AWS 架構師證照考古題大全 20240925
Amazon Web Service(AWS 亞馬遜)全系列考古題,2024年最新題庫,持續更新,全網最完整。AWS 證照含金量高,自我進修、跨足雲端產業必備近期版本更新,隨時追蹤最新趨勢變化。
QUESTION 81
A company runs an on-premises application that is powered by a MySQL database. The company is migrating the application to AWS to increase the application's elasticity and availability The current architecture shows heavy read activity on the databaseduring times of normal operation. Every 4 hours, the company's development team pulls a full export of the production database to populate a database in the staging environment. During this period, users experience unacceptable application latency. The development team is unable to use the staging environment until the procedure completes. A solutions architect must recommend replacement architecture that alleviates the application latency issue. The replacement architecture also must give the development team the ability to continue using the staging environment without delay.
Which solution meets these requirements?
A. Use Amazon Aurora MySQL with Multi-AZ Aurora Replicas for production Populate the staging database by implementing a backup and restore process that uses the mysqldump utility.
B. Use Amazon Aurora MySQL with Multi-AZ Aurora Replicas for production Use database cloning to create the staging database on-demand.
C. Use Amazon RDS for MySQL with a Multi-AZ deployment and read replicas for production. Use the standby instance for the staging database.
D. Use Amazon RDS for MySQL with a Multi-AZ deployment and read replicas for production Populate the staging database by implementing a backup and restore process that uses the mysqldump utility.
Correct Answer: B
Section: (none)
好奇小豬科技如何幫助您的企業?了解更多 關於我們的專業服務。
QUESTION 82
A company is implementing a shared storage solution for a media application that is hosted in the AWS Cloud. The companyneeds the ability to use SMB clients to access data. The solution must be fully managed Which AWS solution meets these requirements?
A. Create an AWS Storage Gateway volume gateway. Create a file share that uses the required client protocol Connect the application server to the file share.
B. Create an AWS Storage Gateway tape gateway. Configure tapes to use Amazon S3. Connect the application server to the tape gateway.
C. Create an Amazon EC2 Windows instance. Install and configure a Windows file share role on the instance. Connect the application server to the file share.
D. Create an Amazon FSx for Windows File Server file system. Attach the file system to the origin server. Connect the application server to the file system.
Correct Answer: D
Section: (none)
QUESTION 83
A company is concermned about the security of its public web application due to recent web attacks. The application uses anApplication Load Balancer (ALB). A solutions architect must reduce the risk of DDoS attacks against the application.
What should the solutions architect do to meet this requirement?
A. Add an Amazon Inspector agent to the ALB.
B. Configure Amazon Macie to prevent attacks.
C. Enable AWS Shield Advanced to prevent attacks.
D. Configure Amazon GuardDuty to monitor the ALB.
Correct Answer: C
Section: (none)
QUESTION 84
A company needs the ability to analyze the log files of its proprietary application. The logs are stored in JSON format in anAmazon S3 bucket Queries will be simple and will run on-demand. A solutions architect needs to perform the analysis withminimal changes to the existing architecture. What should the solutions architect do to meet these requirements with the LEAST amount of operational overhead?
A. Use Amazon Redshift to load all the content into one place and run the SQL queries as needed
B. Use Amazon CloudWatch Logs to store the logs. Run SQL queries as needed from the Amazon CloudWatch console.
C. Use Amazon Athena directly with Amazon S3 to run the queries as needed
D. Use AWS Glue to catalog the logs. Use a transient Apache Spark cluster on Amazon EMR to run the SQL queries as needed.
Correct Answer: C
Section: (none)
QUESTION 85
A solutions architect is designing an infrastructure to run a web application on Amazon EC2 instances. The company wants toensure high availability and adjust the number of running instances based on demand to optimize costs.
What should the solutions architect do to meet these requirements?
A. Configure an Application Load Balancer in front of an Auto Scaling group to deploy instances to multiple AWS Regions.
B. Configure an Amazon CloudFront distribution in front of an Auto Scaling group to deploy instances to multiple AWS Regions.
C. Configure an Application Load Balancer in front of an Auto Scaling group to deploy instances to multiple Availability Zones.
D. Configure an Amazon API Gateway API in front of an Auto Scaling group to deploy instances to multiple Availability Zones.
Correct Answer: C
Section: (none)
QUESTION 86
A global company currently gathers 100 GB of information daily from deployed sensors on smart devices with an average record size of 10 KB. A solutions architect must design a solution that allows real-time access to the data.
What should the solutions architect do to meet these requirements?
A. Configure each sensor to upload data directly to an Amazon EC2 instance in each AWS Region.
B. Configure the sensors to use Amazon Kinesis Data Streams for batching and data collection.
C. Provision an Amazon Snowball appliance and install the Snowball client to optimize the transfer speed.
D. Deploy the website on Amazon CloudFront and configure each device to upload data to the closest edge location.
Correct Answer: B
Section: (none)
QUESTION 87
A company needs to meet a strict service level agreement (SLA) with its users for application availability. The primary applicationstack is hosted in the us-east-1 Region and a replica of the stack is in us-west-2 for disaster recovery. The company requires thatno user traffic be served by the application stack in us-west-2 unless there is an issue with the application stack in us-east-1. Whatshould a solutions architect do to meet the company's needs without manual intervention?
A. Configure a weighted routing policy in Amazon Route 53. Set the weight of us-east-1 to 100 and us- west-2 to 0.
B. Configure a weighted routing policy in Amazon Route 53. Set the weight of us-west-2 to 5O and us-east- 1to 50.
C. Configure a failover routing policy in Amazon Route 53. Set us-east-1as the primary and us-west-2 as the secondary.
D. Configure a failover routing policy in Amazon Route 53. Set us-west-2 as the primary and us-east-1 as the secondary.
Correct Answer: C
Section: (none)
QUESTION 88
A company has an application running on a single server in one Availability Zone.A solutions architect needs to improve the availability of this application as it grows in importance.
Which set of actions would accomplish this?
A. Deploy a second application instance in the same Availability Zone. Add the instances to Amazon Route 53in a round-robin configuration.
B. Deploy a second application instance in a public subnet in the same Availability Zone. Attach an Elastic IP address to both instances for high availability.
C. Redeploy the application instance in an Amazon EC2 Auto Scaling group with a minimum of 1 and a maximum of 1. Use AWS CloudFormation to automate the deployment.
D. Deploy an Elastic Load Balancer and a second application instance in a second Availability Zone. Attach both instances to the Elastic Load Balancer and route all traffic through the load balancer.
Correct Answer: D
Section: (none)
QUESTION 89
A company's HTTP application is behind a Network Load Balancer (NLB). The NLB's target group is configured to use an AmazonEC2 Auto Scaling group with multiple EC2 instances that run the web service. The company notices that the NLB is not detecting HTTP errors for the application. These errors require a manual restart of the EC2 instances that run the web service. The companyneeds to improve the application's availability without writing custom scripts or code. What should a solutions architect do to meet these requirements?
A. Enable HTTP health checks on the NLB supplying the URL of the company's application
B. Add a cron job to the EC2 instances to check the local application's logs once each minute. If HTTP errors are detected, the application will restart
C. Replace the NLB with an Application Load Balancer. Enable HTTP health checks by supplying the URL of the company's application. Configure an Auto Scaling action to replace unhealthy instances
D. Create an Amazon CloudWatch alarm that monitors the UnhealthyHostCount metric for the NLB. Configure an Auto Scalingaction to replace unhealthy instances when the alarm is in the ALARM state
Correct Answer: C
Section: (none)
QUESTION 90
A company is implementing a shared storage solution for a gaming application that is hosted in anon- premises data center. Thecompany needs the ability to use Lustre clients to access data The solution must be fully managed.
Which solution meets these requirements?
If you have any questions, please contact wechat :ANYPASS. If you don't want to memorize the questions, please register for the through train.
A. Create an AWS Storage Gateway file gateway. Create a file share that uses the required client protocol.
Connect the
application server to the file share.
B. Create an Amazon EC2 Windows instance. Install and configure a Windows file share role on the instance. Connect the application server to the file share.
C. Create an Amazon Elastic File System (Amazon EFS) file system, and configure it to support Lustre. Attach the file system to the origin server. Connect the application server to the file system
D. Create an Amazon FSx for Lustre file system. Attach the file system to the origin server Connect the application server to the file system.
Correct Answer: D
Section: (none)
QUESTION 91
A company hosts more than 300 global websites and applications. The company requires a platform to analyze more than3o TB of clickstream data each day.
What should a solutions architect do to transmit and process the clickstream data?
A. Design an AWS Data Pipeline to archive the data to an Amazon S3 bucket and run an Amazon EMR cluster with the data to generate analytics.
B. Create an Auto Scaling group of Amazon EC2instances to process the data and send it to an Amazon s3 data lake for Amazon Redshift to use for analysis.
C. Cache the data to Amazon CloudFront. Store the data in an Amazon S3 bucket. When an object is added to the s3 bucket run an AWS Lambda function to process the data for analysis
D. Collect the data from Amazon Kinesis Data Streams Use Amazon Kinesis Data Firehose to transmit the data to an Amazon S3 data lake. Load the data in Amazon Redshift for analysis
Correct Answer: D
Section: (none)
QUESTION 92
A company has a production web application in which users upload documents through a web interface or a mobile app Accordingto a new regulatory requirement, new documents cannot be modified or deleted after they are stored.
What should a solutions architect do to meet this requirement?
A. Store the uploaded documents in an Amazon S3 bucket with S3 Versioning and S3 Object Lock enabled
B. Store the uploaded documents in an Amazon S3 bucket Configure an s3 Lifecycle policy to archive the documents periodically.
C. Store the uploaded documents in an Amazon S3 bucket with S3 Versioning enabled. Configure an ACL to restrict all access to read-only.
D. Store the uploaded documents on an Amazon Elastic File System Amazon EFS volume Access the data by mounting the volume in read-only mode.
Correct Answer: A
Section: (none)
QUESTION 93
An application development team is designing a microservice that will convert large images to smaller, compressed images. When a user uploads an image through the web interface, the microservice should store the image in an Amazon S3 bucket, process and compress the image with an AWS Lambda function, and store the image in its compressed form in a different S3 bucket. Asolutions architect needs to design a solution that uses durable, stateless components to process the images automatically. Which combination of actions will meet these requirements? (Select TWO)
A. Create an Amazon Simple Queue Service (Amazon SQS) queue Configure the s3 bucket to send a notification to the
SQS queue when an image is uploaded to the S3 bucket
B. Configure the Lambda function to use the Amazon Simple Queue Service (Amazon SQS) queue as the invocation
source. When the SQS message is successfully processed, delete the message in the queue
C. Configure the Lambda function to monitor the S3bucketfor new uploads When an uploaded image is detected, write the filename to a text file in memory and use the text file to keep track of the images that were processed.
D. Launch an Amazon EC2instance to monitor an Amazon Simple Queue Service (Amazon SQS)queue. When items areadded to the queue, log the file name in a text file on the EC2instance and invoke the Lambda function
E. Configure an Amazon Event Bridge (Amazon CloudWatch Events) event to monitor the s3 bucket. When an image isuploaded, send an alert to an Amazon Simple Notification Service (Amazon SNS) topic with the application owners email address for further processing.
Correct Answer: AB
Section: (none)
馬上加入小豬科技,立即註冊 並享受專屬優惠!
QUESTION 94
A company uses AWS Organizations to manage multiple AWS accounts for different departments. The management account hasan Amazon S3 bucket that contains project reports. The company wants to limit access to this S3 bucket to only users of accounts within the organization in AWS Organizations. Which solution meets these requirements with the LEAST amount of operational overhead?
A. Add the aws:PrincipalOrglD global condition key with a reference to the organization ID to the s3 bucket policy
B. Create an organizational unit (Ou) for each department Add the aws:PrincipalOrgPaths global condition key to the S3 bucket policy.
C. Use AWS CloudTrail to monitor the Create Account, InviteAccountToorganization, LeaveOrganization, and
RemoveAccountFromOrganization events. Update the S3 bucket policy accordingly
D. Tag each user that needs access to the S3 bucket. Add the awsPrincipalTag global condition key to the S3 bucket policy.
Correct Answer: A
Section: (none)
QUESTION 95
A company hosts an application on AWS Lambda functions that are invoked by an Amazon API Gateway API. The Lambda functions save customer data to an Amazon Aurora MySQL database Whenever the company upgrades the database, the Lambda functions fail to establish database connections until the upgrade is complete. The result is that customer data is not recorded for some of the event. A solutions architect needs to design a solution that stores customer data that is created during database upgrades Which solution will meet these requirements?
A. Provision an Amazon RDS proxy to sit between the Lambda functions and the database. Configure the Lambda functions to connect to the RDS proxy.
B. Increase the run time of the Lambda functions to the maximum. Create are try mechanism in the code that stores the customer data in the database.
C. Persist the customer data to Lambda local storage. Configure new Lambda functions to scan the local storage to save the customer data to the database.
D. Store the customer data in an Amazon Simple Queue Service (Amazon SQS) FIFO queue Create anew Lambda function that polls the queue and stores the customer data in the database.
Correct Answer: D
Section: (none)
QUESTION 96
A company collects data for temperature, humidity, and atmospheric pressure in cities across multiple continents. The averagevolume of data that the company collects from each site daily is 5o0 GB Each site has a high-speed internet connection.
The company wants to aggregate the data from all these global sites as quickly as possible in a single Amazon S3 bucket. The solution must minimize operational complexity.
Which solution meets these requirements?
A. Turn on S3 Transfer Acceleration on the destination S3 bucket Use multipart uploads to directly upload site data to the destination S3 bucket
B. Upload the data from each site to an S3 bucket in the closest Region. Use S3 Cross-Region Replication to copy objects to the destination S3 bucket. Then remove the data from the origin S3 bucket
C. Schedule AWS Snowball Edge Storage Optimized device jobs daily to transfer data from each site to the closest Region.
Use S3 Cross-Region Replication to copy objects to the destination S3 bucket.
D. Upload the data from each site to an Amazon EC2 instance in the closest Region. Store the data in an Amazon Elastic Block Store (Amazon EBS) volume. At regular intervals, take an EBS snapshot and copy it to the Region that contains thedestination S3 bucket. Restore the EBS volume in that Region.
Correct Answer: A
Section: (none)
QUESTION 97
A company has a Windows-based application that must be migrated to AWS. The application requires the use of a shared Windows file system attached to multiple Amazon EC2 Windows instances that are deployed across multiple Availability Zones.
What should a solutions architect do to meet this requirement?
A. Configure AWS Storage Gateway in volume gateway mode. Mount the volume to each Windows instance
B. Configure Amazon FSx for Windows File Server Mount the Amazon FSx file system to each Windows instance.
C. Configure a file system by using Amazon Elastic File System (Amazon EFS) Mount the EFS file system to each Windows instance.
D. Configure an Amazon Elastic Block Store (Amazon EBS) volume with the required size. Attach each EC2 instance to the volume. Mount the file system within the volume to each Windows instance
Correct Answer: B
Section: (none)
QUESTION 98
A solutions architect is creating a new Amazon CloudFront distribution for an application. Some of the information submitted byusers is sensitive. The application uses HTTPS but needs another layer of security. The sensitive information should be protectedthroughout the entire application stack, and access to the information should be restricted to certain applications.
Which action should the solutions architect take?
A. Configure a CloudFront signed URL
B. Configure a CloudFront signed cookie.
C. Configure a CloudFront field-level encryption profile.
D. Configure CloudFront and set the Origin Protocol Policy setting to HTTPS Only for the viewer Protocol Policy
Correct Answer: C
Section: (none)
QUESTION 99
A company has thousands of edge devices that collectively generate 1 TB of status alerts each day Each alert is approximately 2KB in size. A solutions architect needs to implement a solution to ingest and store the alerts for future analysis.
The company wants a highly available solution. However, the company needs to minimize costs and does not want to manage additional infrastructure. Additionally, the company wants to keep 14 days of data available for immediate analysis and archiveany data older than 14 days. What is the MOST operationally efficient solution that meets these requirements?
A. Create an Amazon Kinesis Data Firehose delivery stream to ingest the alerts. Configure the Kinesis Data Firehose stream todeliver the alerts to an Amazon S3 bucket Set up an s3 Lifecycle configuration to transition data to Amazon S3 Glacier after 14 days
B. Launch Amazon EC2 instances across two Availability Zones and place them behind an Elastic Load Balancer to ingest thealerts. Create a script on the EC2instances that will store the alerts in an Amazon S3 bucket. Set up an S3 Lifecycle configuration to transition data to Amazon S3 Glacier after 14 days
C. Create an Amazon Kinesis Data Firehose delivery stream to ingest the alerts. Configure the Kinesis Data Firehose stream to deliver the alerts to an Amazon Elasticsearch Service (Amazon ES) cluster. Set up the Amazon ES cluster to take manualsnapshots every day and delete data from the cluster that is older than 14 days.
D. Create an Amazon Simple Queue Service (Amazon SQS) standard queue to ingest the alerts, and set the message retentionperiod to 14 days. Configure consumers to poll the SQS queue, check the age of the message, and analyze the message data as needed If the message is 14 days old, the consumer should copy the message to an Amazon S3 bucket and delete the message from the SQS queue
Correct Answer: A
Section: (none)
QUESTION 100
A company is running an online transaction processing (OITP) workload on AWS. This workload uses an unencrypted Amazon RDSDB instance in a Multi-AZ deployment. Daily database snapshots are taken from this instance.
What should a solutions architect do to ensure the database and snapshots are always encrypted moving forward?
A. Encrypt a copy of the latest DB snapshot. Replace existing DB instance by restoring the encrypted snapshot
B. Create a new encrypted Amazon Elastic Block Store Amazon EBS) volume and copy the snapshots to it Enable encryption on the DB instance
C. Copy the snapshots and enable encryption using AWS Key Management Service (AWS KMS). Restore encrypted snapshot to an existing DB instance
D. Copy the snapshots to an Amazon S3 bucket that is encrypted using server-side encryption with AWS Key Management Service (AWS KMS) managed keys (SSE-KMS)
Correct Answer: A
Section: (none)
QUESTION 101
A company runs multiple applications in containers on Amazon Elastic Container Service (Amazon ECS instances. Theapplications run in an ECS cluster. Users access the applications through an Application Load Balancer (ALB).
The users report that the applications are slow every morning from 9-00 until 9:30 After that time period, no issues occur. What should a solutions architect recommend to resolve this issue?
A. Configure an Auto Scaling group with a step scaling policy. Attach the ECS instances to the Auto Scaling group
B. Configure an Auto Scaling group with a scheduled scaling policy. Attach the ECS instances to the Auto Scaling group
C. Create a second ECS cluster with two ECS instances Deploy some of the applications to the second ECS cluster
D. Add a second ALB in front of ECS instances. Configure the second ALB to route traffic to some of the applications on the ECS instances.
Correct Answer: B
Section: (none)
聯絡小豬科技專員,立即獲取 專屬雲端解決方案。
QUESTION 102
A company runs a containerized application on a Kubernetes cluster in an on-premises data center. The company is using a MongoDB database for data storage. The company wants to migrate some of these environments to AWS, but no code changes ordeployment method changes are possible at this time. The company needs a solution that minimizes operational overhead.
Which solution meets these requirements?
A. Use Amazon Elastic Container Service (Amazon ECS) with Amazon EC2 worker nodes for compute and MongoDB on EC2 for data storage.
B. Use Amazon Elastic Container Service (Amazon ECS) with AWS Fargate for compute and Amazon DynamoDB for data storage.
C. Use Amazon Elastic Kubemnetes Service (Amazon EKS) with Amazon EC2 worker nodes for compute and Amazon DynamoDB for data storage
D. Use Amazon Elastic Kubemnetes Service (Amazon EKS) with AWS Fargate for compute and Amazon DocumentDB (with MongoDB compatibility) for data storage
Correct Answer: D
Section: (none)
QUESTION 103
A survey company has gathered data for several years from areas in the United States. The company hosts the data in an Amazon S3 bucket that is 3 TB in size and growing. The company has started to share the data with a European marketing firm that has S3 buckets. The company wants to ensure that its data transfer costs remain as lo was possible.
Which solution will meet these requirements?
A. Configure the Requester Pays feature on the company's S3 bucket.
B. Configure S3 Cross-Region Replication from the company's S3 bucket to one of the marketing firm's S3 buckets.
C. Configure cross-account access for the marketing firm so that the marketing firm has access to the company's S3 bucket.
D. Configure the company's S3 bucket to use S3Intelligent-Tiering. Sync the S3 bucket to one of the marketing firm's S3 buckets.
Correct Answer: B
Section: (none)
QUESTION 104
A company runs its infrastructure on AWS and has a registered base of 700000 users for its document management application.The company intends to create a product that converts large .pdf files to .jpg image files. The .pdf files average 5 MB in size. The company needs to store the original files and the converted files. A solutions architect must design a scalable solution toaccommodate demand that will grow rapidly over time.
Which solution meets these requirements MOST cost-effectively?
A. Save the .pdf files to Amazon S3. Configure an S3 PUT event to invoke an AWS Lambda function to convert the files to .jpg format and store them back in Amazon S3.
B. Save the .pdf files to Amazon DynamoDB. Uso the DynamoDB Strcams feature to invokc an AWS Lambda function to convert the files to jpg format and store them back in DynamoDB.
C. Upload the .pdf files to an AWS Elastic Beanstalk application that includes Amazon EC2instances, Amazon Elastic BlockStore (Amazon EBS) storage, and an Auto Scaling group. Use a program in the EC2 instances to convert the files to .jpgformat. Save the .pdf files and the .jpg files in the EBS store.
D. Upload the .pdf files to an AWS Elastic Beanstalk application that includes Amazon EC2 instances, Amazon Elastic FileSystem (Amazon EFS) storage, and an Auto Scaling group. Use a program in the EC2 instances to convert the file to jpg format. Save the pdf files and the jpg files in the EBS store
Correct Answer: A
Section: (none)
QUESTION 105
A company runs a stateless web application in production on a group of Amazon EC2 On-Demand Instances behind anApplication Load Balancer. The application experiences heavy usage during an 8-hour period each business day. Application usage is moderate and steady overnight. Application usage is low during weekends.
The company wants to minimize its EC2 costs without affecting the availability of the application. Which solution will meet these requirements?
A. Use Spot Instances for the entire workload.
B. Use Reserved Instances for the baseline level of usage. Use Spot Instances for any additional capacity that the application needs.
C. Use On-Demand Instances for the baseline level of usage. Use Spot Instances for any additional capacity that the application needs.
D. Use Dedicated Instances for the baseline level of usage. Use On-Demand Instances for any additional capacity that the application needs.
Correct Answer: B
Section: (none)
QUESTION 106
A company that has a global user base is launching a new service. The service is highly anticipated because of along marketingcampaign. The company has built the service on Amazon EC2 instances that run behind an Application Load Balancer (ALB).The company uses an Amazon RDS for MySQL DB instance and Amazon S3 to store data.
Previously, the company experienced a large-scale cyberattack that originated from a specific country where the company has nouser base. Before the launch of the service, the company wants to block all traffic that originates from that specific country.
Which solution will meet this requirement?
A. Create an EC2 security group to deny any traffic that comes from the specific country's CIDR ranges. Attach the security group to the ALB
B. Create an RDS security group to deny any traffic that comes from the specific country's CIDR ranges Attach the security group to the DB instance
C. Create a Deny statement on the S3 bucket policy. Use a condition that specifies which country code to deny access to
D. Create an AWS WAF web ACL that has a rule to block the traffic based on a geographical match condition. Associate the web ACL with the ALB
Correct Answer: D
Section: (none)
QUESTION 107
A company runs an application on a large fleet of Amazon EC2 instances. The application reads and write entries into an Amazon DynamoDB table. The size of the DynamoDB table continuously grows, but the application needs only data from the last 30 days.The company needs a solution that minimizes cost and development effort.
Which solution meets these requirements?
A. Use an AWS CloudFormation template to deploy the complete solution. Redeploy the CloudFormation stack every 30 days, and delete the original stack.
B. Use an EC2 instance that runs a monitoring application from AWS Marketplace. Configure the
monitoring application to use Amazon DynamoDB Streams to store the timestamp when a new item is created in the table.Use a script that runs on the EC2 instance to delete items that have a timestamp that is older than 30 days
C. Configure Amazon DynamoDB Streams to invoke an AWS Lambda function when a new item is created in the table.
Configure the Lambda function to delete items in the table that are older than 30 days
D. Extend the application to add an attribute that has a value of the current timestamp plus 30 days to each new item that is created in the table. Configure DynamoDB to use the attribute as the TTL attribute.
Correct Answer: D
Section: (none)
QUESTION 108
A solutions architect needs to help a company optimize the cost of running an application on AWS. The application will use Amazon EC2 instances. AWS Fargate and AWS Lambda for compute within the architecture.
The EC2instances will run the data ingestion layer of the application. EC2 usage will be sporadic and unpredictable. Workloads that run on EC2 instances can be interrupted at any time. The application front end will run on Fargate, and Lambda will serve the API layer. The front-end utilization and API layer utilization will be predictable over the course of the next year. Which combinationof purchasing options will provide the MOST cost-effective solution for hosting this application?(Select TWO)
A. Use Spot Instances for the data ingestion layer
B. Use On-Demand Instances for the data ingestion layer
C. Purchase a 1-year Compute Savings Plan for the front end and API layer
D. Purchase 1-year Al Upfront Reserved Instances for the data ingestion layer
E. Purchase a 1-year EC2Instance Savings Plan for the front end and API layer
Correct Answer: AC
Section: (none)
QUESTION 109
A company has a legacy data processing application that runs on Amazon EC2instances Data is processed sequentially, but the order of results does not matter. The application uses a monolithic architecture. The only way that the company can scale the application to meet increased demand is to increase the size of the instances
The company's developers have decided to rewrite the application to use a microservices architecture on Amazon Elastic Container Service (Amazon ECS).
What should a solutions architect recommend for communication between the microservices?
A. Create an Amazon Simple Queue Service (Amazon SQS)queue. Add code to the data producers, and send data to the queue. Add code to the data consumers to process data from the queue
B. Create an Amazon Simple Notification Service (Amazon SNS) topic. Add code to the data producers, and publish notifications to the topic. Add code to the data consumers to subscribe to the topic
C. Create an AWS Lambda function to pass messages. Add code to the data producers to call the Lambda function with a dataobject. Add code to the data consumers to receive a data object that is passed from the Lambda function
D. Create an Amazon DynamoDB table. Enable DynamoDB Streams. Add code to the data producers to insert data into thetable. Add code to the data consumers to use the DynamoDB Streams API to detect new table entries and retrieve the data
Correct Answer: A
Section: (none)
QUESTION 110
A company has applications that run on Amazon EC2instances in a VPC. One of the applications needs to call the Amazon S3 API to store and read objects. According to the company's security regulations, no traffic from the applications is allowed to travel across the internet.
Which solution will meet these requirements?
A. Configure an S3 gateway endpoint
B. Create an S3 bucket in a private subnet
C. Create an S3 bucket in the same AWS Region as the EC2 instances
D. Configure a NAT gateway in the same subnet as the EC2 instances
Correct Answer: A
Section: (none)
探索小豬科技的全新服務,了解更多 讓我們助您站上雲端!
QUESTION 111
A company has a dataingestion workflow thatincludes the following components:
-- An Amazon Simple Notification Service (Amazon SNS) topic that receives notifications about new data deliveries.
-- An AWS Lambda function that processes and stores the data. The ingestion workflow occasionally fails because of networkconnectivity issues. When failure occurs, the corresponding data is not ingested unless the company manually reruns the job What should a solutions architect do to ensure that all notifications are eventually processed?
A. Configure the Lambda function for deployment across multiple Availability Zones
B. Modify the Lambda function's configuration to increase the CPU and memory allocations for the function
C. Configure the SNS topic's retry strategy to increase both the number of retries and the wait time between retries
D. Configure an Amazon Simple Queue Service (Amazon SQS) queue as the on-failure destination. Modify the Lambda function to process messages in the queue
Correct Answer: D
Section: (none)
QUESTION 112
A company wants to migrate an on-premises data center to AWS. The data center hosts an SFTP server that stores its data on an NFS-based file system. The server holds 200 GB of data that needs to be transferred. The server must be hosted on an Amazon EC2 instance that uses an Amazon Elastic File System
(Amazon EFS) file system.
Which combination of steps should a solutions architect take to automate this task? (Select TWO.)
A. Launch the EC2 instance into the same Availability Zone as the EFS file system.
B. Install an AWS DataSync agent in the on-premises data center
C. Create a secondary Amazon Elastic Block Store (Amazon EBS) volume on the EC2 instance for the data.
D. Manually use an operating system copy command to push the data to the EC2 instance
E. Use AWS DataSync to create a suitable location configuration for the on-premises SFTP server.
Correct Answer: BE
Section: (none)
QUESTION 113
A company has several web servers that need to frequently access a common Amazon RDS MySQL Multi- AZ DB instance. Thecompany wants a secure method for the web servers to connect to the database while meeting a security requirement to rotate user credentials frequently.
Which solution meets these requirements?
A. Store the database user credentials in AWS Secrets Manager. Grant the necessary IAM permissions to allow the web servers to access AWS Secrets Manager
B. Store the database user credentials in AWS Systems Manager OpsCenter. Grant the necessary IAM permissions to allow the web servers to access OpsCenter
C. Store the database user credentials in a secure Amazon S3 bucket Grant the necessary IAM permissions to allow the web servers to retrieve credentials and access the database
D. Store the database user credentials in files encrypted with AWS Key Management Service (AWS KMS) on the web server file system. The web server should be able to decrypt the files and access the database
Correct Answer: A
Section: (none)
QUESTION 114
A company is hosing a static website on Amazon S3 and is using Amazon Route 53 for DNS. The website is experiencing increased demand from around the world. The company must decrease latency for users who access the website.
Which solution meets these requirements MOST cost-effectively?
A. Replicate the S3 bucket that contains the website to all AWS Regions.Add Route 53 geolocaton routing entries
B. Provision accelerators in AWS Global Accelerator. Associate the supplied IP addresses with the S3bucket. Edit the Route 53entries to point to the IP addresses of the accelerators
C. Add an Amazon CloudFront distribution in front of the S3 bucket. Edit the Route 53 entries to point to the CloudFront distribution
D. Enable S3 Transfer Acceleration on the bucket Edit the Route 53 entries to point to the new endpoint
Correct Answer: C
Section: (none)
QUESTION 115
A company is developing a file-sharing application that will use an Amazon S3 bucket for storage. The company wants to serve all the files through an Amazon CloudFront distribution. The company does not want the files to be accessible through directnavigation to the S3 URL. What should a solutions architect do to meet these requirements?
A. Write individual policies for each S3 bucket to grant read permission for only CloudFront access
B. Create an IAM user Grant the user read permission to objects in the S3 bucket Assign the user to CloudFront
C. Write an S3 bucket policy that assigns the CloudFront distribution ID as the Principal and assigns the target S3 bucket as the Amazon Resource Name (ARN)
D. Create an origin access identity (OAI) Assign the OAI to the CloudFront distribution. Configure the S3 bucket permissions so that only the OAI has read permission.
Correct Answer: D
Section: (none)
QUESTION 116
A company wants to run applications in containers in the AWS Cloud. These applications are stateless and can tolerate disruptions within the underlying infrastructure. The company needs a solution that minimizes cost and operational overhead.
What should a solutions architect do to meet these requirements?
A. Use Spot Instances in an Amazon EC2 Auto Scaling group to run the application containers
B. Use Spot Instances in an Amazon Elastic Kubernetes Service (Amazon EKS) managed node group
C. Use On-Demand Instances in an Amazon EC2Auto Scaling group to run the application containers
D. Use On-Demand Instances in an Amazon Elastic Kubernetes Service (Amazon EKS) managed node group
Correct Answer: B
Section: (none)
享受一流的雲端支持,馬上註冊 小豬科技!
QUESTION 117
A company wants to reduce the cost of its existing three-tier web architecture. The web, application, and database servers are running on Amazon EC2 instances for the development, test, and production environments. The EC2 instances average 30% CPUutilization during peak hours and 10% CPU utilization during non-peak hours.
The production EC2instances run 24 hours a day. The development and test EC2 instances run for at least 8 hours each day. The company plans to implement automation to stop the development and test EC2 instances when they are not in use.
Which EC2 instance purchasing solution will meet the company's requirements MOST cost-effectively?
A. Use Spot Instances for the production EC2 instances. Use Reserved Instances for the development and test EC2 instances.
B. Use Reserved Instances for the production EC2 instances Use On-Demand Instances for the development and test EC2 instances.
C. Use Spot blocks for the production EC2 instances Use Reserved Instances for the development and testEc2instances
D. Use On-Demand Instances for the production EC2 instances. Use Spot blocks for the development and test EC2 instances.
Correct Answer: B
Section: (none)
QUESTION 118
A company needs to retain application log files for a critical application for 10years. The application team regularly accesses logs from the past month for troubleshooting. but logs older than 1 month are rarely accessed. The application generates more than 10 TB of logs per month. Which storage option meets these requirements MOST cost-effectively?
A. Store the logs in Amazon S3. Use AWS Backup to move logs more than 1month old to S3 Glacier Deep Archive
B. Store the logs in Amazon S3. Use S3Lfecycle policies to move logs more than 1month old to S3 Glacier Deep Archive
C. Store the logs in Amazon CloudWatch Logs. Use AWS Backup to move logs more than 1month old to S3 Glacier Deep Archive
D. Store the logs in Amazon CloudWatch Logs. Use Amazon S3 Lifecycle policies to move logs more than 1 month old to S3 Glacier Deep Archive
Correct Answer: B
Section: (none)
QUESTION 119
A company is migrating a distributed application to AWS. The application serves variable workloads. The legacy platform consists of a primary server that coordinates jobs across multiple compute nodes. The company wants to modernize the application with asolution that maximizes resiliency and scalability How should a solutions architect design the architecture to meet these requirements?
A. Configure an Amazon Simple Queue Service (Amazon SQS)queue as a destination for the jobs. Implement the computenodes with Amazon EC2 instances that are managed in an Auto Scaling group. Configure EC2 Auto Scaling to use scheduled scaling
B. Configure an Amazon Simple Queue Service (Amazon SQS)queue as a destination for the jobs. Implement the computenodes with Amazon EC2 instances that are managed in an Auto Scaling group. Configure EC2 Auto Scaling based on the size of the queue
C. Implement the primary server and the compute nodes with Amazon EC2 instances that are managed in an Auto Scaling group. Configure AWS CloudTrail as a destination for the jobs. Configure EC2 Auto Scaling based on the load on the primary server.
D. Implement the primary server and the compute nodes with Amazon EC2 instances that are managed in an Auto Scalinggroup. Configure Amazon EventBridge (Amazon CloudWatch Events) as a destination for the jobs. Configure EC2 Auto Scaling based on the load on the compute nodes.
Correct Answer: B
Section: (none)
QUESTION 120
A company is storing backup files by using Amazon S3 Standard storage. The files are accessed frequently for 1 month. However, the files are not accessed after 1 month. The company must keep the files indefinitely.
Which storage solution will meet these requirements MOST cost-effectively?
A. Configure S3 Intlligent-Tiering to automatically migrate objects
B. Create an S3 Lifecycle configuration to transition objects from S3 Standard to S3 Glacier Deep Archive after 1 month
C. Create an S3 Lifecvcle configuration to transition objects from S3 Standard to s3 Standard-Infrequent Access (S3 Standard-IA) after 1 month.
D. Create an S3 Lifecycle configuration to transition objects from S3 Standard to S3 One Zone-Infrequent Access (S3 One Zone-IA) after 1month
Correct Answer: B
Section: (none)
您的需求就是我們的使命,立即聯絡 小豬科技專員。