi-Region disaster recovery solution for an application that will provide public API access. The application will use Amazon EC2 instances with a userdata script to load application code and an Amazon RDS for MySQL database. The Recovery Time Objective (RTO) is 3 hours and the Recovery Point Objective (RPO) is 24 hours. Which architecture would meet these requirements at the LOWEST cost?
Answer
  • A. Use an Application Load Balancer for Region failover. Deploy new EC2 instances with the userdata script. Deploy separate RDS instances in each Region.
  • B. Use Amazon Route 53 for Region failover Deploy new EC2 instances with the userdata script Create a read replica of the RDS instance in a backup Region.
  • C. Use Amazon API Gateway for the public APIs and Region failover Deploy new EC2 instances with the userdata script Create a MySQL read replica of the RDS instance in a backup Region.
  • D. Use Amazon Route 53 for Region failover Deploy new EC2 instances with the userdata scnpt for APIs, and create a snapshot of the RDS instance daily for a backup Replicate the snapshot to a backup Region.

Question 8

Question
A solutions architect is designing a new API using Amazon API Gateway that will receive requests from users The volume of requests is highly variable, several hours can pass without receiving a single request The data processing will take place asynchronously but should be completed within a few seconds after a request is made. Which compute service should the solutions architect have the API invoke to deliver the requirements at the lowest cost?
Answer
  • A. An AWS Glue job
  • B. An AWS Lambda function
  • C. A containerized service hosted in Amazon Elastic Kubernetes Service (Amazon EKS).
  • D. A containerized service hosted in Amazon ECS with Amazon EC2.

Question 9

Question
A development team needs to host a website that will be accessed by other teams. The website contents.consist of HTML. CSS, client side JavaScript, and images. Which method is the MOST cost-effective for hosting the website?
Answer
  • A. Containerize the website and host it in AWS Fargate.
  • B. Create an Amazon S3 bucket and host the website there.
  • C. Deploy a web server on an Amazon EC2 instance to host the website.
  • D. Configure an Application Load Balancer with an AWS Lambda target that uses the Express is framework.

Question 10

Question
A company has media and application files that need to be shared internally. Users currently are authenticated using Active Directory and access files from a Microsoft Windows platform. The chief execute officer wants to keep the same user permissions, but wants the company to improve the process as the company is reaching its storage capacity limit. What should a solutions architect recommend?
Answer
  • A. Set up a corporate Amazon S3 bucket and move and media and application files.
  • B. Configure Amazon FSx for Windows File Server and move all the media and application files.
  • C. Configure Amazon Elastic File System (Amazon EFS) and move all media and application files.
  • D. Set up Amazon EC2 on Windows, attach multiple Amazon Elastic Block Store (Amazon EBS) volumes and, and move all media and application files.

Question 11

Question
A company is moving its legacy workload to the AWS Cloud. The workload files will be shared, appended, and frequently accessed through Amazon EC2 instances when they are first created. The files will be accessed occasionally as they age What should a solutions architect recommend?
Answer
  • A. Store the data using Amazon EC2 instances with attached Amazon Elastic Block Store (Amazon EBS) data volumes
  • B. Store the data using AWS Storage Gateway volume gateway and export rarely accessed data to Amazon S3 storage
  • C. Store the data using Amazon Elastic File System (Amazon EFS) with lifecycle management enabled for rarely accessed data
  • D. Store the data using Amazon S3 with an S3 lifecycle policy enabled to move data to S3 Standard- Infrequent Access (S3 Standard-IA)

Question 12

Question
A company is deploying a multi-instance application within AWS that requires minimal latency between the instances. What should a solutions architect recommend?
Answer
  • A. Use an Auto Scaling group with a cluster placement group.
  • B. Use an Auto Scaling group with single Availability Zone in the same AWS Region.
  • C. Use an Auto Scaling group with multiple Availability Zones in the same AWS Region.
  • D. Use a Network Load Balancer with multiple Amazon EC2 Dedicated Hosts as the targets

Question 13

Question
A company receives structured and semi-structured data from various sources once every day A solutions architect needs to design a solution that leverages big data processing frameworks. The data should be accessible using SQL queries and business intelligence tools. What should the solutions architect recommend to build the MOST high-performing solution?
Answer
  • A. Use AWS Glue to process data and Amazon S3 to store data
  • B. Use Amazon EMR to process data and Amazon Redshift to store data
  • C. Use Amazon EC2 to process data and Amazon Elastic Block Store (Amazon EBS) to store data
  • D. Use Amazon Kinesis Data Analytics to process data and Amazon Elastic File System (Amazon EFS) to store data

Question 14

Question
Company is designing a website that uses an Amazon S3 bucket to store static images. The company wants to future requests have taster response times while reducing both latency and cost. Which service configuration should a solutions architect recommend?
Answer
  • A. Deploy a NAT server in front of Amazon S3.
  • B. Deploy Amazon CloudFront in front of Amazon S3.
  • C. Deploy a Network Load Balancer in front of Amazon S3.
  • D. Configure Auto Scaling to automatically adjust the capacity of the website.

Question 15

Question
What should a solutions architect do to ensure that all objects uploaded to an Amazon S3 bucket are encrypted?
Answer
  • A. Update the bucket policy to deny if the PutObject does not have an s3 x-amz-acl header set.
  • B. Update the bucket policy to deny if the PutObject does not have an s3 x-amz-acl header set to private.
  • C. Update the bucket policy to deny if the PutObject does not have an aws SecureTransport header set to true.
  • D. Update the bucket policy to deny if the PutObject does not have an x-amz-server-side-encryption header set.

Question 16

Question
A company runs a high performance computing (HPC) workload on AWS. The workload required low- latency network performance and high network throughput with tightly coupled node-to-node communication. The Amazon EC2 instances are properly sized for compute and storage capacity, and are launched using default options. What should a solutions architect propose to improve the performance of the workload'?
Answer
  • A. Choose a cluster placement group while launching Amazon EC2 instances.
  • B. Choose dedicated instance tenancy while launching Amazon EC2 instances.
  • C. Choose an Elastic Inference accelerator while launching Amazon EC2 instances.
  • D. Choose the required capacity reservation while launching Amazon EC2 instances.

Question 17

Question
A company's dynamic website is hosted using on-premises servers in the United States. The company is launching its product in Europe and it wants to optimize site loading times for new European users. The site's backend must remain in the United States. The product is being launched in a few days, and an immediate solution is needed What should the solutions architect recommend?
Answer
  • A. Launch an Amazon EC2 instance in us-east-1 and migrate the site to it.
  • B. Move the website to Amazon S3 Use cross-Region replication between Regions.
  • C. Use Amazon CloudFront with a custom origin pointing to the on-premises servers
  • D. Use an Amazon Route 53 geoproximity routing policy pointing to on-premises servers.

Question 18

Question
A company is building a media-sharing application and decides to use Amazon S3 for storage. When a media file is uploaded the company starts a multi-step process to create thumbnails, identify objects in the images, transcode videos into standard formats and resolutions and extract and store the metadata to an Amazon DynamoDB table. The metadata is used for searching and navigation. The amount of traffic is variable The solution must be able to scale to handle spikes in load without unnecessary expenses. What should a solutions architect recommend to support this workload?
Answer
  • A. Build the processing into the website or mobile app used to upload the content to Amazon S3 Save the required data to the DynamoDB table when the objects are uploaded.
  • B. Trigger AWS Step Functions when an object is stored in the S3 bucket Have the Step Functions perform the steps needed to process the object and then write the metadata to the DynamoDB table.
  • C. Trigger an AWS Lambda function when an object is stored in the S3 bucket Have the Lambda function start AWS Batch to perform the steps to process the object Place the object data in the DynamoDB table when complete.
  • D. Trigger an AWS Lambda function to store an initial entry in the DynamoDB table when an object is uploaded to Amazon S3. Use a program running on an Amazon EC2 instance in an Auto Scaling group to poll the index for unprocess use the program to perform the processing.

Question 19

Question
A company has recently updated its internal security standards. The company must now ensure all Amazon S3 buckets and Amazon Elastic Block Store (Amazon EBS) volumes are encrypted with keys created and periodically rotated by internal security specialists. The company is looking for a native, software-based AWS service to accomplish this goal. What should a solutions architect recommend as a solution?
Answer
  • A. Use AWS Secrets Manager with customer master keys (CMKs) to store master key material and apply a routine to create a new CMK periodically and replace it in AWS Secrets Manager.
  • B. Use AWS Key Management Service (AWS KMS) with customer master keys (CMKs) to store master key material and apply a routing to re-create a new key periodically and replace it in AWS KMS.
  • C. Use an AWS CloudHSM cluster with customer master keys (CMKs) to store master key material and apply a routine a re-create a new key periodically and replace it in the CloudHSM cluster nodes.
  • D. Use AWS Systems Manager Parameter Store with customer master keys (CMKs) keys to store master key material and apply a routine to re-create a new periodically and replace it in the Parameter Store.

Question 20

Question
A solution architect must design a solution that uses Amazon CloudFront with an Amazon S3 to store a static website. The company security policy requires that all websites traffic be inspected by AWS WAF. How should the solution architect company with these requirements?
Answer
  • A. Configure an S3 bucket policy to accept requests coming from the AWS WAF Amazon Resource Name (ARN) only.
  • B. Configure Amazon CloudFront to forward all incoming requests to AWS WAF before requesting content from the S3 origin.
  • C. Configure a security group that allows Amazon CloudFront IP addresses to access Amazon S3 only Associate AWS WAF to CloudFront.
  • D. Configure Amazon CloudFront and Amazon S3 to use an origin access identity (OAI) to restrict access to the S3 bucket. Enable AWS WAF on the distribution.

Question 21

Question
A company has copied 1 PB of data from a colocation facility to an Amazon S3 bucket in the us-east-1 Region using an AWS Direct Connect link. The company now wants to copy the data to another S3 bucket in the us-west-2 Region. The colocation facility does not allow the use AWS Snowball. What should a solutions architect recommend to accomplish this?
Answer
  • A. Order a Snowball Edge device to copy the data from one Region to another Region.
  • B. Transfer contents from the source S3 bucket to a target S3 bucket using the S3 console.
  • C. Use the aws S3 sync command to copy data from the source bucket to the destination bucket.
  • D. Add a cross-Region replication configuration to copy objects across S3 buckets in different Region.

Question 22

Question
A company has hired a new cloud engineer who should not have access to an Amazon S3 bucket named Company Confidential. The cloud engineer must be able to read from and write to an S3 bucket called AdminTools. Which IAM policy will meet these requirements?
Answer
  • A. Option A
  • B. Option B
  • C. Option C
  • D. Option D

Question 23

Question
An engineering team is developing and deploying AWS Lambda functions. The team needs to create roles and manage policies in AWS IAM to configure the permissions of the Lambda functions. How should the permissions for the team be configured so they also adhere to the concept of least privilege?
Answer
  • A. Create an IAM role with a managed policy attached Allow the engineering team and the Lambda functions to assume this role.
  • B. Create an IAM group for the engineering team with an lAMFullAccess policy attached Add all the users from the team to this IAM group.
  • C. Create an execution role for the Lambda functions. Attach a managed policy that has permission boundaries specific to these Lambda functions.
  • D. Create an IAM role with a managed policy attached that has permission boundaries specific to the Lambda functions Allow the engineering team to assume this role.

Question 24

Question
A company needs a secure connection between its on-premises environment and AWS. This connection does not need high bandwidth and will handle a small amount of traffic. The connection should be set up quickly. What is the MOST cost-effective method to establish this type of connection?
Answer
  • A. Implement a client VPN
  • B. Implement AWS Direct Connect
  • C. Implement a bastion host on Amazon EC2 53D.
  • D. Implement an AWS Site-to-Site VPN connection.

Question 25

Question
A company is building a payment application that must be highly available even during regional service disruptions A solutions architect must design a data storage solution that can be easily replicated and used in other AWS Regions. The application also requires low-latency atomicity, consistency, isolation, and durability (ACID) transactions that need to be immediately available to generate reports The development team also needs to use SQL. Which data storage solution meets these requirements'?
Answer
  • A. Amazon Aurora Global Database
  • B. Amazon DynamoDB global tables
  • C. Amazon S3 with cross-Region replication and Amazon Athena
  • D. MySQL on Amazon EC2 instances with Amazon Elastic Block Store (Amazon EBS) snapshot replication

Question 26

Question
A solutions architect is using Amazon S3 to design the storage architecture of a new digital media application. The media files must be resilient to the loss of an Availability Zone Some files are accessed frequently while other files are rarely accessed in an unpredictable pattern. The solutions architect must minimize the costs of storing and retrieving the media files. Which storage option meets these requirements?
Answer
  • A. S3 Standard
  • B. S3 Intelligent-Tiering
  • C. S3 Standard-Infrequent Access {S3 Standard-IA)
  • D. S3 One Zone-Infrequent Access (S3 One Zone-IA)

Question 27

Question
A company uses a legacy on-premises analytics application that operates on gigabytes of csv files and represents months of data The legacy application cannot handle the growing size of csv files New csv files are added daily from various data sources to a central on-premises storage location. The company wants to continue to support the legacy application while users learn AWS analytics services to achieve this, a solutions architect wants to maintain two synchronized copies of all the csv files on-premises and in Amazon S3. Which solution should the solutions architect recommend?
Answer
  • A. Deploy AWS DataSync on-premises. Configure DataSync to continuously replicate the csv files between the company's on-premises storage and the company's S3 bucket.
  • B. Deploy an on-premises file gateway Configure data sources to write the csv files to the file gateway Point the legacy analytics application to the file gateway The file gateway should replicate the csv files to Amazon S3.
  • C. Deploy an on-premises volume gateway. Configure data sources to write the csv files to the volume gateway. Point the legacy analytics application to the volume gateway. The volume gateway should replicate data to Amazon S3.
  • D. Deploy AWS DataSync on-premises Configure DataSync to continuously replicate the csv files between on-premises and Amazon Elastic File System (Amazon EFS) Enable replication from Amazon EFS to the company's S3 bucket.

Question 28

Question
An application allows users at a company's headquarters to access product data The product data is stored in an Amazon RDS MySQL DB instance. The operations team has isolated an application performance slowdown and wants to separate read traffic from write traffic. A solutions architect needs to optimize the application's performance quickly. What should the solutions architect recommend?
Answer
  • A. Change the existing database to a Multi-AZ deployment Serve the read requests from the primary Availability Zone.
  • B. Change the existing database to a Multi-AZ deployment Serve the read requests from the secondary Availability Zone.
  • C. Create read replicas for the database Configure the read replicas with half of the compute and storage resources as the source database.
  • D. Create read replicas for the database Configure the read replicas with the same compute and storage resources as the source database.

Question 29

Question
A company wants to optimize the cost of its data storage for data that is accessed quarterly. The company requires high throughput, low latency, and rapid access, when needed Which Amazon S3 storage class should a solutions architect recommend?
Answer
  • A. Amazon S3 Glacier (S3 Glacier)
  • B. Amazon S3 Standard (S3 Standard)
  • C. Amazon S3 Intelligent-Tiering (S3 Intelligent-Tiering)
  • D. Amazon S3 Standard-Infrequent Access (S3 Standard-IA)

Question 30

Question
A company requires that all versions of objects in its Amazon S3 bucket be retained Current object versions will be frequently accessed during the first 30 days, after which they will be rarely accessed and must be retrievable within 5 minutes. Previous object versions need to be kept forever, will be rarely accessed, and can be retrieved within 1 week. All storage solutions must be highly available and highly durable. What should a solutions architect recommend to meet these requirements in the MOST cost- effective manner?
Answer
  • A. Create an S3 lifecycle policy for the bucket that moves current object versions from S3 Standard storage to S3 Glacier after 30 days and moves previous object versions to S3 Glacier after 1 day.
  • B. Create an S3 lifecycle policy for the bucket that moves current object versions from S3 Standard storage to S3 Glacier after 30 days and moves previous object versions to S3 Glacier Deep Archive after 1 day.
  • C. Create an S3 lifecycle policy for the bucket that moves current object versions from S3 Standard storage to S3 Standard-infrequent Access (S3 Standard-IA) after 30 days and moves previous object versions to S3 Glacier Deep Archive after 1 day
  • D. Create an S3 lifecycle policy for the bucket that moves current object versions from S3 Standard storage to S3 One Zone-Infrequent Access (S3 One Zone-IA) after 30 days and moves previous object versions to S3 Glacier Deep Archive after 1 day

Question 31

Question
A company hosts its core network services, including directory services and DNS. in its on-premises data center. The data center is connected to the AWS Cloud using AWS Direct Connect (DX) Additional AWS accounts are planned that will require quick, cost-effective, and consistent access to these network services. What should a solutions architect implement to meet these requirements with the LEAST amount of operational overhead?
Answer
  • A. Create a DX connection in each new account Route the network traffic to the on-premises servers.
  • B. Configure VPC endpoints in the DX VPC for all required services Route the network traffic to the on-premises servers.
  • C. Create a VPN connection between each new account and the DX VPp, Route the network traffic to the on-premises servers.
  • D. Configure AWS Transit Gateway between the accounts Assign DX to the transit gateway and route network traffic to the on-premises servers.

Question 32

Question
A company that hosts its web application on AWS wants to ensure all Amazon EC2 instances. Amazon RDS DB instances and Amazon Redshift clusters are configured with tags. The company wants to minimize the effort of configuring and operating this check. What should a solutions architect do to accomplish this''
Answer
  • A. Use AWS Config rules to define and detect resources that are not property tagged.
  • B. Use Cost Explorer to display resources that are not properly tagged Tag those resources manually.
  • C. Write API calls to check all resources for proper tag allocation. Periodically run the code on an EC2 instance.
  • D. Write API calls to check all resources for proper tag allocation. Schedule an AWS Lambda function through Amazon CloudWatch to periodically run the code.

Question 33

Question
An application running on an Amazon EC2 instance needs to access an Amazon DynamoDB table Both the EC2 instance and the DynamoDB table are in the same AWS account A solutions architect must configure the necessary permissions. Which solution will allow least privilege access to the DynamoDB table from the EC2 instance?
Answer
  • A. Create an IAM role with the appropriate policy to allow access to the DynamoDB table Create an instance profile to assign this IAM role to the EC2 instance.
  • B. Create an IAM role with the appropriate policy to allow access to the DynamoDB table Add the EC2 instance to the trust relationship policy document to allow it to assume the role.
  • C. Create an IAM user with the appropriate policy to allow access to the DynamoDB table Store the credentials in an Amazon S3 bucket and read them from within the application code directly.
  • D. Create an IAM user with the appropriate policy to allow access to the DynamoDB table Ensure that the application stores the IAM credentials securely on local storage and uses them to make the DynamoDB calls.

Question 34

Question
An application uses an Amazon RDS MySQL DB instance. The RDS database is becoming low on disk space. A solutions architect wants to increase the disk space without downtime Which solution meets these requirements with the LEAST amount of effort?
Answer
  • A. Enable storage auto scaling in RDS.
  • B. Increase the RDS database instance size.
  • C. Change the RDS database instance storage type to Provisioned IOPS.
  • D. Back up the RDS database, increase the storage capacity, restore the database and stop the previous instance.

Question 35

Question
A company has an application that runs on Amazon EC2 instances within a private subnet in a VPC The instances access data in an Amazon S3 bucket in the same AWS Region. The VPC contains a NAT gateway in a public subnet to access the S3 bucket. The company wants to reduce costs by replacing the NAT gateway without compromising security or redundancy Which solution meets these requirements?
Answer
  • A. Replace the NAT gateway with a NAT instance.
  • B. Replace the NAT gateway with an internet gateway.
  • C. Replace the NAT gateway with a gateway VPC endpoint.
  • D. Replace the NAT gateway with an AWS Direct Connect connection.

Question 36

Question
A company is designing a message-driven order processing application on AWS. The application consists of many services and needs to communicate the results of its processing to multiple consuming services. Each of the consuming services may take up to 5 days to receive the messages Which process will meet these requirements?
Answer
  • A. The application sends the results of its processing to an Amazon Simple Notification Service (Amazon SNS) topic Each consuming service subscribes to this SNS topic and consumes the results.
  • B. The application sends the results of its processing to an Amazon Simple Notification Service (Amazon SNS) topic Each consuming service consumes the messages directly from its corresponding SNS topic.
  • C. The application sends the results of its processing to an Amazon Simple Queue Service (Amazon SQS) queue Each consuming service runs as an AWS Lambda function that consumes this single SQS queue.
  • D. The application sends the results of its processing to an Amazon Simple Notification Service (Amazon SNS) topic. An Amazon Simple Queue Service (Amazon SQS) queue is created for each service and each queue is configured to be a subscriber of the SNS topic.

Question 37

Question
A company stores call recordings on a monthly basis Statistically, the recorded data may be referenced randomly within a year but accessed rarely after 1 year Files that are newer than 1 year old must be queried and retrieved as quickly as possible. A delay in retrieving older files is acceptable. A solutions architect needs to store the recorded data at a minimal cost Which solution is MOST cost-effective?
Answer
  • A. Store individual files in Amazon S3 Glacier and store search metadata in object tags created in S3 Glacier Query S3 Glacier tags and retrieve the files from S3 Glacier.
  • B. Store individual files in Amazon S3 Use lifecycle policies to move the files to Amazon S3 Glacier after 1 year. Query and retrieve the files from Amazon S3 or S3 Glacier.
  • C. Archive individual files and store search metadata for each archive in Amazon S3 Use lifecycle policies to move the files to Amazon S3 Glacier after 1 year Query and retrieve the files by searching for metadata from Amazon S3.
  • D. Archive individual files in Amazon S3 Use lifecycle policies to move the files to Amazon S3 Glacier after 1 year Store search metadata in Amazon DynamoDB Query the files from DynamoDB and retrieve them from Amazon S3 or S3 Glacier.

Question 38

Question
A company has a highly dynamic batch processing job that uses many Amazon EC2 instances to complete it. The job is stateless in nature, can be started and stopped at any given time with no negative impact, and typically takes upwards of 60 minutes total to complete. The company has asked a solutions architect to design a scalable and cost-effective solution that meets the requirements of the job. What should the solutions architect recommend?
Answer
  • A. Implement EC2 Spot Instances
  • B. Purchase EC2 Reserved Instances
  • C. Implement EC2 On-Demand Instances
  • D. Implement the processing on AWS Lambda

Question 39

Question
An online photo application lets users upload photos and perform image editing operations The application offers two classes of service free and paid Photos submitted by paid users are processed before those submitted by free users Photos are uploaded to Amazon S3 and the job information is sent to Amazon SQS. Which configuration should a solutions architect recommend?
Answer
  • A. Use one SQS FIFO queue Assign a higher priority to the paid photos so they are processed first.
  • B. Use two SQS FIFO queues: one for paid and one for free Set the free queue to use short polling and the paid queue to use long polling.
  • C. Use two SQS standard queues one for paid and one for free Configure Amazon EC2 instances to prioritize polling for the paid queue over the free queue.
  • D. Use one SQS standard queue. Set the visibility timeout of the paid photos to zero Configure Amazon EC2 instances to prioritize visibility settings so paid photos are processed first.

Question 40

Question
A company has an application hosted on Amazon EC2 instances in two VPCs across different AWS Regions To communicate with each other, the instances use the internet for connectivity. The security team wants to ensure that no communication between the instances happens over the internet. What should a solutions architect do to accomplish this ?
Answer
  • A. Create a NAT gateway and update the route table of the EC2 instances' subnet.
  • B. Create a VPC endpoint and update the route table of the EC2 instances' subnet.
  • C. Create a VPN connection and update the route table of the EC2 instances' subnet.
  • D. Create a VPC peering connection and update the route table of the EC2 instances' subnet.

Question 41

Question
A company runs a production application on a fleet of Amazon EC2 instances The application reads the data from an Amazon SQS queue and processes the messages in parallel. The message volume is unpredictable and often has intermittent traffic. This application should continually process messages without any downtime. Which solution meets these requirements MOST cost-effectively?
Answer
  • A. Use Spot Instances exclusively to handle the maximum capacity required.
  • B. Use Reserved Instances exclusively to handle the maximum capacity required.
  • C. Use Reserved Instances for the baseline capacity and use Spot Instances to handle additional capacity.
  • D. Use Reserved instances for the baseline capacity and use On-Demand Instances to handle additional capacity.

Question 42

Question
A company with facilities in North America. Europe, and Asia is designing new distributed application to optimize its global supply chain and manufacturing process. The orders booked on one continent should be visible to all Regions in a second or less. The database should be able to support fail-over with a short Recovery Time Objective (RTO). The uptime of the application is important to ensure that manufacturing is not impacted. What should a solutions architect recommend?
Answer
  • A. Use Amazon DynamoDB global tables
  • B. Use Amazon Aurora Global Database
  • C. Use Amazon RDS for MySQL with a cross-Region read replica
  • D. Use Amazon RDS for PostgreSQL with a cross-Region read replica

Question 43

Question
A company has several Amazon EC2 instances set up in a private subnet for security reasons These instances host applications that read and write large amounts of data to and from Amazon S3 regularly. Currently, subnet routing directs all the traffic destined for the internet through a NAT gateway. The company wants to optimize the overall cost without impacting the ability of the application to communicate with Amazon S3 or the outside internet. What should a solutions architect do to optimize costs?
Answer
  • A. Create an additional NAT gateway Update the route table to route to the NAT gateway Update the network ACL to allow S3 traffic.
  • B. Create an internet gateway Update the route table to route traffic to the internet gateway Update the network ACL to allow S3 traffic.
  • C. Create a VPC endpoint for Amazon S3 Attach an endpoint policy to the endpoint Update the route table to direct traffic to the VPC endpoint.
  • D. Create an AWS Lambda function outside of the VPC to handle S3 requests Attach an IAM policy to the EC2 instances, allowing them to invoke the Lambda function.

Question 44

Question
A company hosts a training site on a fleet of Amazon EC2 instances. The company anticipates that its new course, which consists of dozens of training videos on the site, will be extremely popular when it is released in 1 week. What should a solutions architect do to minimize the anticipated server load?
Answer
  • A. Store the videos in Amazon ElastiCache for Redis Update the web servers to serve the videos using the Elastic ache API.
  • B. Store the videos in Amazon Elastic File System (Amazon EFS) Create a user data script for the web servers to mount the EFS volume.
  • C. Store the videos in an Amazon S3 bucket Create an Amazon CloudFlight distribution with an origin access identity (OAI) of that S3 bucket Restrict Amazon S3 access to the OAI.
  • D. Store the videos in an Amazon S3 bucket. Create an AWS Storage Gateway file gateway to access the S3 bucket Create a user data script for the web servers to mount the file gateway

Question 45

Question
A company is running an online transaction processing (OLTP) workload on AWS. This workload uses an unencrypted Amazon RDS DB instance in a Multi-AZ deployment. Daily database snapshots are taken from this instance. What should a solutions architect do to ensure the database and snapshots are always encrypted moving forward?
Answer
  • A. Encrypt a copy of the latest DB snapshot. Replace existing DB instance by restoring the encrypted snapshot.
  • B. Create a new encrypted Amazon Elastic Block Store (Amazon EBS) volume and copy the snapshots lo it. Enable encryption on the DB instance.
  • C. Copy the snapshots and enable encryption using AWS Key Management Service (AWS KMS). Restore encrypted snapshot to an existing DB instance.
  • D. Copy the snapshots to an Amazon S3 bucket that is encrypted using server-side encryption with AWS Key Management Service (AWS KMS) managed keys (SSE-KMS).

Question 46

Question
A company is hosting its static website in an Amazon S3 bucket, which is the origin for Amazon CioudFront. The company has users in the United States. Canada, and Europe and wants to reduce costs. What should a solutions architect recommend?
Answer
  • A. Adjust the CloudFront caching time to live (TTL) from the default to a longer timeframe.
  • B. Implement CloudFront events with Lambda@Edge to run the website's data processing.
  • C. Modify the CloudFront price class to include only the locations of the countries that are served.
  • D. Implement a CloudFront Secure Sockets Layer (SSL) certificate to push security closer to the locations of the countries that are served.

Question 47

Question
A company has a dynamic web application hosted on two Amazon EC2 instances. The company has its own SSL certificate, which is on each instance to perform SSL termination. There has been an increase in traffic recently, and the operations team determined that SSL encryption and decryption is causing the compute capacity of the web servers to reach their maximum limit. What should a solutions architect do to increase the application's performance?
Answer
  • A. Create a new SSL certificate using AWS Certificate Manager (ACM). Install the ACM certificate on each instance.
  • B. Create an Amazon S3 bucket. Migrate the SSL certificate to the S3 bucket. Configure the EC2 instances to reference the bucket for SSL termination.
  • C. Create another EC2 instance as a proxy server. Migrate the SSL certificate to the new instance and configure it to direct connections to the existing EC2 instances.
  • D. Import the SSL certificate into AWS Certificate Manager (ACM). Create an Application Load Balancer with an HTTPS listener that uses the SSL certificate from ACM.

Question 48

Question
A company runs a static website through its on-premises data center. The company has multiple servers mat handle all of its traffic, but on busy days, services are interrupted and the website becomes unavailable. The company wants to expand its presence globally and plans to triple its website traffic. What should a solutions architect recommend to meet these requirements?
Answer
  • A. Migrate the website content to Amazon S3 and host the website on Amazon CloudFront.
  • B. Migrate the website content to Amazon EC2 instances with public Elastic IP addresses in multiple AWS Regions.
  • C. Migrate the website content to Amazon EC2 instances and vertically scale as the load increases.
  • D. Use Amazon Route 53 to distribute the loads across multiple Amazon CloudFront distributions for each AWS Region that exists globally.

Question 49

Question
A company uses Amazon Redshift for its data warehouse. The company wants to ensure high durability for its data in case of any component failure. What should a solutions architect recommend?
Answer
  • A. Enable concurrency seating.
  • B. Enable cross-Region snapshots.
  • C. Increase the data retention period.
  • D. Deploy Amazon Redshift in Multi-AZ

Question 50

Question
A development team is collaborating with another company to create an integrated product. The other company needs to access an Amazon Simple Queue Service (Amazon SQS) queue that is contained in the development team's account. The other company wants to poll the queue without giving up its own account permissions to do. How should a solutions architect provide access to the SQS queue?
Answer
  • A. Create an instance profile that provides the other company access to the SQS queue.
  • B. Create an IAM policy that provides the other company access to the SQS queue.
  • C. Create an SQS access policy that provides the other company access to the SQS queue.
  • D. Create an Amazon Simple Notification Service (Amazon SNS) access policy that provides the other company access to the SQS queue.

Question 51

Question
As part of budget planning, management wants a report of AWS billed items listed by user. The data will be used to create department budgets. A solutions architect needs to determine the most efficient way to obtain this report information. Which solution meets these requirements?
Answer
  • A. Run a query with Amazon Athena to generate the report.
  • B. Create a report in Cost Explorer and download the report.
  • C. Access the bill details from the billing dashboard and download the bill.
  • D. Modify a cost budget in AWS Budgets to alert with Amazon Simple Email Service (Amazon SES).

Question 52

Question
A company has a hybrid application hosted on multiple on-premises servers with static IP addresses. There is already a VPN that provides connectivity between the VPC and the on-premises network. The company wants to distribute TCP traffic across the on-premises servers for internet users. What should a solutions architect recommend to provide a highly available and scalable solution?
Answer
  • A. Launch an internet-facing Network Load Balancer (NLB) and register on-premises IP addresses with the NLB.
  • B. Launch an internet-facing Application Load Balancer (ALB) and register on-premises IP addresses with the ALB.
  • C. Launch an Amazon EC2 instance, attach an Elastic IP address, and distribute traffic to the on- premises servers.
  • D. Launch an Amazon EC2 instance with public IP addresses in an Auto Scaling group and distribute traffic to the on-premises servers.

Question 53

Question
A company is reviewing a recent migration of a three-tier application to a VPC. The security team discovers thai the principle of least privilege is not being applied to Amazon EC2 security group ingress and egress rules between the application tiers. What should a solutions architect do to correct this issue?
Answer
  • A. Create security group rules using the instance ID as the source or destination.
  • B. Create security group rules using the security group ID as the source or destination.
  • C. Create security group rules using the VPC CIDR blocks as the source or destination.
  • D. Create security group rules using the subnet CIDR blocks as the source or destination.

Question 54

Question
A company runs a web service on Amazon EC2 instances behind an Application Load Balancer The instances run in an Amazon EC2 Auto Scaling group across two Availability Zones The company needs a minimum of four instances at all limes to meet the required service level agreement (SLA) while keeping costs low. If an Availability Zone fails, how can the company remain compliant with the SLA?
Answer
  • A. Add a target tracking scaling policy with a short cooldown period.
  • B. Change the Auto Scaling group launch configuration to use a larger instance type.
  • C. Change the Auto Scaling group to use six servers across three Availability Zones.
  • D. Change the Auto Scaling group to use eight servers across two Availability Zones.

Question 55

Question
A company has applications hosted on Amazon EC2 instances with IPv6 addresses. The applications must initiate communications with other external applications using the internet. However, the company's security policy states that any external service cannot initiate a connection to the EC2 instances. What should a solutions architect recommend to resolve this issue?
Answer
  • A. Create a NAT gateway and make it the destination of the subnet's route table
  • B. Create an internet gateway and make it the destination of the subnet's route table
  • C. Create a virtual private gateway and make it the destination of the subnet's route table
  • D. Create an egress-only internet gateway and make it the destination of the subnet's route table

Question 56

Question
A company wants to build a scalable key management infrastructure to support developers who need to encrypt data in their applications. What should a solutions architect do to reduce the operational burden?
Answer
  • A. Use multi-factor authentication (MFA) to protect the encryption keys
  • B. Use AWS Key Management Service (AWS KMS) to protect the encryption keys
  • C. Use AWS Certificate Manager (ACM) to create, store and assign the encryption keys
  • D. Use an 1AM policy to limit the scope of users who have access permissions to protect the encryption keys

Question 57

Question
A company is using Site-to-Site VPN connections for secure connectivity to its AWS Cloud resources from on premises. Due to an increase in traffic across the VPN connections to the Amazon EC2 instances, users are experiencing slower VPN connectivity Which solution will improve the VPN throughput?
Answer
  • A. Implement multiple customer gateways for the same network to scale the throughput.
  • B. Use a transit gateway with equal cost multipath routing and add additional VPN tunnels.
  • C. Configure a virtual private gateway with equal cost multipath routing and multiple channels.
  • D. Increase the number of tunnels in the VPN configuration to scale the throughput beyond the default limit.

Question 58

Question
An application running on an Amazon EC2 instance needs to securely access tiles on an Amazon Elastic File System (Amazon I tile system. The EFS tiles are stored using encryption at rest. Which solution for accessing the tiles is MOST secure?
Answer
  • A. Enable TLS when mounting Amazon EFS
  • B. Store the encryption key in the code of the application
  • C. Enable AWS Key Management Service (AWS KMS) when mounting Amazon EFS.
  • D. Store the encryption key in an Amazon S3 bucket and use 1AM roles to grant the EC2 instance access permission.

Question 59

Question
A company is planning to migrate a legacy application to AWS. The application currently uses NFS to communicate to an on-premises storage solution to store application data. The application cannot be modified to use any other communication protocols other than NFS for this purpose. Which storage solution should a solutions architect recommend for use after the migration?
Answer
  • A. AWS DataSync
  • B. Amazon Elastic Block Store (Amazon EBS)
  • C. Amazon Elastic File System (Amazon EFS)
  • D. Amazon EMR File System (Amazon EMRFS)

Question 60

Question
A company has a custom application with embedded credentials that retrieves information from an Amazon RDS MySQL DB instance. Management says the application must be made more secure with the least amount of programming effort. What should a solutions architect do to meet these requirements?
Answer
  • A. Use AWS Key Management Service (AWS KMS) customer master keys (CMKs) to create keys. Configure the application to load the database credentials from AWS KMS Enable automatic key rotation.
  • B. Create credentials on the RDS for MySQL database for the application user and store the credentials in AWS Secrets Manager. Configure the application to load the database credentials from Secrets Manager. Create an AWS Lambda function that rotates the credentials in Secret Manager.
  • C. Create credentials on the RDS for MySQL database for the application user and store the credentials in AWS Secrets Manager. Configure the application to load the database credentials from Secrets Manager. Set up a credentials rotation schedule for the application user in the RDS for MySQL database using Secrets Manager.
  • D. Create credentials on the RDS for MySQL database for the application user and store the credentials in AWS Systems Manager Parameter Store. Configure the application to load the database credentials from Parameter Store. Set up a credentials rotation schedule for the application user in the RDS for MySQL database using Parameter Store.

Question 61

Question
A company is migrating a Linux-based web server group to AWS The web servers must access files in a shared file store for some content To meet the migration date, minimal changes can be made. What should a solutions architect do to meet these requirements?
Answer
  • A. Create an Amazon S3 Standard bucket with access to the web server.
  • B. Configure an Amazon CloudFront distribution with an Amazon S3 bucket as the origin
  • C. Create an Amazon Elastic File System (Amazon EFS) volume and mount it on all web servers
  • D. Configure Amazon Elastic Block Store (Amazon EBS) Provisioned IOPS SSD (io1) volumes and mount them on all web servers.

Question 62

Question
A company has an API-based inventory reporting application running on Amazon EC2 instances The application stores information in an Amazon DynamoDB table The company's distribution centers have an on-premises shipping application that calls an API to update the inventory before printing shipping labels. The company has been experiencing application interruptions several times each day, resulting in lost transactions. What should a solutions architect recommend to improve application resiliency?
Answer
  • A. Modify the shipping application to write to a local database
  • B. Modify the application APIs to run serverless using AWS Lambda
  • C. Configure Amazon API Gateway to call the EC2 inventory application APIs.
  • D. Modify the application to send inventory updates using Amazon Simple Queue Service (Amazon SQS)

Question 63

Question
A solutions architect needs to ensure that all Amazon Elastic Block Store (Amazon EBS) volumes restored from unencrypted EBS snapshots are encrypted What should the solutions architect do to accomplish this?
Answer
  • A. Enable EBS encryption by default for the AWS Region
  • B. Enable EBS encryption by default for the specific volumes
  • C. Create a new volume and specify the symmetric customer master key (CMK) to use for encryption
  • D. Create a new volume and specify the asymmetric customer master key (CMK) to use for encryption.

Question 64

Question
A company wants to host its web application on AWS using multiple Amazon EC2 instances across different AWS Regions Since the application content will be specific to each geographic region, the client requests need to be routed to the server that hosts the content for that clients Region. What should a solutions architect do to accomplish this?
Answer
  • A. Configure Amazon Route 53 with a latency routing policy.
  • B. Configure Amazon Route 53 with a weighted routing policy.
  • C. Configure Amazon Route 53 with a geolocation routing policy
  • D. Configure Amazon Route 53 with a multivalue answer routing policy

Question 65

Question
A company is preparing to migrate its on-premises application to AWS The application consists of application servers and a Microsoft SQL Server database The database cannot be migrated to a different engine because SQL Server features are used in the application's NET code. The company wants to attain the greatest availability possible while minimizing operational and management overhead. What should a solutions architect do to accomplish this?
Answer
  • A. Install SQL Server on Amazon EC2 in a Multi-AZ deployment
  • B. Migrate the data to Amazon RDS for SQL Server in a Multi-AZ deployment.
  • C. Deploy the database on Amazon RDS for SQL Server with Multi-AZ Replicas.
  • D. Migrate the data to Amazon RDS for SQL Server in a cross Region Multi-AZ deployment
Show full summary Hide full summary

Want to create your own Quizzes for free with GoConqr? Learn more.

Similar

NOÇÕES DE INFORMÁTICA
Viviana Veloso
Informática conhecimentos básicos
thiago.tc3
História da informática
Renato Costa
Informática Para Concursos - Conceitos Iniciais (Part. 1)
ae.antunes
Apresentação-O que é Lógica e como ela está interligada com a programação?
Ketlen Dos Anjos
Noções de Informática
Carlos Jr Uchôa
Informática Básica
Neylor Farias Ma
Informática de A a Z
fabianomotta
Informática - questões gerais
António Mordido
Introdução ao Microsoft Word
Roberto Becker
Informatica para Concursos - Hardware básico
Rômulo Santos
Browse Library