AWS Certified Solutions Architect - Professional SAP-C02 考古題
AWS 專業架構師證照考古題大全20241118
Amazon Web Service(AWS 亞馬遜)全系列考古題,2024年最新題庫,持續更新,全網最完整。AWS 證照含金量高,自我進修、跨足雲端產業必備近期版本更新,隨時追蹤最新趨勢變化。
QUESTION 121
A manufacturing company has developed a process to gather factory floor device telemetry. The company uses AWS ControlTower. The company also uses an AWS CloudFormation stack to provision a new VPC for each factory location with a set of containers in Amazon Elastic Container Service (Amazon ECS) and Amazon CloudWatch.
The company is now acquiring another manufacturing company that has geographically remote plants. The company wants to modernize these plants. One of the tasks is to apply the same telemetry-gathering process. The network latency that results from connecting the devices directly to the services in the AWS network is very high which can affect reliability.
How can the company integrate the new plants into the existing architecture?
A. Use AWS Control Tower to create new OUs to add new accounts for the new plants. Deploy the ECS containers and CloudWatch into the accounts
B. Request an AWS Snowball Edge device for the newly acquired plants. Connect the device to AwS loT Core and registerall the factory floor devices through AWS IoT Core. Map the devices into the existing VPC and connect the devices to the ECS containers
C. Request and install an AWS Outposts server in the newly acquired plants. Within the Outposts server, use theCloudFormation stack to provision required VPC and ECS containers to connect to the devices. Connect to CloudWatch in the AWS Region
D. Use Amazon EC2 Dedicated Instances. Use the CloudFormation stack to provision required VPC and ECS containers. Connect to CloudWatch in the AWS Region
Correct Answer: C
Section: (none)
QUESTION 122
A financial company is planning to migrate its web application from on premises to AWS. The company uses a third-partysecurity tool to monitor the inbound traffic to the application.The company has used the security tool for the last 15 years, and the tool has no cloud solutions available from its vendor.The company's security team is concerned about how to integrate the security tool with AWS technology. The company plans to deploy the application migration to AWS on Amazon EC2 instances.The EC2 instances will run in an Auto Scaling group in a dedicated VPC. The company needs to use the securitytool to inspect all packets that come in and out of the VPC. This inspection must occur in real time and must not affect the application's performance. A solutions architect must design a target architecture on AWS that is highly available within an AWS Region.
Which combination of steps should the solutions architect take to meet these requirements? (Select TWO)
A. Deploy the security tool on EC2 instances in a new Auto Scaling group in the existing VPC
B. Deploy the web application behind a Network Load Balancer
C. Deploy an Application Load Balancer in front of the security tool instances
D. Provision a Gateway Load Balancer for each Availability Zone to redirect the traffic to the security tool
E. Provision a transit gateway to facilitate communication between VPCs
Correct Answer: CD
Section: (none)
QUESTION 123
A company runs its application in the eu-west-1 Region and has one account for each of its environments: development, testing, and production. All the environments are running 24 hours a day,7 days a week by using stateful Amazon EC2 instances and Amazon RDS for MySQL databases. The databases are between 500 GB and 800 GB in size.
The development team and testing team work on business days during business hours, but the production environment operates 24 hours a day,7 days a week. The company wants to reduce costs. All resources are tagged with an environmenttag with either development, testing, or production as the key. What should a solutions architect do to reduce costs with the LEAST operational effort?
A. Create an Amazon EventBridge rule that runs once every day. Configure the rule to invoke one AWS Lambda function that starts or stops instances based on the tag,day, and time
B. Create an Amazon EventBridge rule that runs every business day in the evening. Configure the rule to invoke an AWSLambda function that stops instances based on the tag. Create a second EventBridge rule that runs every business dayin the morning. Configure the second rule to invoke another Lambda function that starts instances based on the tag
C. Create an Amazon EventBridge rule that runs every business day in the evening. Configure the rule to invoke an AWS Lambda function that terminates instances based on the tag. Create a second EventBridge rule that runs everybusiness day in the morning. Configure the second rule to invoke another Lambda function that restores the instances from their last backup based on the tag
D. Create an Amazon EventBridge rule that runs every hour. Configure the rule to invoke one AWS Lambda function thatterminates or restores instances from their last backup based on the tag, day, and time
Correct Answer: B
Section: (none)
QUESTION 124
A financial services company receives a regular data feed from its credit card servicing partner. Approximately 5,000 recordsare sent every 15 minutes in plaintext. delivered over HTTPS directly into an Amazon S3 bucket with server-side encryption. This feed contains sensitive credit card primary account number (PAN) data.
The company needs to automatically mask the PAN before sending the data to another S3 bucket for additional internal processing. The company also needs to remove and merge specific fields, and then transform the record into JSON formatAdditionally, extra feeds are likely to be added in the future, so any design needs to be easily expandable.
Which solutions will meet these requirements'?
A. Invoke an AWS Lambda function on file delivery that extracts each record and writes it to an Amazon SQS queue.Invoke another Lambda function when new messages arrive in the SQS queue to process the records, writing the results to a temporary location in Amazon S3. Invoke a final Lambda function once the SQS queue is empty to transform the records into JSON format and send the results to another S3 bucket for internal processing
B. Invoke an AWS Lambda function on file delivery that extracts each record and writes it to an Amazon SQS queue.Configure an AWS Fargate container application to automatically scale to a single instance when the SQS queue containsmessages. Have the application process each record, and transform the record into JSON format. When the queue is empty, send the results to another S3 bucket for internal processing and scale down the AWS Fargate instance
C. Create an AWS Glue crawler and custom classifier based on the data feed formats and build a table definition tomatch. Invoke an AWS Lambda function on file delivery to start an AWS Glue ETL job to transform the entire recordaccording to the processing and transformation requirements. Define the
output format as JSON. Once complete, have the ETL job send the results to another S3 bucket for internal processing
D. Create an AWS Glue crawler and custom classifier based upon the data feed formats and build a table definition tomatch. Perform an Amazon Athena query on file delivery to start an Amazon EMR ETL job to transform the entire recordaccording to the processing and transformation requirements. Define the output format as JSON. Once complete, send the results to another S3 bucket for internal processing and scale down the EMR cluster.
Correct Answer: C
Section: (none)
QUESTION 125
A company is processing videos in the AWS Cloud by using Amazon EC2 instances in an Auto Scaling group. It takes 30 minutes to process a video Several EC2 instances scale in and out depending on the number of videos in an Amazon SimpleQueue Service(Amazon SQS) queue. The company has configured the SQS queue with a redrive policy that specifies a target dead-letter queue and a maxReceiveCount of
1.The company has set the visibility timeout for the SQS queue to 1 hour. The company has set up an Amazon CloudWatchalarm to notify the development team when there are messages in the dead-letter queue.
Several times during the day, the development team receives notification that messages are in the dead- letter queue and that videos have not been processed properly. An investigation finds no errors in the application logs
How can the company solve this problem?
A. Turn on termination protection for the EC2 instances
B. Update the visibility timeout for the SQS queue to 3 hours
C. Configure scale-in protection for the instances during processing
D. Update the redrive policy and set maxReceiveCount to 0
Correct Answer: C
Section: (none)
QUESTION 126
A solutions architect is investigating an issue in which a company cannot establish new sessions in Amazon WorkSpaces. An initial analysis indicates that the issue involves user profiles. The Amazon WorkSpaces environment is configured to use Amazon FSx for Windows File Server as the profile share storage.The FSx for Windows File Server file system is configured with 10 TB of storage. The solutions architect discovers that the file system has reached its maximum capacity. The solutions architect must ensure that users can regain access.The solution also must prevent the problem from occurring again.
Which solution will meet these requirements?
A. Remove old user profiles to create space. Migrate the user profiles to an Amazon FSx for Lustre file system
B. Increase capacity by using the update-file-system command. Implement an Amazon CloudWatch metric that monitors free space. Use Amazon EventBridge to invoke an AWS Lambda function to increase capacity as required.
C. Monitor the file system by using the FreeStorageCapacity metric in Amazon CloudWatch. Use AWS Step Functions to increase the capacity as required
D. Remove old user profiles to create space. Create an additional FSx for Windows File Server file system. Update the user profile redirection for 50% of the users to use the new file system
Correct Answer: B
Section: (none)
QUESTION 127
A company has VPC flow logs enabled for its NAT gateway. The company is seeing Action = ACCEPT for inbound traffic that comes from public IP address 198.51.100.2 destined for a private Amazon EC2 instance.
A solutions architect must determine whether the traffic represents unsolicited inbound connections from the internet. Thefirst two octets of the VPC CIDR block are 203.0, Which set of steps should the solutions architect take to meet these requirements?
A. Open the AWS CloudTrail console. Select the log group that contains the NAT gateway's elastic network interface and the private instance's elastic network interface. Run a query to filter with the destination address set as "like 203.0" andthe source address set as "like 198.51.100.2". Run the stats command to filter the sum of bytes transferred by the source address and the destination address
B. Open the Amazon CloudWatch console. Select the log group that contains the NAT gateway's elastic network interface and the private instance's elastic network interface. Run a query to filter with the destination address set as "like 203.0"and the source address set as "like 198.51.100.2". Run the stats command to filter the sum of bytes transferred by the source address and the destination address
C. Open the AWS CloudTrail console. Select the log group that contains the NAT gateway's elastic network interface and the private instance's elastic network interface. Run a query to filter with the destination address set as "like198.51.100.2" and the source address set as "like 203.0". Run the stats command to filter the sum of bytes transferred bythe source address and the destination address
D. Open the Amazon CloudWatch console. Select the log group that contains the NAT gateway's elastic network interface and the private instance's elastic network interface. Run a query to filter with the destination address set as "like198.51.100.2" and the source address set as "like 203.0". Run the stats command to filter the sum of bytes transferred bythe source address and the destination address
Correct Answer: D
Section: (none)
QUESTION 128
A company has a legacy monolithic application that is critical to the company's business. The company hosts the application on an Amazon EC2 instance that runs Amazon Linux 2. The company's application team receives a directive from the legal department to back up the data from the instance's encrypted Amazon Elastic Block Store (Amazon EBS) volume to an Amazon S3 bucket. The application team does not have the administrative SSH key pair for the instance.The application mustcontinue to serve the users.
Which solution will meet these requirements?
A. Attach a role to the instance with permission to write to Amazon S3. Use the AWS Systems Manager Session Manageroption to gain access to the instance and run commands to copy data into Amazon S3
B. Create an image of the instance with the reboot option turned on. Launch a new EC2 instance from the image. Attach a role to the new instance with permission to write to Amazon S3. Run a command to copy data into Amazon S3
C. Take a snapshot of the EBS volume by using Amazon Data Lifecycle Manager (Amazon DLM). Copy the data to Amazon S3
D. Create an image of the instance. Launch a new EC2 instance from the image. Attach a role to the new instance with permission to write to Amazon S3. Run a command to copy data into Amazon S3
Correct Answer: A
Section: (none)
QUESTION 129
A company is hosting a critical application on a single Amazon EC2 instance.The application uses an Amazon ElastiCache for Redis single-node cluster for an in-memory data store The application uses an Amazon RDS for MariaDB DB instance fora relational database. For the application to function, each piece of the infrastructure must be healthy and must be in an active state.
A solutions architect needs to improve the application's architecture so that the infrastructure can automatically recover from failure with the least possible downtime.
Which combination of steps will meet these requirements? (Select THREE.)
A. Use an Elastic Load Balancer to distribute traffic across multiple EC2 instances. Ensure that the EC2 instances are part of an Auto Scaling group that has a minimum capacity of two instances
B. Use an Elastic Load Balancer to distribute traffic across multiple EC2 instances. Ensure that the EC2 instances are configured in unlimited mode
C. Modify the DB instance to create a read replica in the same Availability Zone. Promote the read replica to be the primary DB instance in failure scenarios
D. Modify the DB instance to create a Multi_AZ deployment that extends across two Availability Zones
E. Create a replication group for the ElastiCache for Redis cluster. Configure the cluster to use an Auto
Scaling group that has a minimum capacity of two instances
F. Create a replication group for the ElastiCache for Redis cluster. Enable Multi-AZ on the cluster
Correct Answer: ADF
Section: (none)
QUESTION 130
A company has an environment that has a single AWS account. A solutions architect is reviewing the environment torecommend what the company could improve, specifically in terms of access to the AWS Management Console.Thecompany's IT support workers currently access the console for administrative tasks, authenticating with named IAM users that have been mapped to their job role.
The IT support workers no longer want to maintain both their Active Directory and IAM user accounts. They want to be able to access the console by using their existing Active Directory credentials. The solutions architect is using AWS IAM Identity Center (AWS Single Sign-On) to implement this functionality.
Which solution will meet these requirements MOST cost-effectively?
A. Create an organization in AWS Organizations. Turn on the IAM Identity Center feature in Organizations. Create and configure a directory in AWS Directory Service for Microsoft Active Directory (AWS Managed Microsoft AD) with a two-way trust to the company's on-premises Active Directory. Configure IAM Identity Center and set the AWS Managed Microsoft AD directory as the identity source. Create permission sets and map them to the existing groups within the AWS Managed Microsoft AD directory
B. Create an organization in AWS Organizations.Turn on the IAM Identity Center feature in Organizations. Create and configure an AD Connector to connect to the company's on-premises Active Directory. Configure IAM Identity Center and select the AD Connector as the identity source. Create permission sets and map them to the existing groups within the company's Active Directory
C. Create an organization in AWS Organizations.Turn on all features for the organization. Create and configure a directoryin AWS Directory Service for Microsoft Active Directory (AWS Managed Microsoft AD) with a two-way trust to thecompany's on-premises Active Directory. Configure IAM Identity Center and select the AWS Managed Microsoft AD directory as the identity source.
Create permission sets and map them to the existing groups within the AWS Managed Microsoft AD directory
D. Create an organization in AWS Organizations. Turn on all features for the organization. Create and configure an AD Connector to connect to the company's on-premises Active Directory Configure IAM Identity Center and set the ADConnector as the identity source.Create permission sets and map them to the existing groups within the company's Active Directory.
Correct Answer: B
Section: (none)
QUESTION 131
A company is using an on-premises Active Directory service for user authentication.The company wants to use the same authentication service to sign in to the company's AWS accounts, which are using AWS Organizations. AWS Site-to-Site VPNconnectivity already exists between the on-premises environment and all the company's AWS accounts.
The company's security policy requires conditional access to the accounts based on user groups and roles.User identities must be managed in a single location.
Which solution will meet these requirements?
A. Configure AWS IAM Identity Center (AWS Single Sign-On) to connect to Active Directory by using SAML 2.0. Enableautomatic provisioning by using the System for Cross-domain Identity Management (SCIM) v2.O protocol.Grant access to the AWS accounts by using attribute-based access controls (ABACs)
B. Configure AWS IAM Identity Center (AWS Single Sign-On) by using IAM Identity Center as an identity source.Enable automatic provisioning by using the System for Cross-domain Identity Management (SCIM) v2.O protocol. Grant accessto the AWS accounts by using IAM Identity Center permission sets
C. In one of the company's AWS accounts,configure AWS Identity and Access Management (IAM) to use a SAML 2.O identity provider. Provision IAM users that are mapped to the federated users. Grant access that corresponds to appropriate groups in Active Directory. Grant access to the required AWS accounts by using cross-account IAM users
D. In one of the company's AWS accounts,configure AWS Identity and Access Management (IAM) to use an OpenIDConnect (OIDC)identity provider. Provision IAM roles that grant access to the AWS account for the federated users that correspond to appropriate groups in Active Directory. Grant access to the required AWS accounts by using cross-account IAM roles
Correct Answer: A
Section: (none)
QUESTION 132
A company is providing weather data over a REST-based API to several customers. The API is hosted by Amazon API Gateway and is integrated with different AWS Lambda functions for each API operation.The company uses Amazon Route 53for DNS and has created a resource record of weather.example.com. The company stores data for the API in AmazonDynamoDB tables. The company needs a solution that will give the API the ability to fail over to a different AWS Region.
Which solution will meet these requirements?
A. Deploy a new set of Lambda functions in a new Region. Update the APl Gateway API to use an edge- optimized APlendpoint with Lambda functions from both Regions as targets Convert the DynamoDB tables to global table:
B. Deploy a new API Gateway API and Lambda functions in another Region. Change the Route 53 DNS record to a multivalue answer. Add both API Gateway APIs to the answer. Enable target health monitoring. Convert the DynamoDB tables to global tables
C. Deploy a new API Gateway API and Lambda functions in another Region. Change the Route 53 DNS record to a failover record. Enable target health monitoring. Convert the DynamoDB tables to global tables
D. Deploy a new API Gateway API in a new Region. Change the Lambda functions to global functions. Change theRoute 53 DNS record to a multivalue answer. Add both API Gateway APls to the answer. Enable target health monitoring. Convert the DynamoDB tables to global tables
Correct Answer: C
Section: (none)
QUESTION 133
A company's factory and automation applications are running in a single VPC. More than 20 applications run on a combination of Amazon EC2, Amazon Elastic Container Service (Amazon ECS), and Amazon RDS
The company has software engineers spread across three teams. One of the three teams owns each application, and eachteam is responsible for the cost and performance of all of its applications. Team resources have tags that represent their application and team.The teams use IAM access for daily activities.
The company needs to determine which costs on the monthly AWS bill are attributable to each application or team.Thecompany also must be able to create reports to compare costs from the last 12 months and to help forecast costs for the next12 months. A solutions architect must recommend an AWS Billing and Cost Management solution that provides these cost reports.
Which combination of actions will meet these requirements?(Select THREE.
A. Activate the user-defined cost allocation tags that represent the application and the team
B. Activate the AWS generated cost allocation tags that represent the application and the team
C. Create a cost category for each application in Billing and Cost Management
D. Activate IAM access to Billing and Cost Management
E. Create a cost budget
F. Enable Cost Explorer
Correct Answer: ADF
Section: (none) QUESTION 134
A retail company is operating its ecommerce application on AWS.The application runs on Amazon EC2 instances behind anApplication Load Balancer (ALB).The company uses an Amazon RDS DB instance as the database backend. Amazon CloudFront is configured with one origin that points to the ALB.Static content is cached. Amazon Route 53 is used to host all public zones.
After an update of the application, the ALB occasionally returns a 502 status code(Bad Gateway) error. The root cause is malformed HTTP headers that are returned to the ALB.The webpage returns successfully when a solutions architect reloads the webpage immediately after the error occurs.
While the company is working on the problem, the solutions architect needs to provide a custom error page instead of the standard ALB error page to visitors.
Which combination of steps will meet this requirement with the LEAST amount of operational overhead? (Select TWO.)
A. Create an Amazon S3 bucket. Configure the S3 bucket to host a static webpage. Upload the custom error pages to Amazon S3
B. Create an Amazon CloudWatch alarm to invoke an AWS Lambda function if the ALB health check responseTarget.FailedHealthChecks is greater than 0. Configure the Lambda function to modify the forwarding rule at the ALB to point to a publicly accessible web server
C. Modify the existing Amazon Route 53 records by adding health checks. Configure a fallback target if the health check fails. Modify DNS records to point to a publicly accessible webpage
D. Create an Amazon CloudWatch alarm to invoke an AWS Lambda function if the ALB health check responseElb.InternalError is greater than 0. Configure the Lambda function to modify the forwarding rule at the ALB to point to a public accessible web server.
E. Add a custom error response by configuring a CloudFront custom error page. Modify DNS records to point to a publicly accessible web page
Correct Answer: AE
Section: (none)
QUESTION 135
A company has registered 10 new domain names. The company uses the domains for online marketing.The company needsa solution that will redirect online visitors to a specific URL for each domain. All domains and target URLs are defined in a JSON document. All DNS records are managed by Amazon Route 53.
A solutions architect must implement a redirect service that accepts HTTP and HTTPS requests.
Which combination of steps should the solutions architect take to meet these requirements with the LEAST amount of operational effort? (Select THREE.)
A. Create a dynamic webpage that runs on an Amazon EC2 instance. Configure the webpage to use the JSON document in combination with the event message to look up and respond with a redirect URL
B. Create an Application Load Balancer that includes HTTP and HTTPS listeners
C. Create an AWS Lambda function that uses the JSON document in combination with the event message to look up and respond with a redirect URL
D. Use an Amazon API Gateway API with a custom domain to publish an AWS Lambda function
E. Create an Amazon CloudFront distribution. Deploy a Lambda@Edge function
F. Create an SSL certificate by using AWS Certificate Manager (ACM). Include the domains as Subject Alternative Names.
Correct Answer: CEF
Section: (none)
QUESTION 136
A company has an loT platform that runs in an on-premises environment. The platform consists of a server that connects to loT devices by using the MQTT protocol.The platform collects telemetry data from the devices at least once every 5 minutes. The platform also stores device metadata in a MongoDB cluster.
An application that is installed on an on-premises machine runs periodic jobs to aggregate and transform the telemetry anddevice metadata. The application creates reports that users view by using another web
application that runs on the same on-premises machine.The periodic jobs take 120-600 seconds to run However, the web application is always running.
The company is moving the platform to AWS and must reduce the operational overhead of the stack.
Which combination of steps will meet these requirements with the LEAST operational overhead? (Select THREE.)
A. Use AWS Lambda functions to connect to the loT devices
B. Configure the loT devices to publish to AWS loT Core
C. Write the metadata to a self-managed MongoDB database on an Amazon EC2 instance
D. Write the metadata to Amazon DocumentDB(with MongoDB compatibility)
E. Use AWS Step Functions state machines with AWS Lambda tasks to prepare the reports and to write the reports to Amazon S3. Use Amazon CloudFront with an S3 origin to serve the reports
F. Use an Amazon Elastic Kubernetes Service (Amazon EKS) cluster with Amazon EC2 instances to prepare the reports. Use an ingress controller in the EKS cluster to serve the reports
Correct Answer: BDE
Section: (none)
QUESTION 137
A company is designing its network configuration in the AWS Cloud. The company uses AWS Organizations to manage amulti-account setup. The company has three OUs.Each OU contains more than 100 AWS accounts. Each account has a single VPC, and all the VPCs in each OU are in the same AWS Region.
The CIDR ranges for all the AWS accounts do not overlap. The company needs to implement a solution in which VPCs in thesame OU can communicate with each other but cannot communicate with VPCs in other OUs
Which solution will meet these requirements with the LEAST operational overhead?
A. Create an AWS CloudFormation stack set that establishes VPC peering between accounts in each OU. Provision the stack set in each OU
B. In each OU, create a dedicated networking account that has a single VPC. Share this VPC with all the other accounts inthe OU by using AWS Resource Access Manager (AWS RAM). Create a VPC peering connection between the networking account and each account in the OU
C. Provision a transit gateway in an account in each OU. Share the transit gateway across the organization by using AWS Resource Access Manager (AWS RAM). Create transit gateway VPC attachments for each VPC
D. In each OU, create a dedicated networking account that has a single VPC. Establish a VPN connection between the networking account and the other accounts in the OU. Use third-party routing software to route transitive traffic between the VPCs
Correct Answer: C
Section: (none)
QUESTION 138
A company is running an application that uses an Amazon ElastiCache for Redis cluster as a caching layer. A recent securityaudit revealed that the company has configured encryption at rest for ElastiCache.
However, the company did not configure ElastiCache to use encryption in transit. Additionally, users can access the cache without authentication.
A solutions architect must make changes to require user authentication and to ensure that the company is using end-to-end encryption.
Which solution will meet these requirements?
A. Create an AUTH token. Store the token in AWS System Manager Parameter Store, as an encrypted parameter. Createa new cluster with AUTH, and configure encryption in transit. Update the application to retrieve the AUTH token from Parameter Store when necessary and to use the AUTH token for authentication
B. Create an AUTH token. Store the token in AWS Secrets Manager. Configure the existing cluster to use the AUTH token,and configure encryption in transit. Update the application to retrieve the AUTH token from Secrets Manager when necessary and to use the AUTH token for authentication
C. Create an SSL certificate. Store the certificate in AWS Secrets Manager. Create a new cluster, and configure encryption in transit. Update the application to retrieve the SSL certificate from Secrets Manager when necessary and to use the certificate for authentication
D. Create an SSL certificate. Store the certificate in AWS Systems Manager Parameter Store, as an encrypted advancedparameter. Update the existing cluster to configure encryption in transit. Update the application to retrieve the SSL certificate from Parameter Store when necessary and to use the certificate for authentication
Correct Answer: B
Section: (none)
QUESTION 139
A company runs a customer service center that accepts calls and automatically sends all customers a managed, interactive, two-way experience survey by text message. The applications that support the customer service center run on machines that the company hosts in an on-premises data center. The hardware that the company uses is old, and the company isexperiencing downtime with the system.The company wants to migrate the system to AWS to improve reliability.
Which solution will meet these requirements with the LEAST ongoing operational overhead?
A. Use Amazon Connect to replace the old call center hardware. Use Amazon Pinpoint to send text message surveys to customers
B. Use Amazon Connect to replace the old call center hardware. Use Amazon Simple Notification Service (Amazon SNS) to send text message surveys to customers
C. Migrate the call center software to Amazon EC2 instances that are in an Auto Scaling group. Use the EC2 instances to send text message surveys to customers
D. Use Amazon Pinpoint to replace the old call center hardware and to send text message surveys to customers
Correct Answer: A
Section: (none)
QUESTION 140
A retail company is operating its ecommerce application on AWS.The application runs on Amazon EC2 instances behind anApplication Load Balancer (ALB) The company uses an Amazon RDS DB instance as the database backend. Amazon CloudFront is configured with one origin that points to the ALB. Static content is cached.Amazon Route 53 is used to host all public zones.
After an update of the application,the ALB occasionally returns a 502 status code (Bad Gateway) error. The root cause is malformed HTTP headers that are returned to the ALB. The webpage returns successfully when a solutions architect reloads the webpage immediately after the error occurs..
While the company is working on the problem, the solutions architect needs to provide a custom error page instead of the standard ALB error page to visitors.
Which combination of steps will meet this requirement with the LEAST amount of operational overhead? (Select TWO.)
A. Create an Amazon S3 bucket. Configure the S3 bucket to host a static webpage. Upload the custom error pages to Amazon S3
B. Create an Amazon CloudWatch alarm to invoke an AWS Lambda function if the ALB health check responseTarget.FailedHealthChecks is greater than O Configure the Lambda function to modify the forwarding rule at the ALB to point to a publicly accessible web server.
C. Modify the existing Amazon Route 53 records by adding health checks. Configure a fallback target if the health check fails. Modify DNS records to point to a publicly accessible webpage
D. Create an Amazon CloudWatch alarm to invoke an AWS Lambda function if the ALB health check responseEIb.InternalError is greater than O. Configure the Lambda function to modify the forwarding
rule at the ALB to point to a public accessible web server
E. Add a custom error response by configuring a CloudFront custom error page. Modify DNS records to point to a publicly accessible web page
Correct Answer: AE
Section: (none)
