2024-10-09|閱讀時間 ‧ 約 0 分鐘

AWS Certified Solutions Architect - Associate SAA-C03 證照考古題

AWS 架構師證照考古題大全20241009

Amazon Web Service(AWS 亞馬遜)全系列考古題,2024年最新題庫,持續更新,全網最完整。AWS 證照含金量高,自我進修、跨足雲端產業必備近期版本更新,隨時追蹤最新趨勢變化。

QUESTION 361

A company has a three-tier web application that is in a single server.The company wants to migrate the application to the AWS Cloud. The company also wants the application to align with the AWS Well- Architected Framework and to be consistent withAWS recommended best practices for security, scalability, and resiliency.

Which combination of solutions will meet these requirements?(Select THREE)

 

A.       Create a VPC across two Availability Zones with the application's existing architecture. Host the application with existingarchitecture on an Amazon EC2 instance in a private subnet in each Availability Zone with EC2 Auto Scaling groups. Securethe EC2 instance with security groups and network access control lists (network ACLs)

B.       Set up security groups and network access control lists (network ACLs) to control access to the database layer. Set up a single Amazon RDS database in a private subnet

C.      Create a VPC across two Availability Zones. Refactor the application to host the web tier, application tier, and database tier.Host each tier on its own private subnet with Auto Scaling groups for the web tier and application tier

D.      Use a single Amazon RDS database. Allow database access only from the application tier security group

E.       Use Elastic Load Balancers in front of the web tier. Control access by using security groups containing references to each layer's security groups

F.       Use an Amazon RDS database Multi-AZ cluster deployment in private subnets. Allow database access only from application tier security groups

 

Correct Answer: CEF

Section: (none)

QUESTION 362

A company provides software as a service (SaaS) products to financial companies. The company uses AWS Organizations to manage its AWS accounts.

The company needs to improve its security posture to meet financial industry standards. The company requires access to high-severity alerts and security findings across all its AWS accounts in a single place that uses a standard format. The company also wants an automated solution to check its environment against security best practices.

Which solution will meet these requirements?

 

A.       Use Organizations to create global rules in AWS Config. Evaluate the rules based on the company's security policies,regulations, and security best practices. Create Amazon EventBridge rules that match AWS Config rule evaluations thathave a noncompliant status. Configure the EventBridge rules to target an AWS Lambda function to automate updates to security groups and to the configuration of network ACLs according to the company's security standards

B.       Use AWS Trusted Advisor and AWS Lambda functions to automate and integrate alerts. Configure Trusted Advisor toautomatically run security checks based on AWS best practices, industry standards and the company's security standards

C.      Configure AWS Security Hub to auto-enable for member accounts in the organization. Use Security Hub to automatically run security checks based on AWS best practices, industry standards, and the company's security standards

D.      Configure a delegated administrator account for AWS GuardDuty in the organization. Create Amazon EventBridge rules that match GuardDuty findings. Configure the rules to invoke an AWS Lambda function to automate updates of the securitygroups and the configuration of network ACLs according to the company's security standards

 

Correct Answer: C

Section: (none)


QUESTION 363

A gaming company is building an application with Voice over IP capabilities. The application will serve traffic to users across the world. The application needs to be highly available with an automated failover across AWS Regions. The company wants to minimize the latency of users without relying on IP address caching on user devices.

What should a solutions architect do to meet these requirements?

 

A.       Use AWS Global Accelerator with health checks

B.       Use Amazon Route 53 with a geolocation routing policy

C.      Create an Amazon CloudFront distribution that includes multiple origins

D.      Create an Application Load Balancer that uses path-based routing

 

Correct Answer: A

Section: (none)

QUESTION 364

A solutions architect is creating a data processing job that runs once daily and can take up to 2 hours to complete. If the jobis interrupted, it has to restart from the beginning. How should the solutions architect address this issue in the MOST cost-effective manner?

 

A.       Create a script that runs locally on an Amazon EC2 Reserved Instance that is triggered by a cron job

B.       Create an AWS Lambda function triggered by an Amazon EventBridge scheduled event.

C.      Use an Amazon Elastic Container Service (Amazon ECS) Fargate task triggered by an Amazon EventBridge scheduled event

D.      Use an Amazon Elastic Container Service (Amazon ECS) task running on Amazon EC2 triggered by an Amazon EventBridge scheduled event

 

Correct Answer: C

Section: (none)

QUESTION 365

A company that uses AWS Organizations runs 15O applications across 3O different AWS accounts. The company used AWSCost and Usage Report to create a new report in the management account. The report is delivered to an Amazon S3 bucket that is replicated to a bucket in the data collection account. The company's senior leadership wants to view a custom dashboard thatprovides NAT gateway costs each day starting at the beginning of the current month.

Which solution will meet these requirements?

 

A.       Share an Amazon QuickSight dashboard that includes the requested table visual. Configure QuickSight


to use AWS DataSync to query the new report.

B.       Share an Amazon QuickSight dashboard that includes the requested table visual. Configure QuickSight to use Amazon Athena to query the new report

C.      Share an Amazon CloudWatch dashboard that includes the requested table visual. Configure CloudWatch to use AWS DataSync to query the new report.

D.      Share an Amazon CloudWatch dashboard that includes the requested table visual. Configure CloudWatch to use Amazon Athena to query the new report.

 

Correct Answer: B

Section: (none)


探索小豬科技的多元服務,看看我們如何支持您的業務發展!了解更多


QUESTION 366

A company uses AWS Cost Explorer to monitor its AWS costs. The company notices that Amazon Elastic Block Store (AmazonEBS) storage and snapshot costs increase every month. However, the company does not purchase additional EBS storage everymonth. The company wants to optimize monthly costs for its current storage usage.

Which solution will meet these requirements with the LEAST operational overhead?

 

A.       Use logs in Amazon CloudWatch Logs to monitor the storage utilization of Amazon EBS. Use Amazon EBS Elastic Volumes to reduce the size of the EBS volumes

B.       Use a custom script to monitor space usage. Use Amazon EBS Elastic Volumes to reduce the size of the EBS volumes

C.      Delete all expired and unused snapshots to reduce snapshot costs

D.      Delete all nonessential snapshots. Use Amazon Data Lifecycle Manager to create and manage the snapshots according to the company's snapshot policy requirements

 

Correct Answer: C

Section: (none)

QUESTION 367

A company stores a large volume of image files in an Amazon S3 bucket. The images need to be readily available for the first180 days. The images are infrequently accessed for the next 180 days After 360 days, the images need to be archived but must be available instantly upon request After 5 years, only auditors can access the images. The auditors must be able to retrieve the images within 12 hours. The images cannot be lost during this process.

A developer will use S3 Standard storage for the first 180 days. The developer needs to configure an S3 Lifecycle rule

Which solution will meet these requirements MOST cost-effectively?

 

A.       Transition the objects to S3 One Zone-Infrequent Access (S3 One Zone-IA) after 180 days, S3 Glacier Instant Retrieval after 360 days, and S3 Glacier Deep Archive after 5 years

B.       Transition the objects to S3 One Zone-Infrequent Access (S3 One Zone-IA) after 180 days. S3 Glacier Flexible Retrieval after 360 days. and S3 Glacier Deep Archive after 5 years

C.      Transition the objects to S3 Standard-Infrequent Access (S3 Standard-IA) after 180 days. S3 Glacier Instant Retrieval after 360 days. and S3 Glacier Deep Archive after 5 years

D.      Transition the objects to S3 Standard-Infrequent Access (S3 Standard-IA) after 180 days, S3 Glacier Flexible Retrieval after 360 days, and S3 Glacier Deep Archive after 5 years

 

Correct Answer: C

Section: (none)

QUESTION 368

A solutions architect is designing a company's disaster recovery (DR) architecture. The company has a MySQL database thatruns on an Amazon EC2 instance in a private subnet with scheduled backup. The DR design needs to include multiple AWS Regions.

Which solution will meet these requirements with the LEAST operational overhead?

 

A.       Migrate the MySQL database to multiple EC2 instances. Configure a standby EC2 instance in the DR Region. Turn on replication

B.       Migrate the MySQL database to Amazon RDS. Use a Multi-AZ deployment. Turn on read replication for the primary DB instance in the different Availability Zones


C.      Migrate the MySQL database to an Amazon Aurora global database. Host the primary DB cluster in the primary Region. Host the secondary DB cluster in the DR Region

D.      Store the scheduled backup of the MySQL database in an Amazon S3 bucket that is configured for S3 Cross-Region Replication (CRR). Use the data backup to restore the database in the DR Region

 

Correct Answer: C

Section: (none)

QUESTION 369

A company uses storage area network (SAN) storage to runs its application on premises. The company is building a disaster recovery(DR) plan. The company wants to keep the backup data in the AWS Cloud. In the event of a disaster, the companywants to use Amazon Elastic Block Store (Amazon EBS) to restore the data and the application in the AWS Cloud.

Which solution will meet these requirements MOST cost_effectively'

 

A.       Take snapshots of the on-premises SAN storage. Copy the data to Amazon S3. During a disaster, create an EBS volume directly from the snapshot that is stored in Amazon S3

B.       Use EBS direct APIs to create incremental EBS snapshots from the on-premises SAN storage. Use the EBS snapshot to create EBS volumes during a disaster

C.      Create an asynchronous replication from the on-premises SAN storage to an EBS volume. During a disaster, create an Amazon EC2 instance. Attach the EBS volume to the instance

D.      Use AWS DataSync to periodically copy the data from the on-premises SAN storage to Amazon S3. During a disaster, create an Amazon EC2 instance. Attach a new EBS volume to the EC2 instance Copy the data directly from Amazon S3 to the EBS volume

 

Correct Answer: D

Section: (none)

QUESTION 370

A data analytics company wants to migrate its batch processing system to AWS. The company receives thousands of smalldata files periodically during the day through FTP. An on-premises batch job processes the data files overnight. However, thebatch job takes hours to finish running The company wants the AWS solution to process incoming data files as soon as possible with minimal changes to the FTP clients that send the files. The solution must delete the incoming data files after the files have been processed successfully. Processing for each file needs to take 3-8 minutes Which solution will meet these requirements in the MOST operationally efficient way?

 

A.       Use an Amazon EC2 instance that runs an FTP server to store incoming files as objects in Amazon S3 Glacier Flexible Retrieval. Configure a job queue in AWS Batch. Use Amazon EventBridge rules to invoke the job to process the objectsnightly from S3 Glacier Flexible Retrieval. Delete the objects after the job has processed the objects

B.       Use an Amazon EC2 instance that runs an FTP server to store incoming files on an Amazon Elastic Block Store (Amazon EBS) volume. Configure a job queue in AWS Batch. Use Amazon EventBridge rules to invoke the job to process the filesnightly from the EBS volume. Delete the files after the job has processed the files

C.      Use AWS Transfer Family to create an FTP server to store incoming files on an Amazon Elastic Block Store (Amazon EBS) volume. Configure a job queue in AWS Batch. Use an Amazon S3 event notification when each file arrives to invoke the job in AWS Batch. Delete the files after the job has processed the files

D.      Use AWS Transfer Family to create an FTP server to store incoming files in Amazon S3 Standard. Create an AWSLambda function to process the files and to delete the files after they are processed. Use an S3 event notification to invoke the Lambda function when the files arrive

 

Correct Answer: D

Section: (none)


想要迅速部署雲端服務?立即註冊 小豬科技,開啟您的雲端之旅!


QUESTION 371

A company is building a new web-based customer relationship management application. The application will use several Amazon EC2 instances that are backed by Amazon Elastic Block Store (Amazon EBS) volumes behind an Application Load Balancer (ALB). The application will also use an Amazon Aurora database. All data for the application must be encrypted at restand in transit Which solution will meet these requirements?


A.       Use AWS Key Management Service (AWS KMS) certificates on the ALB to encrypt data in transit. Use AWS Certificate Manager (ACM) to encrypt the EBS volumes and Aurora database storage at rest

B.       Use the AWS root account to log in to the AWS Management Console. Upload the company's encryption certificates.While in the root account, select the option to turn on encryption for all data at rest and in transit for the account

C.      Use AWS Key Management Service (AWS KMS) to encrypt the EBS volumes and Aurora database storage at rest. Attach an AWS Certificate Manager (ACM) certificate to the ALB to encrypt data in transit

D.      Use BitLocker to encrypt all data at rest Import the company's TLS certificate keys to AWS Key Management Service (AWS KMS). Attach the KMS keys to the ALB to encrypt data in transit

 

Correct Answer: C

Section: (none)

QUESTION 372

A company runs its applications on Amazon EC2 instances that are backed by Amazon Elastic Block Store (Amazon EBS). The EC2 instances run the most recent Amazon Linux release. The applications are experiencing availability issues when the company's employees store and retrieve filles that are 25 GB or larger. The company needs a solution that does not require the company to transfer files between EC2 instances. The files must be available across many EC2 instances and across multiple Availability Zones. Which solution will meet these requirements?

 

A.       Migrate all the files to an Amazon S3 bucket. Instruct the employees to access the files from the S3 bucket

B.       Take a snapshot of the existing EBS volume. Mount the snapshot as an EBS volume across the EC2 instances. Instruct the employees to access the files from the EC2 instances

C.      Mount an Amazon Elastic File System (Amazon EFS) file system across all the EC2 instances. Instruct the employees to access the files from the EC2 instances

D.      Create an Amazon Machine Image (AMl) from the EC2 instances. Configure new EC2 instances from the AMI that use an instance store volume. Instruct the employees to access the files from the EC2 instances

 

Correct Answer: C

Section: (none)

QUESTION 373

A company wants to migrate an on-premises data center to AWS. The data center hosts a storage server that stores data in anNFS-based file system. The storage server holds 200 GB of data.The company needs to migrate the data without interruption to existing services. Multiple resources in AWS must be able to access the data by using the NFS protocol.

Which combination of steps will meet these requirements MOST cost-effectively? (Select TWO.)

 

A.       Create an Amazon FSx for Lustre file system

B.       Create an Amazon Elastic File System (Amazon EFS) file system

C.      Create an Amazon S3 bucket to receive the data

D.      Manually use an operating system copy command to push the data into the AWS destination

E.       Install an AWS DataSync agent in the on-premises data center. Use a DataSync task between the the on-premises location and AWS

 

Correct Answer: BE

Section: (none)

QUESTION 374

A company has an application that is backed by an Amazon DynamoDB table. The company's compliance requirements specifythat database backups must be taken every month, must be available for 6 months, and must be retained for 7 years.

Which solution will meet these requirements?

 

A.       Create an AWS Backup plan to back up the DynamoDB table on the first day of each month. Specify a


lifecycle policy that transitions the backup to cold storage after 6 months. Set the retention period for each backup to 7 years

B.       Create a DynamoDB on-demand backup of the DynamoDB table on the first day of each month. Transition the backup toAmazon S3 Glacier Flexible Retrieval after 6 months. Create an S3 Lifecycle policy to delete backups that are older than 7 years

C.      Use the AWS SDK to develop a script that creates an on-demand backup of the DynamoDB table. Set up an Amazon EventBridge rule that runs the script on the first day of each month. Create a second script that will run on the second day ofeach month to transition DynamoDB backups that are older than 6 months to cold storage and to delete backups that are older than 7 years

D.      Use the AWS CLI to create an on-demand backup of the DynamoDB table. Set up an Amazon EventBridge rule that runs the command on the first day of each month with a cron expression. Specify in the command to transition the backups tocold storage after 6 months and to delete the backups after 7 years

 

Correct Answer: A

Section: (none)

QUESTION 375

A company has a web application that runs on premises. The application experiences latency issues during peak hours. The latency issues occur twice each month. At the start of a latency issue, the application's CPU utilization immediately increases to 10 times its normal amount. The company wants to migrate the application to AWS to improve latency. The company also wantsto scale the application automatically when application demand increases. The company will use AWS Elastic Beanstalk for application deployment.

Which solution will meet these requirements?

 

A.       Configure an Elastic Beanstalk environment to use burstable performance instances in unlimited mode. Configure the environment to scale based on requests

B.       Configure an Elastic Beanstalk environment to use compute optimized instances. Configure the environment to scale based on requests

C.      Configure an Elastic Beanstalk environment to use compute optimized instances. Configure the environment to scale on a schedule

D.      Configure an Elastic Beanstalk environment to use burstable performance instances in unlimited mode. Configure the environment to scale on predictive metrics

 

Correct Answer: A

Section: (none)


雲端不再遙不可及,了解更多 小豬科技如何讓它更貼近您!


QUESTION 376

A gaming company uses Amazon DynamoDB to store user information such as geographic location, player data, and leaderboards. The company needs to configure continuous backups to an Amazon S3 bucket with a minimal amount of coding. The backups must not affect availability of the application and must not affect the read capacity units (RCUs) that are defined for the table.

Which solution meets these requirements?

 

A.       Use an Amazon EMR cluster. Create an Apache Hive job to back up the data to Amazon S3

B.       Export the data directly from DynamoDB to Amazon S3 with continuous backups. Turn on point-in-time recovery for the table

C.      Configure Amazon DynamoDB Streams. Create an AWS Lambda function to consume the stream and export the data to an Amazon S3 bucket

D.      Create an AWS Lambda function to export the data from the database tables to Amazon S3 on a regular basis. Turn on point-in-time recovery for the table

 

Correct Answer: C

Section: (none)

QUESTION 377

A company is moving its data and applications to AWS during a multiyear migration project The company wants to securelyaccess data on Amazon S3 from the company's AWS Region and from the company's on- premises location. The data must not traverse the internet. The company has established an AWS Direct Connect connection between its Region and its on-premises location.

Which solution will meet these requirements?


A.       Create gateway endpoints for Amazon S3. Use the gateway endpoints to securely access the data from the Region and the on-premises location

B.       Create a gateway in AWS Transit Gateway to access Amazon S3 securely from the Region and the on- premises location

C.      Create interface endpoints for Amazon S3. Use the interface endpoints to securely access the data from the Region and the on-premises location

D.      Use an AWS Key Management Service (AWS KMS) key to access the data securely from the Region and the on-premises location

 

Correct Answer: C

Section: (none)

QUESTION 378

A company collects 10 GB of telemetry data daily from various machines. The company stores the data in an Amazon S3 bucket in a source data account.

The company has hired several consulting agencies to use this data for analysis. Each agency needs read access to the data for its analysts. The company must share the data from the source data account by choosing a solution that maximizes security and operational efficiency.

Which solution will meet these requirements?

 

A.       Configure S3 global tables to replicate data for each agency

B.       Make the S3 bucket public for a limited time. Inform only the agencies

C.      Configure cross-account access for the S3 bucket to the accounts that the agencies own

D.      Set up an IAM user for each analyst in the source data account. Grant each user access to the S3 bucket

 

Correct Answer: C

Section: (none)

QUESTION 379

A media company hosts its website on AWS. The website application's architecture includes a fleet of Amazon EC2 instancesbehind an Application Load Balancer (ALB) and a database that is hosted on Amazon Aurora. The company's cybersecurityteam reports that the application is vulnerable to SQL injection.

How should the company resolve this issue?

 

A.       Use AWS WAF in front of the ALB. Associate the appropriate web ACLs with AWS WAF

B.       Create an ALB listener rule to reply to SQL injections with a fixed response

C.      Subscribe to AWS Shield Advanced to block all SQL injection attempts automatically

D.      Set up Amazon Inspector to block all SQL injiection attempts automatically

 

Correct Answer: A

Section: (none)

QUESTION 380

An Amazon EventBridge rule targets a third-party API. The third-party API has not received any incoming traffic. A solutionsarchitect needs to determine whether the rule conditions are being met and if the rule's target is being invoked.

Which solution will meet these requirements?

 

A.       Check for metrics in Amazon CloudWatch in the namespace for AWS/Events

B.       Review events in the Amazon Simple Queue Service (Amazon SQS) dead-letter queue

C.      Check for the events in Amazon CloudWatch Logs

D.      Check the trails in AWS CloudTrail for the EventBridae events

 

Correct Answer: C

Section: (none)


小豬科技讓雲端管理變得輕鬆,立即註冊 搶先體驗!


QUESTION 381


A company manages multiple AWS accounts in an organization in AWS Organizations. The company's applications run on Amazon EC2 instances in multiple AWS Regions.The company needs a solution to simplify the management of security rulesacross the accounts in its organization. The solution must apply shared security group rules, audit security groups, and detectunused and redundant rules in VPC security groups across all AWS environments.

Which solution will meet these requirements with the MOST operational efficiency?

 

A.       Use AWS Firewall Manager to create a set of rules based on the security requirements. Replicate the rules to all the AWS accounts and Regions

B.       Use AWS CloudFormation StackSets to provision VPC security groups based on the specifications across multipleaccounts and Regions. Deploy AWS Network Firewall to define the firewall rules to control network traffic across multiple accounts and Regions

C.      Use AWS CloudFormation StackSets to provision VPC security groups based on the specifications across multiple accounts and Regions. Configure AWS Config and AWS Lambda to evaluate compliance information and to automate enforcement across all accounts and Regions

D.      Use AWS Network Firewall to build policies based on the security requirements. Centrally apply the new policies to all the VPCs and accounts

 

Correct Answer: C

Section: (none)

QUESTION 382

A company has 15 employees. The company stores employee start dates in an Amazon DynamoDB table. The company wants to send an email message to each employee on the day of the employee's work anniversary.

Which solution will meet these requirements with the MOST operational efficiency?

 

A.       Create a script that scans the DynamoDB table and uses Amazon Simple Notification Service (Amazon SNS) to send emailmessages to employees when necessary. Use a cron job to run this script every day on an Amazon EC2 instance

B.       Create a script that scans the DynamoDB table and uses Amazon Simple Queue Service (Amazon SQS) to send emailmessages to employees when necessary. Use a cron job to run this script every day on an Amazon EC2 instance

C.      Create an AWS Lambda function that scans the DynamoDB table and uses Amazon Simple Notification Service (AmazonSNS) to send email messages to employees when necessary. Schedule this Lambda function to run every day

D.      Create an AWS Lambda function that scans the DynamoDB table and uses Amazon Simple Queue Service (AmazonSQS) to send email messages to employees when necessary. Schedule this Lambda function to run every day

 

Correct Answer: C

Section: (none)

QUESTION 383

A company is building a new furniture inventory application. The company has deployed the application on a fleet of Amazon EC2 instances across multiple Availability Zones. The EC2 instances run behind an Application Load Balancer(ALB) in their VPC.

A solutions architect has observed that incoming traffic seems to favor one EC2 instance, resulting in latency for some requests.

What should the solutions architect do to resolve this issue?

 

A.       Disable session affinity (sticky sessions) on the ALE

B.       Replace the ALB with a Network Load Balancer

C.      Increase the number of EC2 instances in each Availability Zone

D.      Adjust the frequency of the health checks on the ALB's target group

 

Correct Answer: A

Section: (none)

QUESTION 384

A company manages an application that stores data on an Amazon RDS for PostgreSQL Multi-AZ DB


instance. Increases in traffic are causing performance problems. The company determines that database queries are the primary reason for the slow performance.

What should a solutions architect do to improve the application's performance?

 

A.       Serve read traffic from the Multi-AZ standby replica

B.       Configure the DB instance to use Transfer Acceleration

C.      Create a read replica from the source DB instance. Serve read traffic from the read replica

D.      Use Amazon Kinesis Data Firehose between the application and Amazon RDS to increase the concurrency of database requests

 

Correct Answer: C

Section: (none)

QUESTION 385

A company runs an application on AWS. The application receives inconsistent amounts of usage.The application uses AWSDirect Connect to connect to an on-premises MySQL-compatible database.The on- premises database consistently uses a minimum of 2 GiB of memory. The company wants to migrate the on-premises database to a managed AWS service. Thecompany wants to use auto scaling capabilities to manage unexpected workload increases. Which solution will meet these requirements with the LEAST administrative overhead?

 

A.       Provision an Amazon DynamoDB database with default read and write capacity settings

B.       Provision an Amazon Aurora database with a minimum capacity of 1 Aurora capacity unit (ACU)

C.      Provision an Amazon Aurora Serverless v2 database with a minimum capacity of 1 Aurora capacity unit (ACU)

D.      Provision an Amazon RDS for MySQL database with 2 GiB of memory

 

Correct Answer: C

Section: (none)


讓小豬科技專員為您提供量身訂製的解決方案,立即聯絡


QUESTION 386

A gaming company has a web application that displays scores. The application runs on Amazon EC2 instances behind anApplication Load Balancer. The application stores data in an Amazon RDS for MySQL database. Users are starting to experiencelong delays and interruptions that are caused by database read performance. The company wants to improve the user experience while minimizing changes to the application's architecture.

What should a solutions architect do to meet these requirements?

 

A.       Use Amazon ElastiCache in front of the database

B.       Use RDS Proxy between the application and the database

C.      Migrate the application from EC2 instances to AWS Lambda

D.      Migrate the database from Amazon RDS for MySQL to Amazon DynamoDB

 

Correct Answer: A

Section: (none)

QUESTION 387

A company recently migrated its web application to the AWS Cloud. The company uses an Amazon EC2 instance to run multiple processes to host the application. The processes include an Apache web server that serves static content. TheApache web server makes requests to a PHP application that uses a local Redis server for user sessions.

The company wants to redesign the architecture to be highly available and to use AWS managed solutions. Which solution will meet these requirements?

 

A.       Use AWS Elastic Beanstalk to host the static content and the PHP application. Configure Elastic Beanstalk to deploy its EC2 instance into a public subnet. Assign a public IP address

B.       Use AWS Lambda to host the static content and the PHP application. Use an Amazon API Gateway REST API to proxyrequests to the Lambda function. Set the API Gateway CORS configuration to respond to the domain name. ConfigureAmazon ElastiCache for Redis to handle session information

C.      Keep the backend code on the EC2 instance. Create an Amazon ElastiCache for Redis cluster that has


Multi-AZ enabled. Configure the ElastiCache for Redis cluster in cluster mode. Copy the frontend resources to Amazon S3. Configure the backend code to reference the EC2 instance

D.      Configure an Amazon CloudFront distribution with an Amazon S3 endpoint to an S3 bucket that is configured to host the static content. Configure an Application Load Balancer that targets an Amazon Elastic Container Service (Amazon ECS)service that runs AWS Fargate tasks for the PHP application. Configure the PHP application to use an Amazon ElastiCache for Redis cluster that runs in multiple Availability Zones

 

Correct Answer: D

Section: (none)

QUESTION 388

A company deploys an application on five Amazon EC2 instances. An Application Load Balancer (ALB) distributes traffic to the instances by using a target group. The average CPU usage on each of the instances is below 10% most of the time. with occasional surges to 65%. A solutions architect needs to implement a solution to automate the scalability of the application. Thesolution must optimize the cost of the architecture and must ensure that the application has enough CPU resources when surges occur.

Which solution will meet these requirements?

 

A.       Create an Amazon CloudWatch alarm that enters the ALARM state when the CPUUtilization metric is less than 20%.Create an AWS Lambda function that the CloudWatch alarm invokes to terminate one of the EC2 instances in the ALB target group

B.       Create an EC2 Auto Scaling group. Select the existing ALB as the load balancer and the existing target group as the target group. Set a target tracking scaling policy that is based on the ASGAverageCPUUtilization metric. Set the minimum instances to 2, the desired capacity to 3, the maximum instances to 6, and the target value to 50%. Add the EC2 instancesto the Auto Scaling group

C.      Create an EC2 Auto Scaling group. Select the existing ALB as the load balancer and the existing target group as the targetgroup. Set the minimum instances to 2, the desired capacity to 3, and the maximum instances to 6. Add the EC2 instances to the Auto Scaling group

D.      Create two Amazon CloudWatch alarms. Configure the first CloudWatch alarm to enter the ALARM state when the averageCPUUtilization metric is below 20%. Configure the second CloudWatch alarm to enter the ALARM state when the average CPUUtilization metric is above 50%. Configure the alarms to publish to an Amazon Simple Notification Service (Amazon SNS) topic to send an email message After receiving the message. log in to decrease or increase the number of EC2 instances that are running

 

Correct Answer: B

Section: (none)

QUESTION 389

An ecommerce company stores terabytes of customer data in the AWS Cloud. The data contains personally identifiableinformation (Pll). The company wants to use the data in three applications. Only one of the applications needs to process the Pll.The PlI must be removed before the other two applications process the data.

Which solution will meet these requirements with the LEAST operational overhead?

 

A.       Store the data in an Amazon DynamoDB table. Create a proxy application layer to intercept and process the data that each application requests

B.       Store the data in an Amazon S3 bucket. Process and transform the data by using S3 Object Lambda before returning the data to the requesting application

C.      Process the data and store the transformed data in three separate Amazon S3 buckets so that each application has its own custom dataset. Point each application to its respective S3 bucket.

D.      Process the data and store the transformed data in three separate Amazon DynamoDB tables so that each applicationhas its own custom dataset. Point each application to its respective DynamoDB table

 

Correct Answer: B

Section: (none)

QUESTION 390

A company recently migrated to the AWS Cloud. The company wants a serverless solution for large-scale parallel on-demand processing of a semistructured dataset. The data consists of logs. media files. Sales transactions, and loT sensor data that isstored in Amazon S3. The company wants the solution to process thousands of items in the dataset in parallel.


Which solution will meet these requirements with the MOST operational efficiency?

 

A.       Use the AWS Step Functions Map state in Inline mode to process the data in parallel

B.       Use the AWS Step Functions Map state in Distributed mode to process the data in parallel

C.      Use AWS Glue to process the data in parallel

D.      Use several AWS Lambda functions to process the data in parallel

 

Correct Answer: D

Section: (none)


想更深入了解雲端服務?了解更多 關於小豬科技的解決方案。


QUESTION 391

A solutions architect is designing a new service behind Amazon API Gateway. The request patterns for the service will be unpredictable and can change suddenly from 0 requests to over 500 per second. The total size of the data that needs to be persisted in a backend database is currently less than 1 GB with unpredictable future growth Data can be queried using simple key-value requests. Which combination of AWS services would meet these requirements? (Select TWO )

 

A.       AWS Fargate

B.       AWS Lambda

C.      Amazon DynamoDB

D.      Amazon EC2 Auto Scaling

E.       MySQL-compatible Amazon Aurora

 

Correct Answer: BC

Section: (none)

QUESTION 392

A company is hosting a website behind multiple Application Load Balancers. The company has different distribution rights for its content around the world. A solutions architect needs to ensure that users are served the correct content without violating distribution rights. Which configuration should the solutions architect choose to meet these requirements?

 

A.       Configure Amazon CloudFront with AWS WAF.

B.       Configure Application Load Balancers with AWS WAF.

C.      Configure Amazon Route 53 with a geolocation policy.

D.      Configure Amazon Route 53 with a geoproximity routing policy.

 

Correct Answer: C

Section: (none)

QUESTION 393

A solution architect is performing a security review of a recently migrated workload. The workload is a web application that consists of amazon EC2 instances in an Auto Scaling group behind an Application Load balancer. The solution architect must improve the security posture and minimize the impact of a DDoS attack on resources.

Which solution is MOST effective?

 

A.       Configure an AWS WAF ACL with rate-based rules Create an Amazon CloudFront distribution that points to the Application Load Balancer. Enable the EAF ACL on the CloudFront distribution

B.       Create a custom AWS Lambda function that adds identified attacks into a common vulnerability pool to capture a potentialDDoS attack. use the identified information to modify a network ACL to block access.

C.      Enable VPC Flow Logs and store then in Amazon S3. Create a custom AWS Lambda functions that parses the logs looking for a DDoS attack. Modify a network ACL to block identified source IP addresses.

D.      Enable Amazon GuardDuty and , configure findings written 10 Amazon GloudWatch Create an event with Cloud Watch Events for DDoS alerts that triggers Amazon Simple Notification Service (Amazon SNS) Have Amzon SNS invoke a custom AWS lambda function that parses the logs looking for a DDoS attack Modify a network ACL to block identified source IP addresses

 

Correct Answer: A


Section: (none)

QUESTION 394

A company has an application workflow that uses an AWS Lambda function to download and decrypt files from Amazon S3.These files are encrypted using AWS Key Management Service Customer Master Keys (AWS KMS CMKs).

A solutions architect needs to design a solution that will ensure the required permissions are set correctly. Which combination of actions accomplish this? (Select TWO.)

 

A.       Attach the kms.decrypt permission to the Lambda function's resource policy.

B.       Grant the decrypt permission for the Lambda IAM role in the KMS key's policy.

C.      Grant the decrypt permission for the Lambda resource policy in the KMS key's policy.

D.      Create a new IAM policy with the kms:decrypt permission and attach the policy to the Lambda function.

E.       Create a new IAM role with the kms decrypt permission and attach the execution role to the Lambda function.

 

Correct Answer: BE

Section: (none)

QUESTION 395

A company has applications hosted on Amazon EC2 instances with IPv6 addresses. The applications must initiatecommunications with other external applications using the internet. However, the company's security policy states that anyexternal service cannot initiate a connection to the EC2 instances. What should a solutions architect recommend to resolve this issue?

 

A.       Create a NAT gateway and make it the destination of the subnet's route table

B.       Create an internet gateway and make it the destination of the subnet's route table

C.      Create a virtual private gateway and make it the destination of the subnet's route table

D.      Create an egress-only internet gateway and make it the destination of the subnet's route table

 

Correct Answer: D

Section: (none)


想更深入了解雲端服務?了解更多 關於小豬科技的解決方案。


QUESTION 396

A company wants to monitor its AWS costs for financial review. The cloud operations team is designing an architecture in the AWS Organizations master account to query AWS Cost and Usage Reports for all member accounts.

The team must run this query once a month and provide a detailed analysis of the bill. Which solution is the MOST scalable and cost-effective way to meet these requirements?

 

A.       Enable Cost and Usage Reports in the master account. Deliver reports to Amazon Kinesis

Use Amazon EMR tor analysis.

B.       Enable Cost and Usage Reports in the master account. Deliver the reports to Amazon S3

Use Amazon Athena for analysis.

C.      Enable Cost and Usage Reports for member accounts. Deliver the reports to Amazon S3

Use Amazon Redshift for analysis.

D.      Enable Cost and Usage Reports for member accounts. Deliver the reports to Amazon Kinesis

Use Amazon QuicKSight for analysis.

 

Correct Answer: B

Section: (none)

QUESTION 397

A solutions architect needs to host a high performance computing (HPC) workload in the AWS Cloud. The workload will run on hundreds of Amazon EC2 instances and will require parallel access to a shared file system to enable distributed processing of large datasets. Datasets will be accessed across multiple instances simultaneously.


The workload requires access latency within 1 ms.

After processing has completed, engineer will need access to the dataset for manual postprocessing. Which solution will meet these requirements?

 

A.       Use Amazon Elastic File System (Amazon EFS) as a shared file system Access the dataset from Amazon EFS.

B.       Mount an Amazon S3 bucket to serve as the shared file system Perform postprocessing directly from the S3 bucket

C.      Use Amazon FSx for Lustre as a shared file system.

Link the file system to an Amazon S3 bucket for postprocessing.

D.      Configure AWS Resource Access Manager to share an Amazon S3 bucket so that it can be mounted to all instances for processing and postprocessing

 

Correct Answer: C

Section: (none)

QUESTION 398

A development team is creating an event-based application that uses AWS Lambda functions. Events will be generated whenfiles are added to an Amazon S3 bucket. The development team currently has Amazon Simple Notification Service (AmazonSNS) configured as the event target from Amazon S3. What should a solution architect do to process the events from Amazon S3 in a scalable why?

 

A.       Create an SNS subscription that processes the event in Amazon Elastic Container Service (Amazon ECS) before the event runs in Lambda.

B.       Create an SNS subscription that processes the event in Amazon Elastic Kubermetes Service (Amazon EKS) before the event runs in Lambda.

C.      Create on SNS subscription that sends the event to AWS Server Migration Service (AWS SQS). Configure the SQS queue to trigger a Lambda function.

D.      Create an SNS subscription that sends the event to AWS Server Migration Service (AWS SMS). Configure the Lambda function to poll from the SMS event

 

Correct Answer: C

Section: (none)

QUESTION 399

A company Is creating a new application that will store a large amount of data. The data will be analyzed hourly and will be modified by several Amazon EC2 Linux instances that are deployed across multiple Availability Zones.

The needed amount of storage space will continue to grow for the next 6 months Which storage solution should a solutions architect recommend to meet these requirements?

 

A.       Store the data in Amazon S3 Glacier.

Update the S3 Glacier vault policy to allow access to the application instances.

B.       Store the data in an Amazon Elastic Block Store (Amazon EBS) volume Mount the EBS volume on the application instances.

C.      Store the data in an amazon Elastic File System (Amazon EFS) file system. Mount the file system on the application instances

D.      Store the data in an Amazon Elastic Block Store (Amazon ESS) Provisioned IOPS volume shared between the application instances

 

Correct Answer: C

Section: (none)

QUESTION 400

A weather forecasting company needs to process hundreds of gigabytes of data with sub-millisecond latency. The companyhas a high performance computing (HPC) environment in its data center and wants to expand its forecasting capabilities. A solutions architect must identify a highly available cloud storage solution that can handle large amounts of sustained throughputFiles that are stored in the solution should be accessible to thousands of compute instances that will simultaneously access and process the entire dataset.

What should the solutions architect do to meet these requirements?


A.       Use Amazon FSx for Lustre scratch file systems.

B.       Use Amazon FSx for Lustre persistent file systems.

C.      Use Amazon Elastic File System (Amazon EFS) with Bursting Throughput mode.

D.      Use Amazon Elastic File System (Amazon EFS) with Provisioned Throughput mode

 

Correct Answer: B

Section: (none)

您值得擁有最好的支援,立即聯絡 我們的專員!

分享至
成為作者繼續創作的動力吧!
© 2024 vocus All rights reserved.