AWS 架構師證照考古題大全2024105
Amazon Web Service(AWS 亞馬遜)全系列考古題,2024年最新題庫,持續更新,全網最完整。AWS 證照含金量高,自我進修、跨足雲端產業必備近期版本更新,隨時追蹤最新趨勢變化。
QUESTION 281
A solution architect must migrate a Windows internet information Services (IIS) web application to AWS. The application currentlyrelies on a file share hosted in the user's on-premises network- attached storage (NAS). The solution architected has proposedmigrating the IIS web servers Which replacement to the on- promises filo share is MOST resilient and durable?
A. Migrate the file Share to Amazon RDS.
B. Migrate the tile Share to AWS Storage Gateway
C. Migrate the file Share to Amazon FSx dor Windows File Server.
D. Migrate the tile share to Amazon Elastic File System (Amazon EFS)
Correct Answer: C
Section: (none)
QUESTION 282
A company recently deployed a new auditing system to centralize information about operating system versions, patching, and installed software for Amazon EC2 instances. A solutions architect must ensure all instances provisioned through EC2 Auto Scalinggroups successfully send reports to the auditing system as soon as they are launched and terminated. Which solution achieves these goals MOST efficiently?
A. Use a scheduled AWS Lambda function and execute a script remotely on all EC2 instances to send data to the audit system.
B. Use EC2 Auto Scaling lifecycle hooks to execute a custom script to send data to the audit system when instances are launched and terminated.
C. Use an EC2 Auto Scaling launch configuration to execute a custom script through user data to send data to the audit system when instances are launched and terminated.
D. Execute a custom script on the instance operating system to send data to the audit system. Configure the script to beexecuted by the EC2 Auto Scaling group when the instance starts and is terminated.
Correct Answer: B
Section: (none)
QUESTION 283
A company has a three-tier environment on AWS that ingests sensor data from its users' devices. The traffic flows through a Network Load Balancer (NLB), then to Amazon EC2 instances for the web tier, and finally to EC2 instances for the application tierthat makes database calls. What should a solutions architect do to improve the security of data in transit to the web tier?
A. Configure a TLS listener and add the Server Certificate on the NLB.
B. Configure AWS Shield Advanced and enable AWS WAF on the NLB.
C. Change the Load Balancer to an Application Load Balancer and attach AWS WAF to it.
D. Encrypt the Amazon Elastic Block Store (Amazon EBS) volume on the EC2 instances using AWS Key Management Service (AWS KMS)
Correct Answer: A
Section: (none)
QUESTION 284
A company is planning to migrate a commercial off-the-shelf application from its on-premises data center to AWS, The software has a software licensing model using sockets and cores with predictable capacity and uptime requirements. The company wants to use its existing licenses, which were purchased earlier this year.
Which Amazon EC2 pricing option is the MOST cost-effective?
A. Dedicated Reserved Hosts
B. Dedicated On- Demand Hosts
C. Dedicated Reserved Instances
D. Dedicated On-Demand Instances
Correct Answer: A
Section: (none)
QUESTION 285
A solutions architect is creating a new VPC design. There are two public subnet for the load balancer, two private subnets for webservers, and two private subnets for MySQL. The web serves use only HTTPS. The solutions architect has already created a security group for the load Balancer allowing port 443 from 0.0 0.0/0. Company policy requires that each resource has the least access required to still be able to perform its tasks. Which additional configuration strategy should the solution architect use to meet these requirements?
A. Create a security group far the web servers and allow port 443 from 0.0.0.0/0.
Create a security group tor the MySQL serve's aid allow port 3306 from the web servers security group.
B. Create a network ACL for the web servers and allow port 443 from 0.0.0.0/0.
Create a network ACL for the MySQL servers and allow port 3306 from the web servers security group
C. Create a security group for the web servers and allow port 443 from the load balancer.
Create a security group tor the MySQL servers and allow port 3306 from the web sewers security group
D. Create a network ACL for the web servers and allow port 443 from the web balancer.
Create a network ACL for the MySQL servers and allow port 3306 from the web servers security group.
Correct Answer: C
Section: (none)
想要深入了解小豬科技的雲端服務?點擊這裡探索我們的全方位解決方案。
QUESTION 286
A solutions architect wants all new users to have specific complexity requirements and mandatory rotation periods for IAM user passwords.
What should the solutions architect do to accomplish this?
A. Set an overall password policy for the entire AWS account
B. Set a password policy for each IAM user in the AWS account.
C. Use third-party vendor software to set password requirements,
D. Attach an Amazon CloudWatch rule to the Create_newuser event to set the password with the appropriate requirements.
Correct Answer: A
Section: (none)
QUESTION 287
A new employee has joined a company as a deployment engineer. The deployment engineer will be using AWS CloudFormation templates to create multiple AWS resources. A solutions architect wants the deployment engineer to perform job activities. While following the principle of least privilege. Which combination of actions should the solutions architect take to accomplish this goal? (Select TWO.)
A. Have the deployment engineer use AWS account roof user credentials for performing AWS CloudFormation stack operations.
B. Create a new IAM user for the deployment engineer and add the IAM user to a group that has the PowerUsers IAM policy attached
C. Create a new IAM user for the deployment engineer and add the IAM user to a group that has the Administrate/Access IAM policy attached
D. Create a new IAM User for the deployment engineer and add the IAM user to a group that has an IAM policy that allows AWS CloudFormation actions only
E. Create an IAM role for the deployment engineer to explicitly define the permissions specific to the AWS CloudFormation stack and launch stacks using Dial IAM role.
Correct Answer: DE
Section: (none)
QUESTION 288
A company has a large dataset for its online advertising business stored in an Amazon RDS for MySQL DB instance in a single Availability Zone. The company wants business reporting queries to run without impacting the write operations to the production DB instance.
Which solution meets these requirements?
A. Deploy RDS read replicas to process the business reporting queries.
B. Scale out the DB instance horizontally by placing it behind an Elastic Load Balancer
C. Scale up the DB instance to a larger instance type to handle write operations and queries.
D. Deploy the DB instance in multiple Availability Zones to process the business reporting queries.
Correct Answer: A
Section: (none)
QUESTION 289
A developer has an application that uses an AWS Lambda function to upload files to Amazon S3 and needs the required permissions to perform the task. The developer already has an IAM user with valid IAM credentials required for Amazon S3. What should a solutions architect do to grant the permissions?
A. Add required IAM permissions in the resource policy of the Lambda function.
B. Create a signed request using the existing IAM credential in the Lambda function.
C. Create a new IAM user and use the existing IAM credentials in the Lambda function
D. Create an IAM execution role with the required permissions and attach the IAM role to the Lambda function
Correct Answer: D
Section: (none)
QUESTION 290
A solutions architect is designing the architecture fora software demonstration environment. The environment will run on Amazon EC2 instances in an Auto Scaling group behind an Application Load Balancer (ALB). The system will experience significantincreases in traffic during working hours but is not required to operate on weekends.
Which combination of actions should the solutions architect take to ensure that the system can scale to meet demand? (Select TWO)
A. Use AWS Auto Scaling to adjust the ALB capacity based on request rate.
B. Use AWS Auto Scaling to scale the capacity of the VPC internet gateway.
C. Launch the EC2instances in multiple AWS Regions to distribute the load across Regions.
D. Use a target tracking scaling policy to scale the Auto Scaling group based on instance CPU utilization.
E. Use scheduled scaling to change the Auto Scaling group minimum, maximum, and desired capacity to zero for weekends Revert to the default values at the start of the week.
Correct Answer: DE
Section: (none)
QUESTION 291
A company runs a web application that is backed by Amazon RDS. A new database administrator caused
data loss by accidentally editing information in a database table. To help recover from this type of incident, the company wants theability to restore the database to its state from 5 minutes before any change within the last 30 days.
Which feature should the solutions architect include in the design to meet this requirement?
A. Read replicas
B. Manual snapshots
C. Automated backups
D. Multi-AZ deployments
Correct Answer: C
Section: (none)
馬上加入小豬科技,立即註冊 並享受專屬優惠!
QUESTION 292
A company is deploying a two-tier web application in a VPC. The web tier is using an Amazon EC2 Auto Scaling group with publicsubnets that span multiple Availability Zones. The database tier consists of an Amazon RDS for MySQL DB instance in separate private subnets. The web tier requires access to the database to retrieve product information.
The web application is not working as intended. The web application reports that it cannot connect to the database. The database is confirmed to be up and running. All configurations for the network ACLs, security groups, and route tables are still in their default states. What should a solutions architect recommend to fix the application?
A. Add an explicit rule to the private subnet's network ACL to allow traffic from the web tier's EC2 instances.
B. Add a route in the VPC route table to allow traffic between the web tier's EC2 instances and the database tier.
C. Deploy the web tier's EC2 instances and the database tier's RDS instance into two separate VPCs, and configure VPC peering.
D. Add an inbound rule to the security group of the database tiers RDS instance to allow traffic from the web tier's security group.
Correct Answer: D
Section: (none)
QUESTION 293
A company needs to transfer 600 TB of data from its on-premises network-attached storage (NAS) system to the AWS Cloud. The data transfer must be complete within 2 weeks. The data is sensitive and must be encrypted in transit. The company's internetconnection can support an upload speed of 100 Mbps. Which solution meets these requirements MOST cost-effectively?
A. Use Amazon S3 multi-part upload functionality to transfer the files over HTTPS.
B. Create a VPN connection between the on-premises NAS system and the nearest AWS Region. Transfer the data over the VPN connection
C. Use the AWS Snow Family console to order several AWS Snowball Edge Storage Optimized devices. Use the devices to transfer the data to Amazon S3.
D. Set up a 10 Gbps AWS Direct Connect connection between the company location and the nearest AWS Region. Transfer the data over a VPN connection into the Region to store the data in Amazon S3.
Correct Answer: C
Section: (none)
QUESTION 294
A company is architecting a shared storage solution for a gaming application that is hosted in the AWS Cloud. The companyneeds the ability to use Lustre clients to access data The solution must be fully managed.
Which solution meets these requirements?
A. Create an AWS DataSync task that shares the data as a mountable file system. Mount the file system to the application server.
B. Create an AWS Storage Gateway file gateway Create a file share that uses the required client protocol Connect the application server to the file share.
C. Create an Amazon Elastic File System (Amazon EFS) file system, and configure it to support Lustre Attach the file system to the origin server Connect the application server to the file system.
D. Create an Amazon FSx for Lustre file system. Attach the file system to the origin server. Connect the application server to the file system.
Correct Answer: D
Section: (none)
QUESTION 295
A company uses a payment processing system that requires messages for a particular payment ID to be received in the sameorder that they were sent. Otherwise, the payments might be processed incorrectly. Which actions should a solutions architect take to meet this requirement? (Select TWO)
A. Write the messages to an Amazon DynamoDB table with the payment ID as the partition key
B. Write the messages to an Amazon Kinesis data stream with the payment ID as the partition key
C. Write the messages to an Amazon ElastiCache for Memcached cluster with the payment ID as the key
D. Write the messages to an Amazon Simple Queue Service (Amazon SQS) queue. Set the message attribute to use the payment ID.
E. Write the messages to an Amazon Simple Queue Service (Amazon SQS) FIFO queue. Set the message group to use the payment ID.
Correct Answer: BE
Section: (none)
有任何問題?聯絡專員,我們隨時為您服務!
QUESTION 296
A company wants to deploy a new public web application on AWS. The application includes a web server tier that uses AmazonEC2 instances. The application also includes a database tier that uses an Amazon RDS for MySQL DB instance.
The application must be secure and accessible for global customers that have dynamic IP addresses. How should a solutions architect configure the security groups to meet these requirements?
A. Configure the security group for the web servers to allow inbound traffic on port 443 from 0.0.0.0/0. Configure the securitygroup for the DB instance to allow inbound traffic on port 3306 from the security group of the web servers.
B. Configure the security group for the web servers to allow inbound traffic on port 443 from the IP addresses of the customers.Configure the security group for the DB instance to allow inbound traffic on port 3306 from the security group of the web servers.
C. Configure the security group for the web servers to allow inbound traffic on port 443 from the IP addresses of the customers.Configure the security group for the DB instance to allow inbound traffic on port 3306 from the IP addresses of the customers.
D. Configure the security group for the web servers to allow inbound traffic on port 443 from 00.0.0/0.Configure the securitygroup for the DB instance to allow inbound traffic on port 3306 from 0.0.0.0/0.
Correct Answer: A
Section: (none)
QUESTION 297
A company has an application that collects data from IoT sensors on automobiles. The data is streamed and stored in AmazonS3 through Amazon Kinesis Date Firehose. The data produces trillions of S3 objects each year. Each morning, the company uses the data from the previous 30 days to retrain a suite of machine learning (ML) models
Four times each year, the company uses the data from the previous 12 months to perform analysis and train other ML models.The data must be available with minimal delay for up to 1year. After 1 year, the data must be retained for archival purposes.
Which storage solution meets these requirements MOST cost-effectively?
A. Use the S3 Intelligent-Tiering storage class. Create an S3 Lifecycle policy to transition objects to S3 Glacier Deep Archive after 1 year
B. Use the S3 Intelligent-Tiering storage class Configure S3 Intelligent-Tiering to automatically move objects to S3 Glacier Deep Archive after 1year
C. Use the S3 Standard-Infrequent Access (S3 Standard-IA) storage class. Create an S3 Lifecycle policy to transition objects to S3 Glacier Deep Archive after 1 year
D. Use the S3 Standard storage class. Create an S3 Lifecycle policy to transition objects to S3 Standard- Infrequent Access (S3 Standard-IA) after 30 days, and then to S3 Glacier Deep Archive after 1 year
Correct Answer: D
Section: (none)
QUESTION 298
A company runs a public three-tier web application in a VPC. The application runs on AmazonEc2 instances across multiple Availability Zones. The EC2instances that run in private subnets need to communicate with a license server over the internet. The company needs a managed solution that minimizes operational maintenance.
Which solution meets these requirements?
A. Provision a NAT instance in a public subnet. Modify each private subnet's route table with a default route that points to the NAT instance
B. Provision a NAT instance in a private subnet. Modify each private subnet's route table with a default route that points to the NAT instance
C. Provision a NAT gateway in a public subnet. Modify each private subnet's route table with a default route that points to the NAT gateway.
D. Provision a NAT gateway in a private subnet. Modify each private subnet's route table with a default route that points to tr NAT gateway.
Correct Answer: C
Section: (none)
QUESTION 299
A meteorological startup company has a custom web application to sell weather data to its users online. The company uses Amazon DynamoDB to store its data and wants to build a new service that sends an alert to the managers of four internal teams every time a new weather event is recorded. The company does not want this new service to affect the performance of the currentapplication. What should a solutions architect do to meet these requirements with the LEAST amount of operational overhead?
A. Use DynamoDB transactions to write new event data to the table Configure the transactions to notify internal teams
B. Have the current application publish a message to four Amazon Simple Notification Service (Amazon SNS) topics Have each team subscribe to one topic
C. Enable Amazon DynamoDB Streams on the table Use triggers to write to a single Amazon Simple Notification Service (Amazon SNS) topic to which the teams can subscribe.
D. Add a custom attribute to each record to flag new items. Write a cron job that scans the table every minute for items that arenew and notifies an Amazon Simple Queue Service (Amazon SQS) queue to which the teams can subscribe
Correct Answer: C
Section: (none)
QUESTION 300
A company needs to ingest and handle large amounts of streaming data that its application generates. The application runs on Amazon EC2 instances and sends data to Amazon Kinesis Data Streams, which is configured with default settings. Every otherday, the application consumes the data and writes the data to an Amazon S3 bucket for business intelligence (BI) processing. Thecompany observes that Amazon S3 is not receiving all the data that the application sends to Kinesis Data Streams. What should a solutions architect do to resolve this issue?
A. Update the Kinesis Data Streams default settings by modifying the data retention period
B. Update the application to use the Kinesis Producer Library (KPL) to send the data to Kinesis Data Streams
C. Update the number of Kinesis shards to handle the throughput of the data that is sent to Kinesis Data
Streams
D. Turn on S3 Versioning within the S3 bucket to preserve every version of every object that is ingested in the S3 bucket.
Correct Answer: A
Section: (none)
了解小豬科技如何助您在數位化時代脫穎而出,點擊這裡。
QUESTION 301
An ecommerce company is building a distributed application that involves several serverless functions and AWS services to complete order-processing tasks. These tasks require manual approvals as part of the workflow A solutions architect needs to design an architecture for the order-processing application. The solution must be able to combine multiple AWS Lambda functions into responsive serverless applications. The solution also must orchestrate data and services that run on Amazon EC2 instances,containers, or on- premises servers.
Which solution will meet these requirements with the LEAST operational overhead?
A. Use AWS Step Functions to build the application
B. Integrate all the application components in an AWS Glue job
C. Use Amazon Simple Queue Service (Amazon SQS) to build the application
D. Use AWS Lambda functions and Amazon EventBridge (Amazon CloudWatch Events) events to build the application
Correct Answer: A
Section: (none)
QUESTION 302
A company is running a multi-tier ecommerce web application in the AWS Cloud The application runs on Amazon Ec2instanceswith an Amazon RDS for MySQL Multi-AZ DB instance. Amazon RDS is configured with the latest generation DB instance with2,000 GB of storage in a General Purpose SSD (gp3) Amazon Elastic Block Store (Amazon EBS) volume. The database performance affects the application during periods of high demand.
A database administrator analyzes the logs in Amazon CloudWatch Logs and discovers that the application performance alwaysdegrades when the number of read and write IOPS is higher than 20000. What should a solutions architect do to improve the application performance?
A. Replace the volume with a magnetic volume
B. Increase the number of IOPS on the gp3 volume
C. Replace the volume with a Provisioned IOPS SSD (io2) volume
D. Replace the 2,000 GB gp3 volume with two 1,000 GB gp3 volumes.
Correct Answer: C
Section: (none)
QUESTION 303
A company has deployed a serverless application that invokes an AWS Lambda function when new documents are uploaded to an Amazon S3 bucket. The application uses the Lambda function to process the documents. After a recent marketing campaign,thecompany noticed that the application did not process many of the documents.
What should a solutions architect do to improve the architecture of this application?
A. Set the Lambda function's runtime timeout value to 15 minutes
B. Configure an S3 bucket replication policy. Stage the documents in the S3 bucket for later processing
C. Deploy an additional Lambda function. Load balance the processing of the documents across the two Lambda functions
D. Create an Amazon Simple Queue Service (Amazon SQS) queue Send the requests to the queue. Configure the queue as an event source for Lambda
Correct Answer: D
Section: (none)
QUESTION 304
A company is deploying a new application on Amazon EC2 instances. The application writes data to Amazon Elastic Block Store(Amazon EBS) volumes.The company needs to ensure that all data that is written to the EBS volumes is encrypted at rest.
Which solution will meet this requirement?
A. Create an IAM role that specifies EBS encryption. Attach the role to the Ec2 instances
B. Create the EBS volumes as encrypted volumes. Attach the EBS volumes to the EC2 instances
C. Create an EC2 instance tag that has a key of Encrypt and a value of True.Tag all instances that require encryption at the EBS level
D. Create an AWS Key Management Service (AWS KMS) key policy that enforces EBS encryption in the account Ensure that the key policy is active
Correct Answer: B
Section: (none)
QUESTION 305
A company wants to use the AWS Cloud to make an existing application highly available and resilient. The current version of the application resides in the company's data center. The application recently experienced data loss after a database server crashed because of an unexpected power outage. The company needs a solution that avoids any single points of failure. The solution mustgive the application the ability to scale to meet user demand.
Which solution will meet these requirements?
A. Deploy the application servers by using Amazon EC2 instances in an Auto Scaling group across multiple Availability Zones. Use an Amazon RDS DB instance in a Multi-AZ configuration
B. Deploy the application servers by using Amazon EC2 instances in an Auto Scaling group in a single Availability Zone. Deploy the database on an EC2 instance. Enable EC2Auto Recovery
C. Deploy the application servers by using Amazon EC2 instances in an Auto Scaling group across multiple Availability Zones. Use an Amazon RDS DB instance with a read replica in a single Availability Zone. Promote the read replica to replace the primary DB instance if the primary DB instance fails
D. Deploy the application servers by using Amazon EC2 instances in an Auto Scaling group across multiple Availability Zones. Deploy the primary and secondary database servers on EC2 instances across multiple Availability Zones. Use Amazon Elastic Block Store (Amazon EBS) Multi-Attach to create shared storage between the instances
Correct Answer: A
Section: (none)
想要提升業務效率?立即註冊 小豬科技,體驗最優質的雲端服務。
QUESTION 306
A company hosts a static website on-premises and wants to migrate the website to AWS. The website should load as quicklyas possible for users around the world. The company also wants the most cost- effective solution. What should a solutions architect do to accomplish this?
A. Copy the website content to an Amazon S3 bucket. Configure the bucket toserve static webpage content. Replicate the S3 bucket to multiple AWS Regions
B. Copy the website content to an Amazon S3 bucket. Configure the bucket toserve static webpage content.
Configure Amazon CloudFront with the S3 bucket as the origin
C. Copy the website content to an Amazon EBS-backed. Amazon EC2instance running Apache HTTP Server.
Configure Amazon Route 53 geolocation routing policies to select the closest origin
D. Copy the website content to multiple Amazon EBS-backed.
Amazon EC2 instances running Apache HTTP Server in multiple AWS Regions. Configure AmazonCloudFront geolocation routing policies to select the closest origin
Correct Answer: B
Section: (none) QUESTION 307
A company uses AWS Organizations with all features enabled and runs multiple Amazon EC2 workloads in the ap-southeast-2 Region.The company has a service control policy(SCP) that prevents any resources from being created in any other Region. A security policy requires the company to encrypt all data at rest.
An audit discovers that employees have created Amazon Elastic Block Store (Amazon EBS) volumes for EC2 instances without encrypting the volumes.The company wants any new EC2 instances that any IAM user or root user launches in ap-southeast-2 touse encrypted EBS volumes. The company wants a solution that will have minimal effect on employees who create EBS volumes. Which combination of steps will meet these requirements?(Select TWO.)
A. In the Amazon EC2 console, select the EBS encryption account attribute and define a default encryption key
B. Create an IAM permission boundary Attach the permission boundary to the root organizational unit (OU). Define theboundary to deny the ec2:CreateVolume action when the ec2:Encrypted condition equals false
C. Create an SCP Attach the SCP to the root organizational unit (OU). Define the SCP to deny the ec2:CreateVolume action when the ec2:Encrypted condition equals false
D. Update the IAM policies for each account to deny the ec2:CreateVolume action when the ec2:Encrypted condition equals false
E. In the Organizations management account, specify the Default EBS volume encryption setting
Correct Answer: CE
Section: (none)
QUESTION 308
A company is developing a microservices application that will provide a search catalog for customers. The company must use REST APIs to present the frontend of the application to users. The REST APIs must access the backend services that the company hosts in containers in private VPC subnets.
Which solution will meet these requirements?
A. Design a WebSocket API by using Amazon API Gateway. Host the application in Amazon Elastic Container Service(Amazon ECS) in a private subnet. Create a private VPC link for API Gateway to access Amazon ECS
B. Design a RESTAPI by using Amazon API Gateway. Host the application in Amazon Elastic Container Service(AmazonECS)in a private subnet. Create a private VPC link for API Gateway to access Amazon ECS
C. Design a WebSocket API by using Amazon API Gateway. Host the application in Amazon Elastic Container Service(Amazon ECS) in a private subnet. Create a security group for API Gateway to access Amazon ECS
D. Design a REST API by using Amazon API Gateway. Host the application in Amazon Elastic Container Service (AmazonECS) in a private subnet. Create a security group for API Gateway to access Amazon ECS
Correct Answer: B
Section: (none)
QUESTION 309
A company wants to send all AWS Systems Manager Session Manager logs to an Amazon S3 bucket for archival purposes.
Which solution will meet this requirement with the MOST operational efficiency?
A. Enable S3 logging in the Systems Manager console.Choose an S3 bucket to send the session data to
B. Install the Amazon CloudWatch agent. Push all logs to a CloudWatch log group.Export the logs to an S3 bucket from the group for archival purposes
C. Create a Systems Manager document to upload all server logs to a central S3 bucket. Use Amazon EventBridge to runthe Systems Manager document against all servers that are in the account daily
D. Install an Amazon CloudWatch agent. Push all logs to a CloudWatch log group. Create a CloudWatch logs subscription that pushes any incoming log events to an Amazon Kinesis Data Firehose delivery stream. Set Amazon S3 as the destination
Correct Answer: A
Section: (none)
QUESTION 310
A company has a stateless web application that runs on AWS IAMbda functions that are invoked by Amazon API Gateway. Thecompany wants to deploy the application across multiple AWS Regions to provide Regional failover capabilities.
What should a solutions architect do to route traffic to multiple Regions?
A. Create Amazon Route 53 health checks for each Region. Use an active-active failover configuration
B. Create an Amazon CloudFront distribution with an origin for each Region. Use CloudFront health checks to route traffic
C. Create a transit gateway. Attach the transit gateway to the API Gateway endpoint in each Region. Configure the transit gateway to route requests
D. Create an Application Load Balancer in the primary Region.Set the target group to point to the API Gateway endpoint hostnames in each Region
Correct Answer: B
Section: (none)
聯絡小豬科技專員,立即獲取 專屬雲端解決方案。
QUESTION 311
A company runs applications on Amazon EC2 instances in one AWS Region. The company wants to back up the EC2 instances to a second Region.The company also wants to provision EC2 resources in the second Region and manage the EC2 instancescentrally from one AWS account. Which solution will meet these requirements MOST cost_effectively?
A. Create a disaster recovery (DR) plan that has a similar number of EC2 instances in the second Region. Configure data replication
B. Create point-in-time Amazon Elastic Block Store (Amazon EBS) snapshots of the EC2 instances. Copy the snapshots to the second Region periodically
C. Create a backup plan by using AWS Backup. Configure cross-Region backup to the second Region for the EC2 instances
D. Deploy a similar number of EC2 instances in the second Region. Use AWS DataSync to transfer the data from the source Region to the second Region
Correct Answer: B
Section: (none)
QUESTION 312
A company wants to build a logging solution for its multiple AWS accounts.The company currently stores the logs from allaccounts in a centralized account.The company has created an Amazon S3 bucket in the centralized account to store the VPCflow logs and AWS CloudTrail logs. All logs must be highly available for 30 days for frequent analysis. retained for an additional 60 days for backup purposes. and deleted 90 days after creation.
Which solution will meet these requirements MOST cost_effectively?
A. Transition objects to the S3 Standard storage class 30 days after creation. Write an expiration action that directs Amazon S3 to delete objects after 90 days
B. Transition objects to the S3 Standard-Infrequent Access (S3 Standard-IA) storage class 30 days after creation. Move all objects to the S3 Glacier Flexible Retrieval storage class after 90 days. Write an expiration action that directs Amazon S3 to delete objects after 90 days
C. Transition objects to the S3 Glacier Flexible Retrieval storage class 30 days after creation. Write an expiration action that directs Amazon S3 to delete objects after 90 days
D. Transition objects to the S3 One Zone-Infrequent Access(S3 One Zone-IA) storage class 30 da ys after creation.Move all objects to the S3 Glacier Flexible Retrieval storage class after 90 days. Write an expiration action that directs Amazon S3 to delete objects after 90 days
Correct Answer: C
Section: (none)
QUESTION 313
A company runs container applications by using Amazon Elastic Kubernetes Service (Amazon EKS) and the KubernetesHorizontal Pod Autoscaler. The workload is not consistent throughout the day. A solutions
architect notices that the number of nodes does not automatically scale out when the existing nodes have reached maximum capacity in the cluster, which causes performance issues. Which solution will resolve this issue with the LEAST administrative overhead?
A. Scale out the nodes by tracking the memory usage
B. Use the Kubernetes Cluster Autoscaler to manage the number of nodes in the cluster
C. Use an AWS IAMbda function to resize the EKS cluster automatically
D. Use an Amazon EC2 Auto Scaling group to distribute the workload
Correct Answer: B
Section: (none)
QUESTION 314
A company containerized a Windows job that runs on NET 6 Framework under a Windows container. The company wants to run this job in the AWS Cloud. The job runs every 10 minutes.The job's runtime varies between 1 minute and 3 minutes.
Which solution will meet these requirements MOST cost-effectively?
A. Create an AWS IAMbda function based on the container image of the job. Configure Amazon EventBridge to invoke the function every 10 minutes
B. Use AWS Batch to create a job that uses AWS Fargate resources. Configure the job scheduling to run every 10 minutes
C. Use Amazon Elastic Container Service (Amazon ECS) on AWS Fargate to run the job. Create a scheduled task based on the container image of the job to run every 10 minutes
D. Use Amazon Elastic Container Service (Amazon ECS) on AWS Fargate to run the job. Create a standalone task based onthe container image of the job. Use Windows task scheduler to run the job every 10 minutes
Correct Answer: C
Section: (none)
QUESTION 315
A solutions architect is implementing a complex Java application with a MySQL database. The Java application must be deployedon Apache Tomcat and must be highly available. What should the solutions architect do to meet these requirements?
A. Deploy the application in AWS IAMbda. Configure an Amazon API Gateway API to connect with the IAMbda functions
B. Deploy the application by using AWS Elastic Beanstalk. Configure a load-balanced environment and a rolling deployment policy
C. Migrate the database to Amazon ElastiCache. Configure the ElastiCache security group to allow access from the application
D. Launch an Amazon EC2 instance. Install a MySQL server on the EC2 instance. Configure the application on the server.Create an AMI. Use the AMI to create a launch template with an Auto Scaling group
Correct Answer: B
Section: (none)
想要提升您的雲端運營效率?點擊這裡 了解小豬科技的專業方案。
QUESTION 316
A company runs a Java-based job on an Amazon EC2 instance.The job runs every hour and takes 10 seconds to run.The job runson a scheduled interval and consumes 1 GB of memory. The CPU utilization of the instance is low except for short surges during which the job uses the maximum CPU available. The company wants to optimize the costs to run the job.
Which solution will meet these requirements?
A. Use AWS App2Container (A2C) to containerize the job. Run the job as an Amazon Elastic Container Service (Amazon ECS) task on AWS Fargate with 0.5 virtual CPU(vCPU) and 1GB of memory
B. Copy the code into an AWS IAMbdafunction that has 1 GB of memory. Create an Amazon EventBridge scheduled rule to run the code each hour
C. Use AWS App2Container (A2C) to containerize the job.Install the container in the existing Amazon Machine Image (AMl). Ensure that the schedule stops the container when the task finishes
D. Configure the existing schedule to stop the EC2 instance at the completion of the job and restart the EC2 instance when the next job starts
Correct Answer: B
Section: (none)
QUESTION 317
A company runs Amazon EC2 instances in multiple AWS accounts that are individually billed. The company recently purchased a Savings Plan. Because of changes in the company's business requirements,the company has decommissioned a large number of EC2 instances. The company wants to use its Savings Plan discounts on its other AWS accounts.
Which combination of steps will meet these requirements?(Select TWO.)
A. From the AWS Account Management Console of the management account, turn on discount sharing from the billing preferences section
B. From the AWS Account Management Console of the account that purchased the existing Savings Plan, turn on discount sharing from the billing preferences section.Include all accounts
C. From the AWS Organizations management account, use AWS Resource Access Manager(AWS RAM) to share the Savings Plan with other accounts
D. Create an organization in AWS Organizations in a new payer account. Invite the other AWS accounts to join the organization from the management account
E. Create an organization in AWS Organizations in the existing AWS account with the existing EC2 instances and Savings Plan. Invite the other AWS accounts to join the organization from the management account
Correct Answer: CE
Section: (none)
QUESTION 318
A company wants to use artificial intelligence (Al) to determine the quality of its customer service calls.The company currentlymanages calls in four different languages,including English.The company will offer new languages in the future. The companydoes not have the resources to regularly maintain machine learning (ML) models The company needs to create written sentiment analysis reports from the customer service call recordings.The customer service call recording text must be translated into English.Which combination of steps will meet these requirements? (Select THREE.)
A. Use Amazon Comprehend to translate the audio recordings into English
B. Use Amazon Lex to create the written sentiment analysis reports
C. Use Amazon Polly to convert the audio recordings into text.
D. Use Amazon Transcribe to convert the audio recordings in any language into text
E. Use Amazon Translate to translate text in any language to English
F. Use Amazon Comprehend to create the sentiment analysis reports
Correct Answer: DEF
Section: (none)
QUESTION 319
A company recently created a disaster recovery site in a different AWS Region.The company needs to transfer large amounts ofdata back and forth between NFS file systems in the two Regions on a periodic basis.
Which solution will meet these requirements with the LEAST operational overhead?
A. Use AWS DataSync
B. Use AWS Snowball devices
C. Set up an SFTP server on Amazon EC2
D. Use AWS Database Migration Service (AWS DMS)
Correct Answer: A
Section: (none)
QUESTION 320
A company's applications run on Amazon EC2 instances in Auto Scaling groups.The company notices that its applications experience sudden traffic increases on random days of the week. The company wants to maintain application performance during sudden traffic increases. Which solution will meet these requirements MOST cost-effectively?
A. Use manual scaling to change the size of the Auto Scaling group
B. Use predictive scaling to change the size of the Auto Scaling group
C. Use dynamic scaling to change the size of the Auto Scaling group
D. Use schedule scaling to change the size of the Auto Scaling group
Correct Answer: C
Section: (none)
我們的專員隨時待命,點擊這裡 聯絡小豬科技,解決您的問題。