search

A company is running a web-based game in two Availability Zones in the us-west-2 Region

1 Jahrs vor
Kommentare: 0
Ansichten: 167

QUESTION NO: 1
A company stores can wordings on a monthly basis Users access lie recorded files randomly within 1year of recording, but users rarely access the files after 1year. The company wants to optimize its solution by allowing only files that ant newer than 1year old to be queried and retrieved as quickly as possible. A delay in retrieving older fees is acceptable
Which solution meets these requirements MOST cost-effectively?

A. Store individual files in Amazon S3 Use S3 Lifecycle policies to move the files to S3 Glacier after
1year. Store search metadata in Amazon RDS Query the Sea from Amazon RDS Retrieve the files from Amazon S3 or S3 Glacier B. Store Individual files In Amazon S3 Store search metadata for each archive In Amazon S3 Use S3 Lifecycle policies to move the ties to S3 Glacier after 1 year Query and retrieve tie flies by searching for metadata from Amazon S3. C. Store individual files in Amazon S3 Glacier Store search metadata in object tags that are created in S3 Glacier Query the S3 Glacier tags to retrieve the files from S3 Glacier. D. Store individual files in Amazon S3. Use S3 Lifecycle polices to move the ties to S3 Glacier after
1year. Query and retrieve the files that are in Amazon S3 by using Amazon Athena. Query and retrieve the files that are in S3 Glacier by using S3 Glacier Select.

QUESTION NO: 2
A company has an on-premises MySQL database that handles transactional data The company is migrating the database to the AWS Cloud The migrated database must maintain compatibility with the company's applications that use the database The migrated database also must scale automatically during periods of increased demand.
Which migration solution will meet these requirements?

A. Use AWS Database Migration Service (AWS DMS) to migrate the database to Amazon Aurora Turn on Aurora Auto Scaling. B. Migrate the database to Amazon Redshift by using the mysqldump utility Turn on Auto Scaling for the Amazon Redshift cluster C. Use native MySQL tools to migrate the database to Amazon RDS for MySQL Configure elastic storage scaling D. Use AWS Database Migration Service (AWS DMS) to migrate the database to Amazon DynamoDB Configure an Auto Scaling policy.

QUESTION NO: 3
A company has deployed a multiplayer game for mobile devices. The game requires live location tracking of players based on latitude and longitude. The data store for the game must support rapid updates and retrieval of locations.
The game uses an Amazon RDS for PostgreSQL DB instance with read replicas to store the location dat
a. During peak usage periods, the database is unable to maintain the performance that is needed for reading and writing updates. The game's user base is increasing rapidly.
What should a solutions architect do to improve the performance of the data tier?

A. Take a snapshot of the existing DB instance. Restore the snapshot with Multi-AZ enabled. B. Deploy an Amazon ElastiCache for Redis cluster in front of the existing DB instance. Modify the game to use Redis. C. Deploy Amazon DynamoDB Accelerator (DAX) in front of the existing DB instance. Modify the game to use DAX. D. Migrate from Amazon RDS to Amazon Elasticsearch Service (Amazon ES) with Kibana.

QUESTION NO: 4
A company needs to run its external website on Amazon EC2 instances and on-premises virtualized servers The AWS environment has a 1 GB AWS Direct Connect connection to the data center The application has IP addresses that will not change The on-premises and AWS servers are able to restart themselves while maintaining the same IP address if a failure occurs Some website users have to add their vendors to an allow list, so the solution must have a fixed IP address The company needs a solution with the lowest operational overhead to handle this split traffic
What should a solutions architect do to meet these requirements?

A. Deploy an Amazon Route 53 Resolver with rules pointing to the on-premises and AWS IP addresses B. Deploy an Application Load Balancer on AWS Register the on-premises and AWS IP addresses with the target group C. Deploy a Network Load Balancer on AWS Create target groups for the on-premises and AWS IP addresses D. Deploy Amazon API Gateway to direct traffic to the on-premises and AWS IP addresses based on the header of the request

QUESTION NO: 5
A company has no existing file share services. A new project requires access to file storage that is mountable as a drive for on-premises desktops. The file server must authenticate users to an Active Directory domain before they are able to access the storage.
Which service will allow Active Directory users to mount storage as a drive on their desktops?

A. AWS Storage Gateway B. AWS DataSync C. AWS Snowball Edge D. Amazon S3 Glacier

QUESTION NO: 6
A solutions architect is creating an application that will handle batch processing of large amounts of data The input data will be held in Amazon S3 and the output data will be stored in a different S3 bucket For processing, the application will transfer the data over the network between multiple Amazon EC2 instances
What should the solutions architect do to reduce the overall data transfer costs?

A. Place all the EC2 Instances in private subnets in multiple Availability Zones B. Place ail the EC2 instances in the same Availability Zone C. Place ail the EC2 instances in an Auto Scaling group D. Place all the EC2 instances in the same AWS Region

QUESTION NO: 7
A medical records company is hosting an application on Amazon EC2 instances. The application processes customer data files that are stored on Amazon S3. The EC2 instances are hosted in public subnets. The EC2 instances access Amazon S3 over the internet, but they do not require any other network access.
A new requirement mandates that the network traffic for file transfers take a private route and not be sent over the internet.
Which change to the network architecture should a solutions architect recommend to meet this requirement"?

A. Create a NAT gateway. Configure the route table for the public subnets to send traffic to Amazon S3 through the NAT gateway. B. Remove the internet gateway from the VPC. Set up an AWS Direct Connect connection, and route traffic to Amazon S3 over the Direct Connect connection. C. Configure the security group for the EC2 instances to restrict outbound traffic so that only traffic to the S3 prefix list is permitted. D. Move the EC2 instances to private subnets. Create a VPC endpoint for Amazon S3, and link the endpoint to the route table for the private subnets

QUESTION NO: 8
A company is running a web-based game in two Availability Zones in the us-west-2 Region The web servers use an Application Load Balancer (ALB) in public subnets The ALB has an SSL certificate from AWS Certificate Manager (ACM) with a custom domain name The game is written in JavaScript and runs entirely in a user's web browser.
The game is increasing in popularity in many countries around the world The company wants to update the application architecture and optimize costs without compromising performance.
What should a solutions architect do to meet these requirements?

A. Use AWS CloudFormation to deploy the application stack to AWS Regions near countries where the game is popular Use ACM to create a new certificate for each application instance Use Amazon Route 53 with a geolocation routing policy to direct traffic to the local application instance. B. Use Amazon S3 and create an S3 bucket in AWS Regions near countries where the game is popular Deploy the HTML and JavaScript files to each S3 bucket Use ACM to create a new certificate for each S3 bucket Use Amazon Route 53 with a geolocation routing policy to direct traffic to the local S3 bucket C. Use Amazon CloudFront and create a global distribution that points to the ALB. Reuse the existing certificate from ACM for the CloudFront distribution Use Amazon Route 53 to update the application alias to point to the distribution D. Use Amazon S3 and create an S3 bucket in us-west-2 Deploy the HTML and JavaScript files to the S3 bucket Use

Correct Answer: C

Explanation: (Only visible for Pass4Test members)

QUESTION NO: 9
A company has a web application that users access from around the world The company has web servers in multiple AWS Regions to support the traffic A solutions architect must configure an Amazon Route 53 routing policy to send traffic to only the active web servers
Which configuration meets this requirement?

A. Create a multivalue answer routing policy that uses health checks for each Region B. Create a geoproximity routing policy with a health check bias of 99 for each Region C. Create a weighted routing policy with a health check weight of 100 for each Region D. Create a simple routing policy that uses health checks for each Region

QUESTION NO: 10
A company is running an application on AWS to process weather sensor data that is stored in an Amazon S3 bucket. Three batch jobs run hourly to process the data in the S3 bucket for different purposes. The company wants to reduce the overall processing time by running. The three applications in parallel using an event-based approach.
What should a solutions architect do to meet these requirements?

A. Enable S3 Event Notifications tor new objects to an Amazon Simple Notification Service (Amazon SNS) topic. Create an Amazon Simple Queue Service (Amazon SOS) queue for each application, and subscribe each queue to the topic for processing B. Enable S3 Event Notifications for new objects to separate Amazon Simple Queue Service (Amazon SOS) FIFO queues Create an additional SOS queue (or each application and subscribe each queue to the initial topic for processing C. Enable S3 Event Notifications for new objects to an Amazon Simple Queue Service (Amazon SOS) standard queue Create an additional SOS queue for all applications, and subscribe all applications to the meal queue for processing. D. Enable S3 Event Notifications for new objects to an Amazon Simple Queue Service (Amazon SOS) FIFO queue Subscribe al applications to the queue for processing.

QUESTION NO: 11
A company allows its developers to attach existing IAM policies to existing IAM roles to enable faster experimentation and agility. However, the security operations team is concerned that the developers could attach the existing administrator policy, which would allow the developers to circumvent any other security policies.
How should a solution architect address this issue?

A. Prevent the developers from attaching any policies and duties to the security option team. B. Create an Amazon SNS topic to send an alert every time a developer create a new policy. C. Use service control policies to disable IAM across all account in the organizational unit. D. Set an IAM permission boundary on the developer IAM role that explicitly denies of attaching the administrator policy

QUESTION NO: 12
A company has deployed a database in Amazon RDS for MySQL. Due to increased transactions, the database support team is reporting slow reads against the DB instance and recommends adding a read replica.
Which combination of actions should a solutions architect take before implementing this change? {Select TWO.)

A. Choose a failover priority for the source DB instance. B. Enable binlog replication on the RDS primary node. C. Allow long-running transactions to complete on the source DB instance. D. Enable automatic backups on the source instance by setting the backup retention period to a value other than 0. E. Create a global table and specify the AWS Regions where the table will be available.

QUESTION NO: 13
A company hosts an application on AWS. The application uses AWS Lambda functions and stores data in Amazon DynamoDB tables. The Lambda functions are connected to a VPC that does not have internet access.
The traffic to access DynamoDB must not travel across the internet. The application must have write access to only specific DynamoDB tables.
Which combination of steps should a solutions architect take to meet these requirements? (Select TWO.)

A. Create a resource-based 1AM policy to grant write access to only the specific DynamoDB tables. Attach the policy to the DynamoDB tables. B. Create a gateway VPC endpoint for DynamoDB that is associated with the Lambda VPC. Ensure that the Lambda execution role can access the gateway VPC endpoint. C. Attach a security group to the interface VPC endpoint to allow write access to only the specific DynamoDB tables. D. Create an interface VPC endpoint for DynamoDB that is associated with the Lambda VPC. Ensure that the Lambda execution role can access the interface VPC endpoint. E. Attach a VPC endpoint policy for DynamoDB to allow write access to only the specific DynamoDB tables.

QUESTION NO: 14
A company runs an internal browser-based application The application runs on Amazon EC2 instances behind an Application Load Balancer. The instances run in an Amazon EC2 Auto Scaling group across multiple Availability Zones. The Auto Scaling group scales up to 20 instances during work hours but scales down to 2 instances overnight Staff are complaining that the application is very slow when the day begins although it runs well by mid-morning.
How should the scaling be changed to address the staff complaints and keep costs to a minimum'?

A. Implement a step scaling action triggered at a lower CPU threshold, and decrease the cooldown period. B. Implement a scheduled action that sets the desired capacity to 20 shortly before the office opens C. Implement a scheduled action that sets the minimum and maximum capacity to 20 shortly before the office opens D. Implement a target tracking action triggered at a lower CPU threshold, and decrease the cooldown period.

QUESTION NO: 15
A Company has an application that provides marketing services to stores. The services are based on previous purchased by store customers. The stores upload transaction data to the company through SFTP, and the data is processed an analysed to generate new marketing offers. Some of the files can exceed 200 GB in size.
Recently, the company discovered that some of the stores have uploaded file that contains personality identifiable information (PII) that should not have included. The company wants administrators to be alerted if PII is shared again. The company also wants to automate remediation.

A. Use an Amazon S3 bucket as a secure transfer point. Use Amazon Macie to scan the objects in the bucket. If objects contain Pll. Use Amazon Simple Notification Service (Amazon SNS) to trigger a notification to the administrators to remove the objects mat contain Pll. B. Implement custom scanning algorithms in an AWS Lambda function. Trigger the function when objects are loaded into the bucket. If objects contain Pll. use Amazon Simple Email Service (Amazon STS) to trigger a notification to the administrators and trigger on S3 Lifecycle policy to remove the objects mot contain PII. C. Use an Amazon S3 bucket as a secure transfer point. Use Amazon Inspector to scan me objects in the bucket. If objects contain Pll. trigger an S3 Lifecycle policy to remove the objects that contain Pll. D. Implement custom scanning algorithms in an AWS Lambda function. Trigger the function when objects are loaded into the bucket. It objects contain Rll. use Amazon Simple Notification Service (Amazon SNS) to trigger a notification to the administrators to remove the objects that contain Pll.

QUESTION NO: 16
A company that primarily runs its application servers on premises has deeded to migrate to AWS. The company wants to minimize its need to scale its Internet Small Computer Systems Interface (iSCSI) storage on premises. The company wants only its recently accessed data to remain stored locally
Which AWS solution should the company use to meet these requirements?

A. AWS Storage Gateway Volume Gateway stored volumes B. AWS Storage Gateway Tape Gateway C. AWS Storage Gateway Volume Gateway cached volumes D. Amazon S3 File Gateway

QUESTION NO: 17
A company needs to move data from an Amazon EC2 instance to an Amazon S3 bucket. The company mutt ensure that no API calls and no data aim routed through public internet routes Only the EC2 instance can have access to upload data to the S3 bucket.
Which solution will meet these requirements?

A. Run the nslookup toot from inside the EC2 instance to obtain the private IP address of the S3 bucket's service API endpoint Create a route in the VPC route table to provide the EC2 instance with access to the S3 bucket Attach a resource policy to the S3 bucket to only allow the EC2 instance's AM role for access B. Use the AWS provided publicly available ip-ranges |son file to obtam the pnvate IP address of the S3 bucket's service API endpoint Create a route in the VPC route table to provide the EC2 instance with access to the S3 bucket Attach a resource policy to the S3 bucket to only allow the EC2 instance's 1AM role for access C. Create a gateway VPC endpoinl for Amazon S3 in the Availability Zone where the EC2 instance is located Attach appropriate security groups to the endpoint Attach a resource policy to the S3 bucket to only allow the EC2 instance's lAM tote for access D. Create an interlace VPC endpoinl for Amazon S3 in the subnet where the EC2 instance is located Attach a resource policy to the S3 bucket to only allow the EC2 instance's 1AM rote for access

QUESTION NO: 18
A company has an application that calls AWS Lambda functions. A recent code review found database credentials stored in the source code. The database credentials needs to be removed from the Lambda source code. The credentials must then be securely stored and rotated on a on-going basis to meet security policy requirements.
What should a solutions architect recommend meet these requirements?

A. Store the password in AWS Secrets Manager . A associate the Lambda function with a role that can retrieve the password from secrets Manager given its secret ID. B. Store the password in AWS Key Management Service (AWS KMS). Associate the Lambda function with a role that can retrieve the password from AWS KMS given its key ID. C. Store the password in AWS CloudHSM. Associate the Lambda function with a role that can review the password from CloudHSM given key ID. D. Move the database password to an environment variable associate the Lambda function Retrieve the password from the environment variable upon execution.

QUESTION NO: 19
A company runs an AWS Lambda function in private subnets in a VPC The subnets have a default route to the internet through an Amazon EC2 NAT instance The Lambda function processes input data and saves its output as an object to Amazon S3
intermittently the Lambda function times out while trying to upload the object because of saturated traffic on the NAT instance's network The company wants to access Amazon S3 without traversing the internet
Which solution will meet these requirements'

A. Increase the size of the EC2 NAT instance in the VPC to a network optimized instance type B. Provision a gateway endpoint for Amazon S3 in the VPC Update the route tables of the subnets accordingly C. Replace the fcC2 NAT instance with an AWS managed NAT gateway D. Provision a transit gateway Place transit gateway attachments in the private subnets where the Lambda function is running

QUESTION NO: 20
A company's web application is running on Amazon EC2 instances behind an application Load Balancer. The company changed its policy., which now requires the application to be accessed from one specific country only.
Which configuration will meet this requirement?

A. Configure the security group on the Application Load Balancer B. Configure the network ACL for the subnet that contains the EC2 instances C. Configure the security group for the EC2 Instances D. Configure AWS WAF on the Application Load Balancer in a VPC

QUESTION NO: 21
A company has designed an application where users provide small sets of textual data by calling a public API The application runs on AWS and includes a public Amazon API Gateway API that forwards requests to an AWS Lambda function for processing The Lambda function then writes the data to an Amazon Aurora Serverless database for consumption
The company is concerned that it could lose some user data it a Lambda function fails to process the request property or reaches a concurrency limit.
What should a solutions architect recommend to resolve this concern?

A. Configure the Lambda function to receive API Gateway requests and write relevant items to Amazon ElastiCache Configure ElastiCache to save the data into Aurora B. Split the existing Lambda function into two Lambda functions Configure one function to receive API Gateway requests and put relevant items into Amazon Simple Notification Service (Amazon SNS) Configure the other function to read items from Amazon SNS and save the data into Aurora C. Increase the memory for the Lambda function Configure Aurora to use the Multi-AZ feature D. Split the existing Lambda function into two Lambda functions Configure one function to receive API Gateway requests and put relevant items into Amazon Simple Queue Service (Amazon SQS) Configure the other function to read items from Amazon SQS and save the data into Aurora

QUESTION NO: 22
At part of budget planning. management wants a report of AWS billed dams listed by user. The data will be used to create department budgets. A solution architect needs to determine the most efficient way to obtain this report Information
Which solution meets these requirement?

A. Modify a cost budget in AWS Budgets to alert with Amazon Simple Email Service (Amazon SES). B. Access the bill details from me tuning dashboard and download Via bill. C. Run a query with Amazon Athena to generate the report. D. Create a report in Cost Explorer and download the report

QUESTION NO: 23
A company is planning to build a new web application on AWS The company expects predictable traffic most of the year and very high traffic on occasion. The web application needs to be highly available and fault tolerant with minimal latency.
What should a solutions architect recommend to meet these requirements?

A. Use Amazon EC2 instances in an Auto Scaling group with an Application Load Balancer across multiple Availability Zones B. Use Amazon EC2 instances in a cluster placement group and include the cluster placement group within a new Auto Scaling group C. Use an Amazon Route 53 routing policy to distribute requests to two AWS Regions each with one Amazon EC2 instance D. Use Amazon EC2 instances in a cluster placement group with an Application Load Balancer across multiple Availability Zones

QUESTION NO: 24
A solutions architect is designing a multi-tier application for a company. The application's users upload images from a mobile device. The application generates a thumbnail of each image and returns a message to the user to confirm that the image was uploaded successfully.
The thumbnail generation can take up to 60 seconds, but the company wants to provide a faster response time to its users to notify them that the original image was received. The solutions architect must design the application to asynchronously dispatch requests to the different application tiers.
What should the solutions architect do to meet these requirements?

A. Write a custom AWS Lambda function to generate the thumbnail and alert the user. Use the image upload process as an event source to invoke the Lambda function. B. Create an AWS Step Functions workflow Configure Step Functions to handle the orchestration between the application tiers and alert the user when thumbnail generation is complete C. Create Amazon Simple Notification Service (Amazon SNS) notification topics and subscriptions Use one subscription with the application to generate the thumbnail after the image upload is complete. Use a second subscription to message the user's mobile app by way of a push notification after thumbnail generation is complete. D. Create an Amazon Simple Queue Service (Amazon SQS) message queue. As images are uploaded, place a message on the SQS queue for thumbnail generation. Alert the user through an application message that the image was received

QUESTION NO: 25
A company runs en application on a large fleet of Amazon EC2 instances. The application reads and write entries into an Amazon DynamoDB table The size of the OynamoDB table continuously grows but the application needs only data from the last 30 days The company needs a solution that minimizes cost and development effort
Which solution meets these requirements'?

A. Use an EC2 instance that runs a monitoring application from AWS Marketplace Configure the monitoring application to use Amazon DynamoOB Streams to store the timestamp when a new item is created in the table Use a script that runs on the EC2 instance to delete items that have a timestamp that is older than 30 days B. Configure Amazon DynamoDB Streams to invoke an AWS Lambda function when a new item is created in the table Configure the Lambda function to delete items m the table that are older than 30 days C. Use an AWS CloudFormation template to deploy the complete solution Redeploy the Cloud Formation stack every 30 days, and delete the original stack D. Extend the application to add an attribute that has a value of the current timestamp plus 30 days to each new item that is created in the table Configure DynamoDB to use the attribute as the TTL attribute

QUESTION NO: 26
A bicycle sharing company is developing a multi-tier architecture to track the location of its bicycles during peak operating hours The company wants to use these data points in its existing analytics platform A solutions architect must determine the most viable multi-tier option to support this architecture The data points must be accessible from the REST API.
Which action meets these requirements for storing and retrieving location data?

A. Use Amazon API Gateway with AWS Lambda B. Use Amazon API Gateway with Amazon Kinesis Data Analytics C. Use Amazon QuickSight with Amazon Redshift. D. Use Amazon Athena with Amazon S3

QUESTION NO: 27
A company that recently started using AWS establishes a Site-to-Site VPN between its on-premises data center and AWS. The company's security mandate states that traffic originating from on premises should stay within the company's private IP space when communicating with an Amazon Elastic Container Service (Amazon ECS) cluster that is hosting a sample web application.
Which solution meets this requirement?

A. Configure an Amazon Route record with Amazon ECS as the target. Apply a server certificate to Route 53 from AWS Certificate Manager (ACM) for SSL offloading. B. Configure a gateway endpoint for Amazon ECS. Modify the route table to include an entry pointing to the ECS cluster. C. Create a Network Load Balancer and AWS PrivateLink endpoint for Amazon ECS in the same VPC that is hosting the ECS cluster. D. Create a Network Load Balancer in one VPC and an AWS PrivateLink endpoint for Amazon ECS in another VPC. Connect the two by using VPC peering.

QUESTION NO: 28
A company's website handles millions of requests each day and the number of requests continues to increase. A solutions architect needs to improve the response time of the web application. The solutions architect determines that the application needs to decrease latency when retrieving product details from the Amazon DynamoDB table
Which solution will meet these requirements with the LEAST amount of operational overhead?

A. Set up Amazon ElastrCachertor Memcached between the DynamoDB table and the web application Route all read requests through Memcached. B. Set up Amazon DynamoDB streams on the table and have AWS Lambda read from the table and populate Amazon ElastiCache Route all read requests through ElastiCache C. Set up a DynamoDB Accelerator (DAX) cluster Route all read requests through DAX. D. Set up Amazon ElastiCache for Redis between the DynamoDB table and the web application Route all read requests through Redis.

QUESTION NO: 29
A company stores project information in a shared spreadsheet. The company wants to create a web application to replace the spreadsheet The company has chosen Amazon DynamoDB to store the spreadsheet's data and is designing the web application to display the project information that is obtained from DynamoDB.
A solutions architect must design the web application's backend by using managed services that require minimal operational maintenance.
Which architectures meet these requirements? (Select TWO.)

A. An Amazon API Gateway REST API invokes an AWS Lambda function. The Lambda function accesses DynamoDB. B. An Amazon Route 53 hosted zone routes requests to an AWS Lambda endpoint to invoke a Lambda function that accesses DynamoDB. C. An Elastic Load Balancer forwards requests to a target group with DynamoDB set up as the target. D. An Amazon API Gateway REST API accesses the project information that is in DynamoDB. E. An Elastic Load Balancer forwards requests to a target group of Amazon EC2 instances The EC2 instances run an application that accesses DynamoDB.

QUESTION NO: 30
A company is implementing a shared storage solution for a media application that is hosted m the AWS Cloud The company needs the ability to use SMB clients to access data The solution must he fully managed.
Which AWS solution meets these requirements?

A. Create an Amazon FSx for Windows File Server tile system Attach the fie system to the origin server. Connect the application server to the tile system B. Create an Amazon EC2 Windows instance Install and configure a Windows file share role on the instance. Connect the application server to the file share. C. Create an AWS Storage Gateway volume gateway. Create a file share that uses the required client protocol Connect the application server to the tile share. D. Create an AWS Storage Gateway tape gateway Configure (apes to use Amazon S3 Connect the application server lo the tape gateway

QUESTION NO: 31
A company has migrated an application to Amazon EC2 Linux instances. One of these EC2 instances runs several 1-hour tasks on a schedule. These tasks were written by different teams and have no common programming language. The company is concerned about performance and scalability while these tasks run on a single instance. A solutions architect needs to implement a solution to resolve these concerns.
Which solution will meet these requirements with the LEAST operational overhead?

A. Copy the tasks into AWS Lambda functions. Schedule the Lambda functions by using Amazon EventBridge (Amazon CloudWatch Events). B. Create an Amazon Machine Image (AMI) of the EC2 instance that runs the tasks. Create an Auto Scaling group with the AMI to run multiple copies of the instance. C. Use AWS Batch to run the tasks as jobs. Schedule the jobs by using Amazon EventBridge (Amazon CloudWatch Events). D. Convert the EC2 instance to a container. Use AWS App Runner to create the container on demand to run the tasks as jobs.

QUESTION NO: 32
A company hosts its website on AWS To address the highly variable demand the company has implemented Amazon EC2 Auto Scaling Management is concerned that the company Is over-prows toning its infrastructure, especially at the front end of the three-tier application. A solutions architect needs to ensure costs are optimized without impacting performance.
What should the solutions architect do to accomplish this?

A. Use Auto Scaling with the suspend-resume feature. B. Use Auto Scaling with Reserved Instances C. Use Auto Scaling with a target tracking scaling policy D. Use Auto Scaling with a scheduled scaling policy

QUESTION NO: 33
A company is running an online transaction processing (OLTP) workload on AWS This workload uses an unencrypted Amazon RDS DB instance in a Multi-AZ deployment Dairy database snapshots are taken from this instance
What should a solutions architect do to ensure the database and snapshots are always encrypted moving forward?

A. Copy the snapshots to an Amazon S3 bucket that is encrypted using server-side encryption with AWS Key Management Service (AWS KMS) managed keys (SSE-KMS) B. Encrypt a copy of the latest DB snapshot. Replace existing DB instance by restoring the encrypted snapshot C. Create a new encrypted Amazon Elastic Block Store (Amazon EBS) volume and copy the snapshots to it Enable encryption on the DB instance D. Copy the snapshots and enable encryption using AWS Key Management Service (AWS KMS) Restore encrypted snapshot to an existing DB instance

QUESTION NO: 34
A company has an Amazon S3 bucket that contains confidential information in its production AWS account The company has turned on AWS CloudTrail for the account. The account sends a copy of its logs to Amazon CloudWatch Logs. The company has configured the S3 bucket to log read and write data events.
A company auditor discovers that some objects in the S3 bucket have been deleted A solutions architect must provide the auditor with information about who deleted the objects
What should the solutions architect do to provide this information?

A. Create a CloudWatch Logs fitter to extract the S3 write API calls against the S3 bucket B. Use AWS Trusted Advisor to perform security checks for S3 writ API calls that deleted the content C. Query the CloudTrail togs with Amazon Athena to identify the S3 write API calls against the S3 bucket D. Use AWS Config to track configuration changes on the S3 bucket Use these details to track the S3 write API calls that deleted the content

QUESTION NO: 35
A ride-sharing company stores historical service usage data as structured csv data files in Amazon S3 A data analyst needs to perform SQL queries on this data A solutions architect must recommend a solution that optimizes cost-effectiveness for the queries Which solution meets these requirements?

A. Create an Amazon Redshift cluster import the data Perform the queries B. Create an Amazon Aurora PostgreSQL DB cluster Import the data Perform the queries C. Create an Amazon Athena database Associate the data in Amazon S3 Perform the queries D. Create an Amazon EMR cluster Load the data Perform the queries

Correct Answer: C

Explanation: (Only visible for Pass4Test members)

QUESTION NO: 36
A company is launching a new application and will display application metrics on an Amazon CloudWatch dashboard. The company's product manager needs to access this dashboard periodically. The product manager does not have an AWS account. A solution architect must provide access to the product manager by following the principle of least privilege.
Which solution will meet these requirements?

A. Deploy a bastion server in a public subnet. When the product manager requires access to the dashboard, start the server and share the RDP credentials. On the bastion server, ensure that the browser is configured to open the dashboard URL with cached AWS credentials that have appropriate permissions to view the dashboard. B. Create an IAM user specifically for the product manager. Attach the CloudWatch Read Only Access managed policy to the user. Share the new login credential with the product manager. Share the browser URL of the correct dashboard with the product manager. C. Create an IAM user for the company's employees, Attach the View Only Access AWS managed policy to the IAM user. Share the new login credentials with the product manager. Ask the product manager to navigate to the CloudWatch console and locate the dashboard by name in the Dashboards section. D. Share the dashboard from the CloudWatch console. Enter the product manager's email address, and complete the sharing steps. Provide a shareable link for the dashboard to the product manager.

QUESTION NO: 37
A company wants an AWS Lambda function to call a third-party API and save the response to a private Amazon ROS DB instance in the same private subnet
What should a solutions architect do to meet these requirements?

A. Create an internet gateway in the route table for the private subnet, add a route to the internet gateway Attach the Lambda function to the private subnet Create an IAM role that includes the AWSLambdaVPCAccessExecutionRole permissions policy Attach the role to the Lambda function B. Create an internet gateway In the route table for the private subnet, add a route to the internet gateway Attach the Lambda function to the private subnet Create an IAM role that includes me AWSLambdaBasicExecutionRole permissions policy Attach the role to the Lambda function C. Create a NAT gateway. In the route table for the private subnet, add a route to the NAT gateway. Attach the Lambda function to the private subnet. Create an IAM role that includes the AWSLambdaBasicExecutionRole permissions policy Attach the role to the Lambda function D. Create a NAT gateway In the route table for the private subnet add a route to the NAT gateway Attach the Lambda function to the private subnet. Create an IAM role that includes the AWS LambdaVPCAccessExecutionRole permissions policy Attach the role to the Lambda function

QUESTION NO: 38
A company collects 10 GB of telemetry data dairy from various machines. The company stores the data in an Amazon S3 bucket in a source data account.
The company has hired several consuming agencies to use this data for analysis. Each agency needs read access to the data for its analysis. The company must share the data from tie source data account by choosing a solution that maximizes security and operational efficiency. Which solution will meet these requirements?

A. Make the S3 bucket public for a limited time Inform only the agencies B. Configure cross-account access for the S3 bucket to the accounts that the agencies own. C. Configure S3 global tables to replicate data tor each agency D. Set up an IAM user for each analyst In the source data account Grant each user access to the S3 bucket

QUESTION NO: 39
A company is planning to host its compute-intensive applications on Amazon EC2 instances. The majority of the network traffic will be between these applications The company needs a solution that minimizes latency and maximizes network throughput The underlying hardware for the EC2 instances must not be shared with any other company
Which solution will meet these requirements?

A. Launch EC2 instances as Dedicated Instances in a cluster placement group B. Launch EC2 instances as Dedicated Instances in a partition placement group C. Launch EC2 instances as Dedicated Hosts in a partition placement group D. Launch EC2 instances as Dedicated Hosts in a cluster placement group

QUESTION NO: 40
An ecommerce company uses an Amazon Aurora DB cluster to store customer transactions. The company also maintains a separate Amazon DynamoDB table that contains item sales information The company wants the DB cluster to invoke a recently deployed AWS Lambda function to update the DynamoDB table every time a row is inserted into the database
Which combination of steps should a solutions architect take to meet these requirements? (Select TWO.)

A. Ensure that the Lambda function has an IAM role that allows Lambda to invoke functions on the DB cluster B. Modify the DB cluster to allow outbound communication to the DynamoDB table C. Modify the Lambda function to allow outbound communication to the DB cluster D. Modify the DB cluster to allow outbound communication to the Lambda function. E. Ensure that the DB cluster has an IAM role that allows the DB cluster to invoke Lambda functions.

QUESTION NO: 41
A company has an ecommerce application that stores data in an on-premises SQL database. The company has decided to migrate this database to AWS. However, as part of the migration, the company wants to find a way to attain sub-millisecond responses to common read requests
A solutions architect knows that the increase in speed is paramount and that a small percentage of stale data returned in the database reads is acceptable.
What should the solutions architect recommend'?

A. Build a database cache using Amazon ElastiCache B. Build Amazon RDS read replicas. C. Build a database cache using Amazon Elasticsearch Service (Amazon ES). D. Build the database as a larger instance type.

QUESTION NO: 42
A company needs to store 160TB of data for an indefinite of time. The company must be able to use standard SQL and business intelligence tools to query all of the dat
a. The data will be queried no more than twice each month.
What is the MOST cost-effective solution that meets these requirements?

A. Store the data in Amazon S3. Use AWS Glue. Amazon Athena. IDBC and COBC drivers to query the data. B. Store a subnet of the data in Amazon Redshift, and store the remaining data in Amazon S3. Use Amazon Redshift Spectrum to query the S3 data. C. Store the data in Amazon Aurora Serverles with MySQL . Use an SQL client to query the data. D. Store the data in an Amazon EMR cluster with EMR File System (EMRFS) as the storage layer use Apache Presto to query the data.

company running web-based game availability zones us-west-2 region

zusammenhängende Posts

Which of the following accounting principles prescribes that a company record its expenses
Which of the following accounting principles prescribes that a company record its expenses

Which of the following items will require a journal entry to the company books?
Which of the following items will require a journal entry to the company books?

Which company was the central focus of the Hawthorne studies of the late 1920s?
Which company was the central focus of the Hawthorne studies of the late 1920s?

The first budget a company prepares in a master budget is the production budget
The first budget a company prepares in a master budget is the production budget

How many units would the company have to sell to attain target profits of rs. 600,000?
How many units would the company have to sell to attain target profits of rs. 600,000?

How did the company raise sufficient funds to outfit the expedition to north america?
How did the company raise sufficient funds to outfit the expedition to north america?

When a company participates in lean thinking they evaluate current practices to
When a company participates in lean thinking they evaluate current practices to

A companys center of gravity is usually the point at which the company started.
A companys center of gravity is usually the point at which the company started.

Differences in view of an employee within a company about the correct judgement
Differences in view of an employee within a company about the correct judgement

Which two strategies become less viable as competition increases for a company?
Which two strategies become less viable as competition increases for a company?

Werbung

NEUESTEN NACHRICHTEN

Which list below contains only information systems development project risk factors?
1 Jahrs vor . durch MaleAllocation
Controlling measures the of actual performance from the standard performance
1 Jahrs vor . durch BrokenDeficiency
Welche Elemente kommen im menschlichen Körper vor?
1 Jahrs vor . durch LeveragedAvarice
Mit anzusehen wenn der mann anbaut
1 Jahrs vor . durch GubernatorialFreestyle
Second Hand Kinder in der Nähe
1 Jahrs vor . durch Tax-freeChemotherapy
Which of the following statements is true regarding surface-level diversity?
1 Jahrs vor . durch CracklingLordship
Wie wird man im Solarium am besten braun?
1 Jahrs vor . durch FlushedDemeanor
When giving a speech of presentation you should usually explain why the recipient is being given his or her award?
1 Jahrs vor . durch DentalSnail
Wie lange ist 3 tage fieber ansteckend
1 Jahrs vor . durch ObsessiveRedemption
Was sagt man wenn jemand in rente geht
1 Jahrs vor . durch SubjectiveCriminality

Werbung

Populer

Werbung

Um

Legal

Hilfe

Sozial

homeendefrjakoptzhhi
Urheberrechte © © 2024 decemle Inc.