Amazon AWS Certified Solutions Architect - Associate SAA-C02
Prev

There are 450 results

Next
#281 (Accuracy: 100% / 2 votes)
A company has applications hosted on Amazon EC2 instances with IPv6 addresses. The applications must initiate communications with other external applications using the internet. However, the company's security policy states that any external service cannot initiate a connection to the EC2 instances. What should a solutions architect recommend to resolve this issue?
  • A. Create a NAT gateway and make it the destination of the subnet's route table.
  • B. Create an internet gateway and make it the destination of the subnet's route table.
  • C. Create a virtual private gateway and make it the destination of the subnet's route table.
  • D. Create an egress-only internet gateway and make it the destination of the subnet's route table.
#282 (Accuracy: 100% / 3 votes)
A company has developed a new video game as a web application. The application is in a three-tier architecture in a VPC with Amazon RDS for MySQL. In the database layer several players will compete concurrently online. The game's developers want to display a top-10 scoreboard in near-real time and offer the ability to stop and restore the game while preserving the current scores.
What should a solutions architect do to meet these requirements?
  • A. Set up an Amazon ElastiCache for Memcached cluster to cache the scores for the web application to display.
  • B. Set up an Amazon ElastiCache for Redis cluster to compute and cache the scores for the web application to display.
  • C. Place an Amazon CloudFront distribution in front of the web application to cache the scoreboard in a section of the application.
  • D. Create a read replica on Amazon RDS for MySQL to run queries to compute the scoreboard and serve the read traffic to the web application.
#283 (Accuracy: 96% / 12 votes)
A law firm needs to share information with the public. The information includes hundreds of files that must be publicly readable. Modifications or deletions of the files by anyone before a designated future date are prohibited.
Which solution will meet these requirements in the MOST secure way?
  • A. Upload all flies to an Amazon S3 bucket that is configured for static website hosting. Grant read-only IAM permissions to any AWS principals that access the S3 bucket until the designated date.
  • B. Create a new Amazon S3 bucket with S3 Versioning enabled. Use S3 Object Lock with a retention period in accordance with the designated date. Configure the S3 bucket for static website hosting. Set an S3 bucket policy to allow read-only access to the objects.
  • C. Create a new Amazon S3 bucket with S3 Versioning enabled. Configure an event trigger to run an AWS Lambda function in case of object modification or deletion. Configure the Lambda function to replace the objects with the original versions from a private S3 bucket.
  • D. Upload all files to an Amazon S3 bucket that is configured for static website hosting. Select the folder that contains the files. Use S3 Object Lock with a retention period in accordance with the designated date. Grant read-only IAM permissions to any AWS principals that access the S3 bucket.
#284 (Accuracy: 100% / 4 votes)
The financial application at a company stores monthly reports in an Amazon S3 bucket. The vice president of finance has mandated that all access to these reports be logged and that any modifications to the log files be detected.
Which actions can a solutions architect take to meet these requirements?
  • A. Use S3 server access logging on the bucket that houses the reports with the read and write data events and log file validation options enabled.
  • B. Use S3 server access logging on the bucket that houses the reports with the read and write management events and log file validation options enabled.
  • C. Use AWS CloudTrail to create a new trail. Configure the trail to log read and write data events on the S3 bucket that houses the reports. Log these events to a new bucket, and enable log file validation.
  • D. Use AWS CloudTrail to create a new trail. Configure the trail to log read and write management events on the S3 bucket that houses the reports. Log these events to a new bucket, and enable log file validation.
#285 (Accuracy: 100% / 5 votes)
A company's facility has badge readers at every entrance throughout the building. When badges are scanned, the readers send a message over HTTPS to indicate who attempted to access that particular entrance.
A solutions architect must design a system to process these messages from the sensors. The solution must be highly available, and the results must be made available for the company's security team to analyze.
Which system architecture should the solutions architect recommend?
  • A. Launch an Amazon EC2 instance to serve as the HTTPS endpoint and to process the messages. Configure the EC2 instance to save the results to an Amazon S3 bucket.
  • B. Create an HTTPS endpoint in Amazon API Gateway. Configure the API Gateway endpoint to invoke an AWS Lambda function to process the messages and save the results to an Amazon DynamoDB table.
  • C. Use Amazon Route 53 to direct incoming sensor messages to an AWS Lambda function. Configure the Lambda function to process the messages and save the results to an Amazon DynamoDB table.
  • D. Create a gateway VPC endpoint for Amazon S3. Configure a Site-to-Site VPN connection from the facility network to the VPC so that sensor data can be written directly to an S3 bucket by way of the VPC endpoint.
#286 (Accuracy: 100% / 7 votes)
A solutions architect needs to design the architecture for an application that a vendor provides as a Docker container image. The container needs 50 GB of storage available for temporary files. The infrastructure must be serverless.
Which solution meets these requirements with the LEAST operational overhead?
  • A. Create an AWS Lambda function that uses the Docker container image with an Amazon S3 mounted volume that has more than 50 GB of space.
  • B. Create an AWS Lambda function that uses the Docker container image with an Amazon Elastic Block Store (Amazon EBS) volume that has more than 50 GB of space.
  • C. Create an Amazon Elastic Container Service (Amazon ECS) cluster that uses the AWS Fargate launch type. Create a task definition for the container image with an Amazon Elastic File System (Amazon EFS) volume. Create a service with that task definition.
  • D. Create an Amazon Elastic Container Service (Amazon ECS) cluster that uses the Amazon EC2 launch type with an Amazon Elastic Block Store (Amazon EBS) volume that has more than 50 GB of space. Create a task definition for the container image. Create a service with that task definition.
#287 (Accuracy: 100% / 1 votes)
A solutions architect is designing the cloud architecture for a new application that is being deployed on AWS. The application's users will interactively download and upload files. Files that are more than 90 days old will be accessed less frequently than newer files, but all files need to be instantly available. The solutions architect must ensure that the application can scale to store petabytes of data with maximum durability.
Which solution meets these requirements?
  • A. Store the files in Amazon S3 Standard. Create an S3 Lifecycle policy that moves objects that are more than 90 days old to S3 Glacier.
  • B. Store the files in Amazon S3 Standard. Create an S3 Lifecycle policy that moves objects that are more than 90 days old to S3 Standard-Infrequent Access (S3 Standard-IA).
  • C. Store the files in Amazon Elastic Block Store (Amazon EBS) volumes. Schedule snapshots of the volumes. Use the snapshots to archive data that is more than 90 days old.
  • D. Store the files in RAID-striped Amazon Elastic Block Store (Amazon EBS) volumes. Schedule snapshots of the volumes. Use the snapshots to archive data that is more than 90 days old.
#288 (Accuracy: 100% / 1 votes)
A company is deploying an application that processes large quantities of data in parallel. The company plans to use Amazon EC2 instances for the workload. The network architecture must be configurable to prevent groups of nodes from sharing the same underlying hardware.
Which networking solution meets these requirements?
  • A. Run the EC2 instances in a spread placement group.
  • B. Group the EC2 instances in separate accounts.
  • C. Configure the EC2 instances with dedicated tenancy.
  • D. Configure the EC2 instances with shared tenancy.
#289 (Accuracy: 100% / 5 votes)
A solutions architect is helping a company design storage for a high performance computing (HPC) environment that is based on Amazon Linux. The workload stores and processes a large number of engineering drawings that require shared storage. The company needs a solution that can support hundreds of Amazon
EC2 instances. The solution also must provide sub-millisecond latencies.
Which solution meets these requirements?
  • A. Amazon EC2 instance store
  • B. Amazon Elastic Block Store (Amazon EBS) Provisioned IOPS SSD (io2)
  • C. Amazon Elastic File System (Amazon EFS)
  • D. Amazon FSx for Lustre
#290 (Accuracy: 100% / 2 votes)
A company runs a critical, customer-facing application on Amazon Elastic Kubernetes Service (Amazon EKS). The application has a microservices architecture.
The company needs to implement a solution that collects, aggregates, and summarizes metrics and logs from the application in a centralized location.
Which solution meets these requirements?
  • A. Run the Amazon CloudWatch agent in the existing EKS cluster. View the metrics and logs in the CloudWatch console.
  • B. Run AWS App Mesh in the existing EKS cluster. View the metrics and logs in the App Mesh console.
  • C. Configure AWS CloudTrail to capture data events. Query CloudTrail by using Amazon OpenSearch Service (Amazon Elasticsearch Service).
  • D. Configure Amazon CloudWatch Container Insights in the existing EKS cluster. View the metrics and logs in the CloudWatch console.