SAA-C02 : AWS Certified Solutions Architect – Associate SAA-C02 : Part 19

  1. An application allows users at a company’s headquarters to access product data. The product data is stored in an Amazon RDS MySQL DB instance. The operations team has isolated an application performance slowdown and wants to separate read traffic from write traffic. A solutions architect needs to optimize the application’s performance quickly.

    What should the solutions architect recommend?

    • Change the existing database to a Multi-AZ deployment. Serve the read requests from the primary Availability Zone.
    • Change the existing database to a Multi-AZ deployment. Serve the read requests from the secondary Availability Zone.
    • Create read replicas for the database. Configure the read replicas with half of the compute and storage resources as the source database.
    • Create read replicas for the database. Configure the read replicas with the same compute and storage resources as the source database.
  2. A company is using Amazon DynamoDB with provisioned throughput for the database tier of its ecommerce website. During flash sales, customers experience periods of time when the database cannot handle the high number of transactions taking place. This causes the company to lose transactions. During normal periods, the database performs appropriately.

    Which solution solves the performance problem the company faces?

    • Switch DynamoDB to on-demand mode during flash sales.
    • Implement DynamoDB Accelerator for fast in memory performance.
    • Use Amazon Kinesis to queue transactions for processing to DynamoDB.
    • Use Amazon Simple Queue Service (Amazon SQS) to queue transactions to DynamoDB.
  3. A company is reviewing a recent migration of a three-tier application to a VPC. The security team discovers that the principle of least privilege is not being applied to Amazon EC2 security group ingress and egress rules between the application tiers.

    What should a solutions architect do to correct this issue?

    • Create security group rules using the instance ID as the source or destination.
    • Create security group rules using the security group ID as the source or destination.
    • Create security group rules using the VPC CIDR blocks as the source or destination.
    • Create security group rules using the subnet CIDR blocks as the source or destination.
  4. A company requires that all versions of objects in its Amazon S3 bucket be retained. Current object versions will be frequently accessed during the first 30 days, after which they will be rarely accessed and must be retrievable within 5 minutes. Previous object versions need to be kept forever, will be rarely accessed, and can be retrieved within 1 week. All storage solutions must be highly available and highly durable.

    What should a solutions architect recommend to meet these requirements in the MOST cost-effective manner?

    • Create an S3 lifecycle policy for the bucket that moves current object versions from S3 Standard storage to S3 Glacier after 30 days and moves previous object versions to S3 Glacier after 1 day.
    • Create an S3 lifecycle policy for the bucket that moves current object versions from S3 Standard storage to S3 Glacier after 30 days and moves previous object versions to S3 Glacier Deep Archive after 1 day.
    • Create an S3 lifecycle policy for the bucket that moves current object versions from S3 Standard storage to S3 Standard-infrequent Access (S3 Standard-IA) after 30 days and moves previous object versions to S3 Glacier Deep Archive after 1 day.
    • Create an S3 lifecycle policy for the bucket that moves current object versions from S3 Standard storage to S3 One Zone-Infrequent Access (S3 One Zone-IA) after 30 days and moves previous object versions to S3 Glacier Deep Archive after 1 day.
  5. A development team is collaborating with another company to create an integrated product. The other company needs to access an Amazon Simple Queue Service (Amazon SQS) queue that is contained in the development team’s account. The other company wants to poll the queue without giving up its own account permissions to do so.

    How should a solutions architect provide access to the SQS queue?

    • Create an instance profile that provides the other company access to the SQS queue.
    • Create an IAM policy that provides the other company access to the SQS queue.
    • Create an SQS access policy that provides the other company access to the SQS queue.
    • Create an Amazon Simple Notification Service (Amazon SNS) access policy that provides the other company access to the SQS queue.
  6. A company is developing a video conversion application hosted on AWS. The application will be available in two tiers: a free tier and a paid tier. Users in the paid tier will have their videos converted first and then the tree tier users will have their videos converted.

    Which solution meets these requirements and is MOST cost-effective?

    • One FIFO queue for the paid tier and one standard queue for the free tier.
    • A single FIFO Amazon Simple Queue Service (Amazon SQS) queue for all file types.
    • A single standard Amazon Simple Queue Service (Amazon SQS) queue for all file types.
    • Two standard Amazon Simple Queue Service (Amazon SQS) queues with one for the paid tier and one for the free tier.
  7. An administrator of a large company wants to monitor for and prevent any cryptocurrency-related attacks on the company’s AWS accounts.

    Which AWS service can the administrator use to protect the company against attacks?

    • Amazon Cognito
    • Amazon GuardDuty
    • Amazon Inspector
    • Amazon Macie
  8. A company has applications hosted on Amazon EC2 instances with IPv6 addresses. The applications must initiate communications with other external applications using the internet. However, the company’’s security policy states that any external service cannot initiate a connection to the EC2 instances. What should a solutions architect recommend to resolve this issue?

    • Create a NAT gateway and make it the destination of the subnet’s route table.
    • Create an internet gateway and make it the destination of the subnet’s route table.
    • Create a virtual private gateway and make it the destination of the subnet’s route table.
    • Create an egress-only internet gateway and make it the destination of the subnet’s route table.
  9. A company provides an online service for posting video content and transcoding it for use by any mobile platform. The application architecture uses Amazon Elastic File System (Amazon EFS) Standard to collect and store the videos so that multiple Amazon EC2 Linux instances can access the video content for processing. As the popularity of the service has grown over time, the storage costs have become too expensive.

    Which storage solution is MOST cost-effective?

    • Use AWS Storage Gateway for files to store and process the video content.
    • Use AWS Storage Gateway for volumes to store and process the video content.
    • Use Amazon Elastic File System (Amazon EFS) for storing the video content. Once processing is complete, transfer the files to Amazon Elastic Block Store (Amazon EBS).
    • Use Amazon S3 for storing the video content. Move the files temporarily over to an Amazon ElasticBlock Store (Amazon EBS) volume attached to the server for processing.
  10. A company wants to host its web application on AWS using multiple Amazon EC2 instances across different AWS Regions. Since the application content will be specific to each geographic region, the client requests need to be routed to the server that hosts the content for that clients Region.

    What should a solutions architect do to accomplish this?

    • Configure Amazon Route 53 with a latency routing policy.
    • Configure Amazon Route 53 with a weighted routing policy.
    • Configure Amazon Route 53 with a geolocation routing policy.
    • Configure Amazon Route 53 with a multivalue answer routing policy
  11. A solutions architect is planning the deployment of a new static website. The solution must minimize costs and provide at least 99% availability. Which solution meets these requirements?

    • Deploy the application to an Amazon S3 bucket in one AWS Region that has versioning disabled.
    • Deploy the application to Amazon EC2 instances that run in two AWS Regions and two Availability Zones.
    • Deploy the application to an Amazon S3 bucket that has versioning and cross-Region replication enabled.
    • Deploy the application to an Amazon EC2 instance that runs in one AWS Region and one Availability Zone.
  12. A recently created startup built a three-tier web application. The front end has static content. The application layer is based on microservices. User data is stored as JSON documents that need to be accessed with low latency. The company expects regular traffic to be low during the first year, with peaks in traffic when it publicizes new features every month. The startup team needs to minimize operational overhead costs.

    What should a solutions architect recommend to accomplish this?

    • Use Amazon S3 static website hosting to store and serve the front end. Use AWS Elastic Beanstalk for the application layer. Use Amazon DynamoDB to store user data.
    • Use Amazon S3 static website hosting to store and serve the front end. Use Amazon Elastic KubernetesService (Amazon EKS) for the application layer. Use Amazon DynamoDB to store user data.
    • Use Amazon S3 static website hosting to store and serve the front end. Use Amazon API Gateway and AWS Lambda functions for the application layer. Use Amazon DynamoDB to store user data.
    • Use Amazon S3 static website hosting to store and serve the front end. Use Amazon API Gateway and AWS Lambda functions for the application layer. Use Amazon RDS with read replicas to store user data.
  13. A company is building a payment application that must be highly available even during regional service disruptions. A solutions architect must design a data storage solution that can be easily replicated and used in other AWS Regions. The application also requires low-latency atomicity, consistency, isolation, and durability (ACID) transactions that need to be immediately available to generate reports The development team also needs to use SQL.

    Which data storage solution meets these requirements?

    • Amazon Aurora Global Database
    • Amazon DynamoDB global tables
    • Amazon S3 with cross-Region replication and Amazon Athena
    • MySQL on Amazon EC2 instances with Amazon Elastic Block Store (Amazon EBS) snapshot replication
  14. A company stores call recordings on a monthly basis. Statistically, the recorded data may be referenced randomly within a year but accessed rarely after 1 year. Files that are newer than 1 year old must be queried and retrieved as quickly as possible. A delay in retrieving older files is acceptable. A solutions architect needs to store the recorded data at a minimal cost.

    Which solution is MOST cost-effective?

    • Store individual files in Amazon S3 Glacier and store search metadata in object tags created in S3 Glacier Query S3 Glacier tags and retrieve the files from S3 Glacier.
    • Store individual files in Amazon S3. Use lifecycle policies to move the files to Amazon S3 Glacier after1 year. Query and retrieve the files from Amazon S3 or S3 Glacier.
    • Archive individual files and store search metadata for each archive in Amazon S3. Use lifecycle policies to move the files to Amazon S3 Glacier after 1 year. Query and retrieve the files by searching for metadata from Amazon S3.
    • Archive individual files in Amazon S3. Use lifecycle policies to move the files to Amazon S3 Glacier after 1 year. Store search metadata in Amazon DynamoDB. Query the files from DynamoDB and retrieve them from Amazon S3 or S3 Glacier.
  15. A company is developing a new machine learning model solution in AWS. The models are developed as independent microservices that fetch about 1 GB of model data from Amazon S3 at startup and load the data into memory. Users access the models through an asynchronous API. Users can send a request or a batch of requests and specify where the results should be sent.

    The company provides models to hundreds of users. The usage patterns for the models are irregular Some models could be unused for days or weeks. Other models could receive batches of thousands of requests at a time.

    Which solution meets these requirements?

    • The requests from the API are sent to an Application Load Balancer (ALB). Models are deployed as AWS Lambda functions invoked by the ALB.
    • The requests from the API are sent to the models Amazon Simple Queue Service (Amazon SQS) queue. Models are deployed as AWS Lambda functions triggered by SQS events AWS Auto Scaling is enabled on Lambda to increase the number of vCPUs based on the SQS queue size.
    • The requests from the API are sent to the model’s Amazon Simple Queue Service (Amazon SQS) queue. Models are deployed as Amazon Elastic Container Service (Amazon ECS) services reading from the queue AWS App Mesh scales the instances of the ECS cluster based on the SQS queue size.
    • The requests from the API are sent to the models Amazon Simple Queue Service (Amazon SQS) queue. Models are deployed as Amazon Elastic Container Service (Amazon ECS) services reading from the queue AWS Auto Scaling is enabled on Amazon ECS for both the cluster and copies of the service based on the queue size.
  16. A company has no existing file share services. A new project requires access to file storage that is mountable as a drive for on-premises desktops. The file server must authenticate users to an Active Directory domain before they are able to access the storage.

    Which service will allow Active Directory users to mount storage as a drive on their desktops?

    • Amazon S3 Glacier
    • AWS DataSync
    • AWS Snowball Edge
    • AWS Storage Gateway
  17. A company is preparing to launch a public-facing web application in the AWS Cloud. The architecture consists of Amazon EC2 instances within a VPC behind an Elastic Load Balancer (ELB). A third party service is used for the DNS. The company’s solutions architect must recommend a solution to detect and protect against largescale DDoS attacks.

    Which solution meets these requirements?

    • Enable Amazon GuardDuty on the account.
    • Enable Amazon Inspector on the EC2 instances.
    • Enable AWS Shield and assign Amazon Route 53 to it.
    • Enable AWS Shield Advanced and assign the ELB to it.
  18. A company has a custom application with embedded credentials that retrieves information from an Amazon RDS MySQL DB instance. Management says the application must be made more secure with the least amount of programming effort.

    What should a solutions architect do to meet these requirements?

    • Use AWS Key Management Service (AWS KMS) customer master keys (CMKs) to create keys. Configure the application to load the database credentials from AWS KMS. Enable automatic key rotation.
    • Create credentials on the RDS for MySQL database for the application user and store the credentials in AWS Secrets Manager. Configure the application to load the database credentials from Secrets Manager. Create an AWS Lambda function that rotates the credentials in Secret Manager.
    • Create credentials on the RDS for MySQL database for the application user and store the credentials in AWS Secrets Manager. Configure the application to load the database credentials from Secrets Manager. Set up a credentials rotation schedule for the application user in the RDS for MySQL database using Secrets Manager.
    • Create credentials on the RDS for MySQL database for the application user and store the credentials in AWS Systems Manager Parameter Store. Configure the application to load the database credentials from Parameter Store. Set up a credentials rotation schedule for the application user in the RDS for MySQL database using Parameter Store.
  19. A company is running a multi-tier web application on AWS. The application runs its database tier on Amazon Aurora MySQL. The application and database tiers are in the us-east-1 Region. A database administrator who regularly monitors the Aurora DB cluster finds that an intermittent increase in read traffic is creating high CPUutilization on the read replica and causing increased read latency of the application.

    What should a solutions architect do to improve read scalability?

    • Reboot the Aurora DB cluster.
    • Create a cross-Region read replica
    • Increase the instance class of the read replica.
    • Configure Aurora Auto Scaling for the read replica.
  20. A company’s order fulfillment service uses a MySQL database. The database needs to support a large number of concurrent queries and transactions. Developers are spending time patching and tuning the database This is causing delays in releasing new product features.

    The company wants to use cloud-based services to help address this new challenge. The solution must allow the developers to migrate the database with little or no code changes and must optimize performance.

    Which service should a solutions architect use to meet these requirements?

    • Amazon Aurora
    • Amazon DynamoDB
    • Amazon ElastiCache
    • MySQL on Amazon EC2
Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments