Amazon AWS Certified Solutions Architect - Associate SAA-C02
Prev

There are 450 results

Next
#31 (Accuracy: 100% / 2 votes)
A company is running an ecommerce application on Amazon EC2. The application consists of a stateless web tier that requires a minimum of 10 instances, and a peak of 250 instances to support the application's usage. The application requires 50 instances 80% of the time.
Which solution should be used to minimize costs?
  • A. Purchase Reserved Instances to cover 250 instances.
  • B. Purchase Reserved Instances to cover 80 instances. Use Spot Instances to cover the remaining instances.
  • C. Purchase On-Demand Instances to cover 40 instances. Use Spot Instances to cover the remaining instances.
  • D. Purchase Reserved Instances to cover 50 instances. Use On-Demand and Spot Instances to cover the remaining instances.
#32 (Accuracy: 100% / 6 votes)
A solutions architect is tasked with transferring 750 TB of data from an on-premises network-attached file system located at a branch office Amazon S3 Glacier.
The migration must not saturate the on-premises 1 Mbps internet connection.
Which solution will meet these requirements?
  • A. Create an AWS site-to-site VPN tunnel to an Amazon S3 bucket and transfer the files directly. Transfer the files directly by using the AWS CLI.
  • B. Order 10 AWS Snowball Edge Storage Optimized devices, and select an S3 Glacier vault as the destination.
  • C. Mount the network-attached file system to an S3 bucket, and copy the files directly. Create a lifecycle policy to transition the S3 objects to Amazon S3 Glacier.
  • D. Order 10 AWS Snowball Edge Storage Optimized devices, and select an Amazon S3 bucket as the destination. Create a lifecycle policy to transition the S3 objects to Amazon S3 Glacier.
#33 (Accuracy: 100% / 1 votes)
A company has a two-tier application architecture that runs in public and private subnets. Amazon EC2 instances running the web application are in the public subnet and a database runs on the private subnet. The web application instances and the database are running in a single Availability Zone (AZ).
Which combination of steps should a solutions architect take to provide high availability for this architecture? (Choose two.)
  • A. Create new public and private subnets in the same AZ for high availability.
  • B. Create an Amazon EC2 Auto Scaling group and Application Load Balancer spanning multiple AZs.
  • C. Add the existing web application instances to an Auto Scaling group behind an Application Load Balancer.
  • D. Create new public and private subnets in a new AZ. Create a database using Amazon EC2 in one AZ.
  • E. Create new public and private subnets in the same VPC, each in a new AZ. Migrate the database to an Amazon RDS multi-AZ deployment.
#34 (Accuracy: 100% / 2 votes)
An application hosted on AWS is experiencing performance problems, and the application vendor wants to perform an analysis of the log file to troubleshoot further. The log file is stored on Amazon S3 and is 10 GB in size. The application owner will make the log file available to the vendor for a limited time.
What is the MOST secure way to do this?
  • A. Enable public read on the S3 object and provide the link to the vendor.
  • B. Upload the file to Amazon WorkDocs and share the public link with the vendor.
  • C. Generate a presigned URL and have the vendor download the log file before it expires.
  • D. Create an IAM user for the vendor to provide access to the S3 bucket and the application. Enforce multi-factor authentication.
#35 (Accuracy: 100% / 3 votes)
A solutions architect is designing a two-tier web application. The application consists of a public-facing web tier hosted on Amazon EC2 in public subnets. The database tier consists of Microsoft SQL Server running on Amazon EC2 in a private subnet. Security is a high priority for the company.
How should security groups be configured in this situation? (Choose two.)
  • A. Configure the security group for the web tier to allow inbound traffic on port 443 from 0.0.0.0/0.
  • B. Configure the security group for the web tier to allow outbound traffic on port 443 from 0.0.0.0/0.
  • C. Configure the security group for the database tier to allow inbound traffic on port 1433 from the security group for the web tier.
  • D. Configure the security group for the database tier to allow outbound traffic on ports 443 and 1433 to the security group for the web tier.
  • E. Configure the security group for the database tier to allow inbound traffic on ports 443 and 1433 from the security group for the web tier.
#36 (Accuracy: 100% / 7 votes)
A company allows its developers to attach existing IAM policies to existing IAM roles to enable faster experimentation and agility. However, the security operations team is concerned that the developers could attach the existing administrator policy, which would allow the developers to circumvent any other security policies.
How should a solutions architect address this issue?
  • A. Create an Amazon SNS topic to send an alert every time a developer creates a new policy.
  • B. Use service control policies to disable IAM activity across all accounts in the organizational unit.
  • C. Prevent the developers from attaching any policies and assign all IAM duties to the security operations team.
  • D. Set an IAM permissions boundary on the developer IAM role that explicitly denies attaching the administrator policy.
#37 (Accuracy: 100% / 3 votes)
A media streaming company collects real-time data and stores it in a disk-optimized database system. The company is not getting the expected throughput and wants an in-memory database storage solution that performs faster and provides high availability using data replication.
Which database should a solutions architect recommend?
  • A. Amazon RDS for MySQL
  • B. Amazon RDS for PostgreSQL.
  • C. Amazon ElastiCache for Redis
  • D. Amazon ElastiCache for Memcached
#38 (Accuracy: 100% / 2 votes)
A company hosts its product information webpages on AWS. The existing solution uses multiple Amazon C2 instances behind an Application Load Balancer in an
Auto Scaling group. The website also uses a custom DNS name and communicates with HTTPS only using a dedicated SSL certificate. The company is planning a new product launch and wants to be sure that users from around the world have the best possible experience on the new website.
What should a solutions architect do to meet these requirements?
  • A. Redesign the application to use Amazon CloudFront.
  • B. Redesign the application to use AWS Elastic Beanstalk.
  • C. Redesign the application to use a Network Load Balancer.
  • D. Redesign the application to use Amazon S3 static website hosting.
#39 (Accuracy: 100% / 4 votes)
A solutions architect is designing the cloud architecture for a new application being deployed on AWS. The process should run in parallel while adding and removing application nodes as needed based on the number of jobs to be processed. The processor application is stateless. The solutions architect must ensure that the application is loosely coupled and the job items are durably stored.
Which design should the solutions architect use?
  • A. Create an Amazon SNS topic to send the jobs that need to be processed. Create an Amazon Machine Image (AMI) that consists of the processor application. Create a launch configuration that uses the AMI. Create an Auto Scaling group using the launch configuration. Set the scaling policy for the Auto Scaling group to add and remove nodes based on CPU usage.
  • B. Create an Amazon SQS queue to hold the jobs that need to be processed. Create an Amazon Machine Image (AMI) that consists of the processor application. Create a launch configuration that uses the AMI. Create an Auto Scaling group using the launch configuration. Set the scaling policy for the Auto Scaling group to add and remove nodes based on network usage.
  • C. Create an Amazon SQS queue to hold the jobs that need to be processed. Create an Amazon Machine Image (AMI) that consists of the processor application. Create a launch template that uses the AMI. Create an Auto Scaling group using the launch template. Set the scaling policy for the Auto Scaling group to add and remove nodes based on the number of items in the SQS queue.
  • D. Create an Amazon SNS topic to send the jobs that need to be processed. Create an Amazon Machine Image (AMI) that consists of the processor application. Create a launch template that uses the AMI. Create an Auto Scaling group using the launch template. Set the scaling policy for the Auto Scaling group to add and remove nodes based on the number of messages published to the SNS topic.
#40 (Accuracy: 100% / 9 votes)
A marketing company is storing CSV files in an Amazon S3 bucket for statistical analysis. An application on an Amazon EC2 instance needs permission to efficiently process the CSV data stored in the S3 bucket.
Which action will MOST securely grant the EC2 instance access to the S3 bucket?
  • A. Attach a resource-based policy to the S3 bucket.
  • B. Create an IAM user for the application with specific permissions to the S3 bucket.
  • C. Associate an IAM role with least privilege permissions to the EC2 instance profile.
  • D. Store AWS credentials directly on the EC2 instance for applications on the instance to use for API calls.