Amazon AWS Certified Solutions Architect - Associate SAA-C02
Prev

There are 450 results

Next
#71 (Accuracy: 100% / 5 votes)
A company has enabled AWS CloudTrail logs to deliver log files to an Amazon S3 bucket for each of its developer accounts. The company has created a central
AWS account for streamlining management and audit reviews. An internal auditor needs to access the CloudTrail logs, yet access needs to be restricted for all developer account users. The solution must be secure and optimized.
How should a solutions architect meet these requirements?
  • A. Configure an AWS Lambda function in each developer account to copy the log files to the central account. Create an IAM role in the central account for the auditor. Attach an IAM policy providing read-only permissions to the bucket.
  • B. Configure CloudTrail from each developer account to deliver the log files to an S3 bucket in the central account. Create an IAM user in the central account for the auditor. Attach an IAM policy providing full permissions to the bucket.
  • C. Configure CloudTrail from each developer account to deliver the log files to an S3 bucket in the central account. Create an IAM role in the central account for the auditor. Attach an IAM policy providing read-only permissions to the bucket.
  • D. Configure an AWS Lambda function in the central account to copy the log files from the S3 bucket in each developer account. Create an IAM user in the central account for the auditor. Attach an IAM policy providing full permissions to the bucket.
#72 (Accuracy: 100% / 1 votes)
A company has several business systems that require access to data stored in a file share. The business systems will access the file share using the Server
Message Block (SMB) protocol. The file share solution should be accessible from both of the company's legacy on-premises environments and with AWS.
Which services meet the business requirements? (Choose two.)
  • A. Amazon Elastic Block Store (Amazon EBS)
  • B. Amazon Elastic File System (Amazon EFS)
  • C. Amazon FSx for Windows
  • D. Amazon S3
  • E. AWS Storage Gateway file gateway
#73 (Accuracy: 100% / 2 votes)
A company has a Microsoft Windows-based application that must be migrated to AWS. This application requires the use of a shared Windows file system attached to multiple Amazon EC2 Windows instances.
What should a solutions architect do to accomplish this?
  • A. Configure a volume using Amazon Elastic File System (Amazon EFS). Mount the EFS volume to each Windows instance.
  • B. Configure AWS Storage Gateway in Volume Gateway mode. Mount the volume to each Windows instance.
  • C. Configure Amazon FSx for Windows File Server. Mount the Amazon FSx volume to each Windows instance.
  • D. Configure an Amazon Elastic Block Store (Amazon EBS) volume with the required size. Attach each EC2 instance to the volume. Mount the file system within the volume to each Windows instance.
#74 (Accuracy: 100% / 1 votes)
A company hosts its website on Amazon S3. The website serves petabytes of outbound traffic monthly, which accounts for most of the company's AWS costs.
What should a solutions architect do to reduce costs?
  • A. Configure Amazon CloudFront with the existing website as the origin.
  • B. Move the website to Amazon EC2 with Amazon Elastic Block Store (Amazon EBS) volumes for storage.
  • C. Use AWS Global Accelerator and specify the existing website as the endpoint.
  • D. Rearchitect the website to run on a combination of Amazon API Gateway and AWS Lambda.
#75 (Accuracy: 100% / 1 votes)
A company runs a website on Amazon EC2 instances behind an ELB Application Load Balancer. Amazon Route 53 is used for the DNS. The company wants to set up a backup website with a message including a phone number and email address that users can reach if the primary website is down.
How should the company deploy this solution?
  • A. Use Amazon S3 website hosting for the backup website and Route 53 failover routing policy.
  • B. Use Amazon S3 website hosting for the backup website and Route 53 latency routing policy.
  • C. Deploy the application in another AWS Region and use ELB health checks for failover routing.
  • D. Deploy the application in another AWS Region and use server-side redirection on the primary website.
#76 (Accuracy: 100% / 2 votes)
A company uses Amazon S3 as its object storage solution. The company has thousands of S3 buckets it uses to store data. Some of the S3 buckets have data that is accessed less frequently than others. A solutions architect found that lifecycle policies are not consistently implemented or are implemented partially, resulting in data being stored in high-cost storage.
Which solution will lower costs without compromising the availability of objects?
  • A. Use S3 ACLs.
  • B. Use Amazon Elastic Block Store (Amazon EBS) automated snapshots.
  • C. Use S3 Intelligent-Tiering storage.
  • D. Use S3 One Zone-Infrequent Access (S3 One Zone-IA).
#77 (Accuracy: 100% / 1 votes)
An application is running on Amazon EC2 instances. Sensitive information required for the application is stored in an Amazon S3 bucket. The bucket needs to be protected from internet access while only allowing services within the VPC access to the bucket.
Which combination of actions should solutions archived take to accomplish this? (Choose two.)
  • A. Create a VPC endpoint for Amazon S3.
  • B. Enable server access logging on the bucket.
  • C. Apply a bucket policy to restrict access to the S3 endpoint.
  • D. Add an S3 ACL to the bucket that has sensitive information.
  • E. Restrict users using the IAM policy to use the specific bucket.
#78 (Accuracy: 100% / 1 votes)
A web application runs on Amazon EC2 instances behind an Application Load Balancer. The application allows users to create custom reports of historical weather data. Generating a report can take up to 5 minutes. These long-running requests use many of the available incoming connections, making the system unresponsive to other users.
How can a solutions architect make the system more responsive?
  • A. Use Amazon SQS with AWS Lambda to generate reports.
  • B. Increase the idle timeout on the Application Load Balancer to 5 minutes.
  • C. Update the client-side application code to increase its request timeout to 5 minutes.
  • D. Publish the reports to Amazon S3 and use Amazon CloudFront for downloading to the user.
#79 (Accuracy: 100% / 1 votes)
A solutions architect must create a highly available bastion host architecture. The solution needs to be resilient within a single AWS Region and should require only minimal effort to maintain.
What should the solutions architect do to meet these requirements?
  • A. Create a Network Load Balancer backed by an Auto Scaling group with a UDP listener.
  • B. Create a Network Load Balancer backed by a Spot Fleet with instances in a partition placement group.
  • C. Create a Network Load Balancer backed by the existing servers in different Availability Zones as the target.
  • D. Create a Network Load Balancer backed by an Auto Scaling group with instances in multiple Availability Zones as the target.
#80 (Accuracy: 100% / 4 votes)
A three-tier web application processes orders from customers. The web tier consists of Amazon EC2 instances behind an Application Load Balancer, a middle tier of three EC2 instances decoupled from the web tier using Amazon SQS, and an Amazon DynamoDB backend. At peak times, customers who submit orders using the site have to wait much longer than normal to receive confirmations due to lengthy processing times. A solutions architect needs to reduce these processing times.
Which action will be MOST effective in accomplishing this?
  • A. Replace the SQS queue with Amazon Kinesis Data Firehose.
  • B. Use Amazon ElastiCache for Redis in front of the DynamoDB backend tier.
  • C. Add an Amazon CloudFront distribution to cache the responses for the web tier.
  • D. Use Amazon EC2 Auto Scaling to scale out the middle tier instances based on the SQS queue depth.