AWS 架構師證照考古題大全 20240919
Amazon Web Service(AWS 亞馬遜)全系列考古題,2024年最新題庫,持續更新,全網最完整。AWS 證照含金量高,自我進修、跨足雲端產業必備近期版本更新,隨時追蹤最新趨勢變化。
QUESTION 1
A company has a multi-tier application that runs six front-end web servers in an Amazon EC2 Auto Scaling group in a singleAvailability Zone behind an Application Load Balancer (ALB). A solutions architect needs to modify the infrastructure to be highlyavailable without modifying the application. Which architecture should the solutions architect choose that provides high availability?
A. Create an Auto Scaling group that uses three instances across each of two Regions
B. Modify the Auto Scaling group to use three instances across each of two Availability Zones
C. Create an Auto Scaling template that can be used to quickly create more instances in another Region
D. Change the ALB in front of the Amazon EC2 instances in a round-robin configuration to balance traffic to the web tier
Correct Answer: B
Section: (none)
QUESTION 2
A bicycle sharing company is developing a multi-tier architecture to track the location of its bicycles during peak operating hours.
The company wants to use these data points in its existing analytics platform A solutions architect must determine the most viablemulti-tier option to support this architecture. The data points must be accessible from the REST API. Which action meets these requirements for storing and retrieving location data?
A. Use Amazon Athena with Amazon S3
B. Use Amazon API Gateway with AWS Lambda
C. Use Amazon QuickSight with Amazon Redshift
D. Use Amazon API Gateway with Amazon Kinesis Data Analytics
Correct Answer: B
Section: (none)
探索小豬科技的全方位雲端服務,立即提升您的業務競爭力!了解更多
QUESTION 3
A solutions architect is designing the cloud architecture for a new application being deployed on AWS. The process should run in parallel while adding and removing application nodes as needed based on the number of jobs to be processed.
The processor application is stateless.
The solutions architect must ensure that the application is loosely coupled and the job items are durably stored.
Which design should the solutions architect use?
A. Create an Amazon SNS topic to send the jobs that need to be processed.
Create an Amazon Machine Image (AMI) that consists of the processor application. Create a launch configuration that uses the AMI.
Create an Auto Scaling group using the launch configuration.
Set the scaling policy for the Auto Scaling group to add and remove nodes based on CPU usage
B. Create an Amazon SQS queue to hold the jobs that need to be processed.
Create an Amazon Machine Image (AMI) that consists of the processor application. Create a launch configuration that uses the AMI.
Create an Auto Scaling group using the launch configuration.
Set the scaling policy for the Auto Scaling group to add and remove nodes based on network usage
C. Create an Amazon SQS queue to hold the jobs that needs to be processed.
Create an Amazon Machine Image (AMI) that consists of the processor application. Create a launch template that uses the AMI.
Create an Auto Scaling group using the launch template.
Set the scaling policy for the Auto Scaling group to add and remove nodes based on the number of items in the SQS queue
D. Create an Amazon SNS topic to send the jobs that need to be processed.
Create an Amazon Machine Image (AMI) that consists of the processor application. Create a launch template that uses the AMI.
Create an Auto Scaling group using the launch template.
Set the scaling policy for the Auto Scaling group to add and remove nodes based on the number of messages published to the SNS topic.
Correct Answer: C
Section: (none)
QUESTION 4
A security team wants to limit access to specific services or actions in all of the team's AWS accounts. All accounts belong to a large organization in AWS Organizations. The solution must be scalable and there must be a single point where permissions can be maintained.
What should a solutions architect do to accomplish this?
A. Create an ACL to provide access to the services or actions.
B. Create a security group to allow accounts and attach it to user groups
C. Create cross-account roles in each account to deny access to the services or actions.
D. Create a service control policy in the root organizational unit to deny access to the services or actions
Correct Answer: D
Section: (none)
QUESTION 5
A company hosts an application on multiple Amazon EC2 instances. The application processes messages from an Amazon SQS queue writes to an Amazon RDS table and deletes the message from the queue Occasional duplicate records are found in the RDS table.
The SQS queue does not contain any duplicate messages. What should a solutions archived do to ensure messages are being processed once only?
A. Use the CreateQueue API call to create a new queue
B. Use the AddPermission API call to add appropriate permissions
C. Use the ReceiveMessage API call to set an appropriate wait time.
D. Use the ChangeMessageVisibility API call to increase the visibility timeout
Correct Answer: D
Section: (none)
An Amazon EC2 administrator created the following policy associated with an IAM group containing several users.
What is the effect of this policy?
A. Users can terminate an EC2 instance in any AWS Region except us-east-1.
B. Users can terminate an EC2 instance with the IP address 10.100. 1001 in the us-east-1 Region.
C. Users can terminate an EC2 instance in the us-east-1 Region when the user's source IP is 10.100.100.254.
D. Users cannot terminate an EC2 instance in the us-east-1 Region when the user's source IP is 10.100.100.254.
Correct Answer: C
Section: (none)
QUESTION 7
An application runs on Amazon EC2 instances across multiple Availability Zones. The instances run in an Amazon EC2 AutoScaling group behind an Application Load Balancer. The application performs best when the CPU utilization of the EC2 instances isat or near 40%. What should a solutions architect do to maintain the desired performance across all instances m the group?
A. Use a simple scaling policy to dynamically scale the Auto Scaling group
B. Use a target tracking policy to dynamically scale the Auto Scaling group
C. Use an AWS Lambda function to update the desired Auto Scaling group capacity
D. Use scheduled scaling actions to scale up and scale down the Auto Scaling group
Correct Answer: B
Section: (none)
QUESTION 8
A solutions architect is optimizing a website for an upcoming musical event Videos of the performances will be streamed in real time and then will be available on demand. The event is expected to attract a global online audience. Which service will improve the performance of both the real-time and on-demand streaming?
A. Amazon CloudFront
B. AWS Global Accelerator
C. Amazon Route 53
D. Amazon S3 Transfer Acceleration
Correct Answer: A
Section: (none)
QUESTION 9
Organizers for a global event want to put daily reports online as static HTML pages. The pages are expected to generate millionsof views from users around the world The files are stored in an Amazon S3 bucket.
A solutions architect has been asked to design an efficient and effective solution. Which action should the solutions architect take to accomplish this?
A. Generate presigned URLs for the files
B. Use cross-Region replication to all Regions
C. Use the geoproximity feature of Amazon Route 53
D. Use Amazon CloudFront with the S3 bucket as its origin
Correct Answer: D
Section: (none)
想要快速啟動雲端服務?現在就註冊小豬科技,輕鬆開通您的雲端伺服器!立即註冊
QUESTION 10
A solutions architect is designing a two-tier web application. The application consists of a public-facing web tier hosted on Amazon EC2 in public subnets. The database tier consists of Microsoft SQL Server running on Amazon EC2 in a private subnet Security isa high priority for the company. How should security groups be configured in this situation? (Select TWO)
A. Configure the security group for the web tier to allow inbound traffic on port 443 from 0.0.0.0.0/0
B. Configure the security group for the web tier to allow outbound traffic on port 443 from 0.0.0.0/0
C. Configure the security group for the database tier to allow inbound traffic on port 1433 from the security group for the web tier
D. Configure the security group for the database tier to allow outbound traffic on ports 443 and 1433 to the security group for the web tier
E. Configure the security group for the database tier to allow inbound traffic on ports 443 and 1433 from the security group for the web tier
Correct Answer: AC
Section: (none)
QUESTION 11
A company is hosting a web application on AWS using a single Amazon EC2 instance that stores user- uploaded documents in an Amazon EBS volume.
For better scalability and availability the company duplicated the architecture and created a second EC2 instance and EBS volumein another Availability Zone: placing both behind an Application Load Balancer. After completing this change users reported thateach time they refreshed the website they could see one subset of their documents or the other but never all of the documents at the same time. What should a solutions architect propose to ensure users see all of their documents at once''
A. Copy the data so both EBS volumes contain all the documents.
B. Configure the Application Load Balancer to direct a user to the server with the documents.
C. Copy the data from both EBS volumes to Amazon EFS.
Modify the application to save new documents to Amazon EFS.
D. Configure the Application Load Balancer to send the request to both servers. Return each document from the correct server.
Correct Answer: C
Section: (none)
QUESTION 12
An application runs on Amazon EC2 instances in private subnets. The application needs to access an Amazon DynamoDB table.What is the MOST secure way to access the table while ensuring that the traffic does not leave the AWS network?
A. Use a VPC endpoint for DynamoDB.
B. Use a NAT gateway in a public subnet.
C. Use a NAT instance in a private subnet.
D. Use the internet gateway attached to the VPC.
Correct Answer: A
Section: (none)
QUESTION 13
A media company is evaluating the possibility of moving its systems to the AWS Cloud. The company needs at least 10 TB of storage with the maximum possible I/O performance for video processing. 300 TB of very durable storage for storing mediacontent, and 900 TB of storage to meet requirements for archival media that is not in use anymore. Which set of services should a solutions architect recommend to meet these requirements?
A. Amazon EBS for maximum performance, Amazon S3 for durable data storage, and Amazon S3 Glacier for archival storage
B. Amazon EBS for maximum performance. Amazon EFS for durable data storage, and Amazon S3 Glacier for archival storage
C. Amazon EC2 instance store for maximum performance, Amazon EFS for durable data storage, and Amazon S3 for archival storage
D. Amazon EC2 instance store for maximum performance, Amazon S3 for durable data storage, and Amazon S3 Glacier for archival storage
Correct Answer: D
Section: (none)
QUESTION 14
A company has a large Microsoft SharePoint deployment running on-premises that requires Microsoft Windows shared file storage. The company wants to migrate this workload to the AWS Cloud and is considering various storage options. The storagesolution must be highly available and integrated with Active Directory for access control.
Which solution will satisfy these requirements?
A. Configure Amazon EFS storage and set the Active Directory domain for authentication.
B. Create an SMB file share on an AWS Storage Gateway file gateway in two Availability Zones.
C. Create an Amazon S3 bucket and configure Microsoft Windows Server to mount it as a volume.
D. Create an Amazon FSx for Windows File Server file system on AWS and set the Active Directory domain for authentication.
Correct Answer: D
Section: (none)
需要更多資訊?小豬科技專員隨時為您服務,聯絡我們,為您的業務提供最佳的雲端解決方案!點擊聯絡
QUESTION 15
A company runs an application using Amazon ECS. The application creates resized versions of an original image and then makes Amazon S3 API calls to store the resized images in Amazon S3. How can a solutions architect ensure that the application has permission to access Amazon S3?
A. Update the S3 role in AWS IAM to allow read/write access from Amazon ECS, and then relaunch the container.
B. Create an IAM role with S3 permissions, and then specify that role as the taskRoleArn in the task definition.
C. Create a security group that allows access from Amazon ECS to Amazon S3, and update the launch configuration used by the ECS cluster.
D. Create an IAM user with S3 permissions, and then relaunch the Amazon EC2 instances for the ECS cluster while logged in as this account.
Correct Answer: B
Section: (none)
QUESTION 16
A company's web application is running on Amazon EC2 instances behind an Application Load Balancer. The company recentlychanged its policy, which now requires the application to be accessed from one specific country only.
Which configuration will meet this requirement?
A. Configure the security group for the EC2 instances.
B. Configure the security group on the Application Load Balancer.
C. Configure AWS WAF on the Application Load Balancer in a VPC.
D. Configure the network ACL for the subnet that contains the EC2 instances.
Correct Answer: C
Section: (none)
QUESTION 17
A company's website provides users with downloadable historical performance reports. The website needs a solution that will scale to meet the company's website demands globally. The solution should be cost effective, limit the? provisioning of Into andprovide the fastest possible response time. Which combination should a solutions architect recommend to meet these requirements?
A. Amazon CloudFront and Amazon S3
B. AWS Lambda and Amazon Dynamo
C. Application Load Balancer with Amazon EC2 Auto Scaling
D. Amazon Route 53 with internal Application Load Balances
Correct Answer: A
Section: (none)
QUESTION 18
A company has an Amazon EC2 instance running on a private subnet that needs to access a public websites to downloadpatches and updates. The company does not want external websites to see the EC2 instance IP address or initiate connection to it.
How can a solution architect achieve this objective?
A. Create a site-to-site VPN connection between the private subnet and the network in which the public site is deployed
B. Create a NAT gateway in a public subnet Route outbound traffic from the private subnet through the NAI gateway
C. Create a network ACL for the private subnet where the EC2 instance deployed only allows access from the IP address range of the public website
D. Create a security group that only allows connections from the IP address range of the public website. Attach the security group to the EC2 instance.
Correct Answer: B
Section: (none)
QUESTION 19
A development team needs to host a website that will be accessed by other teams. The website contents.consist of HTML. CSS,client side JavaScript, and images. Which method is the MOST cost- effective for hosting the website?
A. Containerize the website and host it in AWS Fargate
B. Create an Amazon S3 bucket and host the website there.
C. Deploy a web server on an Amazon EC2 instance to host the website.
D. Configure an Application Load Balancer with an AWS Lambda target that uses the Express is framework
Correct Answer: B
Section: (none)
QUESTION 20
Company is designing a website that uses an Amazon S3 bucket to store static images. The company wants ail future requestshave taster response times while reducing both latency and cost. Which service configuration should a solutions architect recommend?
A. Deploy a NAT server in front of Amazon S3.
B. Deploy Amazon CloudFront in front of Amazon S3.
C. Deploy a Network Load Balancer in front of Amazon S3.
D. Configure Auto Scaling to automatically adjust the capacity of the website.
Correct Answer: B
Section: (none)
立即註冊小豬科技,開啟您的雲端之旅,享受專屬優惠和全天候技術支持!點擊註冊 或是 聯絡我們