Amazon AWS Certified Solutions Architect - Associate SAA-C02
Prev

There are 450 results

Next
#391 (Accuracy: 100% / 5 votes)
A company needs to store data in Amazon S3. A compliance requirement states that when any changes are made to objects the previous state of the object with any changes must be preserved. Additionally, files older than 5 years should not be accessed but need to be archived for auditing.
What should a solutions architect recommend that is MOST cost-effective?
  • A. Enable object-level versioning and S3 Object Lock in governance mode
  • B. Enable object-level versioning and S3 Object Lock in compliance mode
  • C. Enable object-level versioning. Enable a lifecycle policy to move data older than 5 years to S3 Glacier Deep Archive
  • D. Enable object-level versioning. Enable a lifecycle policy to move data older than 5 years to S3 Standard-Infrequent Access (S3 Standard-IA)
#392 (Accuracy: 100% / 3 votes)
A company hosts a training site on a fleet of Amazon EC2 instances. The company anticipates that its new course, which consists of dozens of training videos on the site, will be extremely popular when it is released in 1 week.
What should a solutions architect do to minimize the anticipated server load?
  • A. Store the videos in Amazon ElastiCache for Redis. Update the web servers to serve the videos using the ElastiCache API.
  • B. Store the videos in Amazon Elastic File System (Amazon EFS). Create a user data script for the web servers to mount the EFS volume.
  • C. Store the videos in an Amazon S3 bucket. Create an Amazon CloudFront distribution with an origin access identity (OAI) of that S3 bucket. Restrict Amazon S3 access to the OAI.
  • D. Store the videos in an Amazon S3 bucket. Create an AWS Storage Gateway file gateway to access the S3 bucket. Create a user data script for the web servers to mount the file gateway.
#393 (Accuracy: 100% / 7 votes)
A company has two VPCs named Management and Production. The Management VPC uses VPNs through a customer gateway to connect to a single device in the data center. The Production VPC uses a virtual private gateway with two attached AWS Direct Connect connections. The Management and Production VPCs both use a single VPC peering connection to allow communication between the applications.
What should a solutions architect do to mitigate any single point of failure in this architecture?
  • A. Add a set of VPNs between the Management and Production VPCs.
  • B. Add a second virtual private gateway and attach it to the Management VPC.
  • C. Add a second set of VPNs to the Management VPC from a second customer gateway device.
  • D. Add a second VPC peering connection between the Management VPC and the Production VPC.
#394 (Accuracy: 100% / 4 votes)
A solutions architect needs to design a system to store client case files. The files are core company assets and are important. The number of files will grow over time.
The files must be simultaneously accessible from multiple application servers that run on Amazon EC2 instances. The solution must have built-in redundancy.
Which solution meets these requirements?
  • A. Amazon Elastic File System (Amazon EFS)
  • B. Amazon Elastic Block Store (Amazon EBS)
  • C. Amazon S3 Glacier Deep Archive
  • D. AWS Backup
#395 (Accuracy: 100% / 6 votes)
A company hosts its web application on AWS using seven Amazon EC2 instances. The company requires that the IP addresses of all healthy EC2 instances be returned in response to DNS queries.
Which policy should be used to meet this requirement?
  • A. Simple routing policy
  • B. Latency routing policy
  • C. Multi-value routing policy
  • D. Geolocation routing policy
#396 (Accuracy: 100% / 3 votes)
What should a solutions architect do to ensure that all objects uploaded to an Amazon S3 bucket are encrypted?
  • A. Update the bucket policy to deny if the PutObject does not have an s3:x-amz-acl header set.
  • B. Update the bucket policy to deny if the PutObject does not have an s3:x-amz-acl header set to private.
  • C. Update the bucket policy to deny if the PutObject does not have an aws:SecureTransport header set to true.
  • D. Update the bucket policy to deny if the PutObject does not have an x-amz-server-side-encryption header set.
#397 (Accuracy: 100% / 3 votes)
A company runs a web application that is backed by Amazon RDS. A new database administrator caused data loss by accidentally editing information in a database table. To help recover from this type of incident, the company wants the ability to restore the database to its state from 5 minutes before any change within the last 30 days.
Which feature should the solutions architect include in the design to meet this requirement?
  • A. Read replicas
  • B. Manual snapshots
  • C. Automated backups
  • D. Multi-AZ deployments
#398 (Accuracy: 100% / 2 votes)
A company has a dynamic web application hosted on two Amazon EC2 instances. The company has its own SSL certificate, which is on each instance to perform
SSL termination.
There has been an increase in traffic recently, and the operations team determined that SSL encryption and decryption is causing the compute capacity of the web servers to reach their maximum limit.
What should a solutions architect do to increase the application's performance?
  • A. Create a new SSL certificate using AWS Certificate Manager (ACM). Install the ACM certificate on each instance.
  • B. Create an Amazon S3 bucket. Migrate the SSL certificate to the S3 bucket. Configure the EC2 instances to reference the bucket for SSL termination.
  • C. Create another EC2 instance as a proxy server. Migrate the SSL certificate to the new instance and configure it to direct connections to the existing EC2 instances.
  • D. Import the SSL certificate into AWS Certificate Manager (ACM). Create an Application Load Balancer with an HTTPS listener that uses the SSL certificate from ACM.
#399 (Accuracy: 100% / 3 votes)
A company has a service that produces event data. The company wants to use AWS to process the event data as it is received. The data is written in a specific order that must be maintained throughout processing. The company wants to implement a solution that minimizes operational overhead.
How should a solutions architect accomplish this?
  • A. Create an Amazon Simple Queue Service (Amazon SQS) FIFO queue to hold messages. Set up an AWS Lambda function to process messages from the queue.
  • B. Create an Amazon Simple Notification Service (Amazon SNS) topic to deliver notifications containing payloads to process. Configure an AWS Lambda function as a subscriber.
  • C. Create an Amazon Simple Queue Service (Amazon SQS) standard queue to hold messages. Set up an AWS Lambda function to process messages from the queue independently.
  • D. Create an Amazon Simple Notification Service (Amazon SNS) topic to deliver notifications containing payloads to process. Configure an Amazon Simple Queue Service (Amazon SQS) queue as a subscriber.
#400 (Accuracy: 100% / 2 votes)
A company is planning to migrate a legacy application to AWS. The application currently uses NFS to communicate to an on-premises storage solution to store application data. The application cannot be modified to use any other communication protocols other than NFS for this purpose.
Which storage solution should a solutions architect recommend for use after the migration?
  • A. AWS DataSync
  • B. Amazon Elastic Block Store (Amazon EBS)
  • C. Amazon Elastic File System (Amazon EFS)
  • D. Amazon EMR File System (Amazon EMRFS)