Amazon AWS Certified Solutions Architect - Associate SAA-C02
Prev

There are 450 results

Next
#51 (Accuracy: 100% / 2 votes)
A healthcare company stores highly sensitive patient records. Compliance requires that multiple copies be stored in different locations. Each record must be stored for 7 years. The company has a service level agreement (SLA) to provide records to government agencies immediately for the first 30 days and then within 4 hours of a request thereafter.
What should a solutions architect recommend?
  • A. Use Amazon S3 with cross-Region replication enabled. After 30 days, transition the data to Amazon S3 Glacier using lifecycle policy.
  • B. Use Amazon S3 with cross-origin resource sharing (CORS) enabled. After 30 days, transition the data to Amazon S3 Glacier using a lifecycle policy.
  • C. Use Amazon S3 with cross-Region replication enabled. After 30 days, transition the data to Amazon S3 Glacier Deep Achieve using a lifecycle policy.
  • D. Use Amazon S3 with cross-origin resource sharing (CORS) enabled. After 30 days, transition the data to Amazon S3 Glacier Deep Archive using a lifecycle policy.
#52 (Accuracy: 100% / 2 votes)
A company recently deployed a new auditing system to centralize information about operating system versions, patching, and installed software for Amazon EC2 instances. A solutions architect must ensure all instances provisioned through EC2 Auto Scaling groups successfully send reports to the auditing system as soon as they are launched and terminated.
Which solution achieves these goals MOST efficiently?
  • A. Use a scheduled AWS Lambda function and run a script remotely on all EC2 instances to send data to the audit system.
  • B. Use EC2 Auto Scaling lifecycle hooks to run a custom script to send data to the audit system when instances are launched and terminated.
  • C. Use an EC2 Auto Scaling launch configuration to run a custom script through user data to send data to the audit system when instances are launched and terminated.
  • D. Run a custom script on the instance operating system to send data to the audit system. Configure the script to be executed by the EC2 Auto Scaling group when the instance starts and is terminated.
#53 (Accuracy: 100% / 3 votes)
A company recently implemented hybrid cloud connectivity using AWS Direct Connect and is migrating data to Amazon S3. The company is looking for a fully managed solution that will automate and accelerate the replication of data between the on-premises storage systems and AWS storage services.
Which solution should a solutions architect recommend to keep the data private?
  • A. Deploy an AWS DataSync agent for the on-premises environment. Configure a sync job to replicate the data and connect it with an AWS service endpoint.
  • B. Deploy an AWS DataSync agent for the on-premises environment. Schedule a batch job to replicate point-in-time snapshots to AWS.
  • C. Deploy an AWS Storage Gateway volume gateway for the on-premises environment. Configure it to store data locally, and asynchronously back up point-in- time snapshots to AWS.
  • D. Deploy an AWS Storage Gateway file gateway for the on-premises environment. Configure it to store data locally, and asynchronously back up point-in-time snapshots to AWS.
#54 (Accuracy: 100% / 1 votes)
A company has 150 TB of archived image data stored on-premises that needs to be moved to the AWS Cloud within the next month. The company's current network connection allows up to 100 Mbps uploads for this purpose during the night only.
What is the MOST cost-effective mechanism to move this data and meet the migration deadline?
  • A. Use AWS Snowmobile to ship the data to AWS.
  • B. Order multiple AWS Snowball devices to ship the data to AWS.
  • C. Enable Amazon S3 Transfer Acceleration and securely upload the data.
  • D. Create an Amazon S3 VPC endpoint and establish a VPN to upload the data.
#55 (Accuracy: 100% / 3 votes)
A public-facing web application queries a database hosted on an Amazon EC2 instance in a private subnet. A large number of queries involve multiple table joins, and the application performance has been degrading due to an increase in complex queries. The application team will be performing updates to improve performance.
What should a solutions architect recommend to the application team? (Choose two.)
  • A. Cache query data in Amazon SQS
  • B. Create a read replica to offload queries
  • C. Migrate the database to Amazon Athena
  • D. Implement Amazon DynamoDB Accelerator to cache data.
  • E. Migrate the database to Amazon RDS
#56 (Accuracy: 100% / 1 votes)
A company is seeing access requests by some suspicious IP addresses. The security team discovers the requests are from different IP addresses under the same CIDR range.
What should a solutions architect recommend to the team?
  • A. Add a rule in the inbound table of the security to deny the traffic from that CIDR range.
  • B. Add a rule in the outbound table of the security group to deny the traffic from that CIDR range.
  • C. Add a deny rule in the inbound table of the network ACL with a lower number than other rules.
  • D. Add a deny rule in the outbound table of the network ACL with a lower rule number than other rules.
#57 (Accuracy: 100% / 3 votes)
A company recently expanded globally and wants to make its application accessible to users in those geographic locations. The application is deployed on
Amazon EC2 instances behind an Application Load Balancer in an Auto Scaling group. The company needs the ability to shift traffic from resources in one region to another.
What should a solutions architect recommend?
  • A. Configure an Amazon Route 53 latency routing policy.
  • B. Configure an Amazon Route 53 geolocation routing policy.
  • C. Configure an Amazon Route 53 geoproximity routing policy.
  • D. Configure an Amazon Route 53 multivalue answer routing policy.
#58 (Accuracy: 100% / 1 votes)
A Solutions Architect must design a web application that will be hosted on AWS, allowing users to purchase access to premium, shared content that is stored in an
S3 bucket. Upon payment, content will be available for download for 14 days before the user is denied access.
Which of the following would be the LEAST complicated implementation?
  • A. Use an Amazon CloudFront distribution with an origin access identity (OAI). Configure the distribution with an Amazon S3 origin to provide access to the file through signed URLs. Design a Lambda function to remove data that is older than 14 days.
  • B. Use an S3 bucket and provide direct access to the file. Design the application to track purchases in a DynamoDB table. Configure a Lambda function to remove data that is older than 14 days based on a query to Amazon DynamoDB.
  • C. Use an Amazon CloudFront distribution with an OAI. Configure the distribution with an Amazon S3 origin to provide access to the file through signed URLs. Design the application to set an expiration of 14 days for the URL.
  • D. Use an Amazon CloudFront distribution with an OAI. Configure the distribution with an Amazon S3 origin to provide access to the file through signed URLs. Design the application to set an expiration of 60 minutes for the URL and recreate the URL as necessary.
#59 (Accuracy: 100% / 3 votes)
A solutions architect is designing a mission-critical web application. It will consist of Amazon EC2 instances behind an Application Load Balancer and a relational database. The database should be highly available and fault tolerant.
Which database implementations will meet these requirements? (Choose two.)
  • A. Amazon Redshift
  • B. Amazon DynamoDB
  • C. Amazon RDS for MySQL
  • D. MySQL-compatible Amazon Aurora Multi-AZ
  • E. Amazon RDS for SQL Server Standard Edition Multi-AZ
#60 (Accuracy: 100% / 1 votes)
A company has an Amazon EC2 instance running on a private subnet that needs to access a public website to download patches and updates. The company does not want external websites to see the EC2 instance IP address or initiate connections to it.
How can a solutions architect achieve this objective?
  • A. Create a site-to-site VPN connection between the private subnet and the network in which the public site is deployed.
  • B. Create a NAT gateway in a public subnet. Route outbound traffic from the private subnet through the NAT gateway.
  • C. Create a network ACL for the private subnet where the EC2 instance deployed only allows access from the IP address range of the public website.
  • D. Create a security group that only allows connections from the IP address range of the public website. Attach the security group to the EC2 instance.