Amazon (SAA-C03) Exam Questions And Answers page 12
A company has implemented one of its microservices on AWS Lambda that accesses an Amazon DynamoDB table named Books. A solutions architect is designing an IAM policy to be attached to the Lambda function's IAM role, giving it access to put, update, and delete items in the Books table. The IAM policy must prevent function from performing any other actions on the Books table or any other.
Which IAM policy would fulfill these needs and provide the LEAST privileged access?
Which IAM policy would fulfill these needs and provide the LEAST privileged access?
Define Performant Architectures
Specify Secure Applications and Architectures
A company has many projects that run in multiple AWS Regions. The projects usually have a three-tier architecture with Amazon EC2 instances that run behind an Application Load Balancer. The instances run in an Auto Scaling group and share Amazon Elastic File System (Amazon EFS) storage and Amazon RDS databases. Some projects have resources in more than one Region.
A solutions architect needs to identify each project s individual costs.
Which solution will provide this information with the LEAST amount of operational effort?
A solutions architect needs to identify each project s individual costs.
Which solution will provide this information with the LEAST amount of operational effort?
Use Cost Explorer to perform one-time queries for each Region and create a report that filters by project.
Use the AWS Billing and Cost Management details page to see the actual usage costs of the resources by project.
Use AWS Systems Manager to group resources by project and monitor each project s resources and cost.
Use AWS Billing and Cost Management to activate cost allocation tags and create reports that are based on the project tags.
Design Cost-Optimized Architectures
A company has media and application files that need to be shared internally. Users currently are authenticated using Active Directory and access files from a Microsoft Windows platform. The chief executive officer wants to keep the same user permissions, but wants the company to improve the process as the company is reaching its storage capacity limit.
What should a solutions architect recommend?
What should a solutions architect recommend?
Set up a corporate Amazon S3 bucket and move all media and application files.
Configure Amazon FSx for Windows File Server and move all the media and application files.
Configure Amazon Elastic File System (Amazon EFS) and move all media and application files.
Set up Amazon EC2 on Windows, attach multiple Amazon Elastic Block Store (Amazon EBS) volumes, and move all media and application files.
Define Performant Architectures
Design Cost-Optimized Architectures
A company has migrated an on-premises Oracle database to an Amazon RDS for Oracle Multi-AZ DB instance in the us-east-l Region. A solutions architect is designing a disaster recovery strategy to have the database provisioned in the us-west-2 Region in case the database becomes unavailable in the us-east-1 Region. The design must ensure the database is provisioned in the us-west-2 Region in a maximum of 2 hours, with a data loss window of no more than 3 hours.
How can these requirements be met?
How can these requirements be met?
Edit the DB instance and create a read replica in us-west-2. Promote the read replica to master in us-west-2 in case the disaster recovery environment needs to be activated.
Select the multi-Region option to provision a standby instance in us-west-2. The standby instance will be automatically promoted to master in us-west-2 in case the disaster recovery environment needs to be created.
Take automated snapshots of the database instance and copy them to us-west-2 every 3 hours. Restore the latest snapshot to provision another database instance in us-west-2 in case the disaster recovery environment needs to be activated.
Create a multimaster read/write instances across multiple AWS Regions. Select VPCs in us-east-1 and us-west-2 to make that deployment. Keep the master read/write instance in us-west-2 available to avoid having to activate a disaster recovery environment.
Design Resilient Architectures
Define Performant Architectures
A company has migrated a two-tier application from its on-premises data center to the AWS Cloud. The data tier is a Multi-AZ deployment of Amazon RDS for Oracle with 12 " of General Purpose SSD Amazon Elastic Block Store (Amazon EBS) storage. The application is designed to process and store documents in the database as binary large objects (blobs) with an average document size of 6 MB.
The database size has grown over time, reducing the performance and increasing the cost of storage. The company must improve the database performance and needs a solution that is highly available and resilient.
Which solution will meet these requirements MOST cost-effectively?
The database size has grown over time, reducing the performance and increasing the cost of storage. The company must improve the database performance and needs a solution that is highly available and resilient.
Which solution will meet these requirements MOST cost-effectively?
Reduce the RDS DB instance size. Increase the storage capacity to 24 TiB. Change the storage type to Magnetic.
Increase the RDS DB instance size. Increase the storage capacity to 24 TiB. Change the storage type to Provisioned IOPS.
Create an Amazon S3 bucket. Update the application to store documents in the S3 bucket. Store the object metadata in the existing database.
Create an Amazon DynamoDB table. Update the application to use DynamoDB. Use AWS Database Migration Service (AWS DMS) to migrate data from the Oracle database to DynamoDB.
Design Resilient Architectures
Design Cost-Optimized Architectures
A company has multiple applications that use Amazon RDS for MySQL as is database. The company recently discovered that a new custom reporting application has increased the number of Queries on the database. This is slowing down performance.
How should a solutions architect resolve this issue with the LEAST amount of application changes?
How should a solutions architect resolve this issue with the LEAST amount of application changes?
Add a secondary DB instance using Multi-AZ.
Set up a road replica and Multi-AZ on Amazon RDS.
Set up a standby replica and Multi-AZ on Amazon RDS.
Use caching on Amazon RDS to improve the overall performance.
Define Performant Architectures
A company has multiple AWS accounts for various departments. One of the departments wants to share an Amazon S3 bucket with all other department.
Which solution will require the LEAST amount of effort?
Which solution will require the LEAST amount of effort?
Enable cross-account S3 replication for the bucket.
Create a pre-signed URL for the bucket and share it with other departments.
Set the S3 bucket policy to allow cross-account access to other departments.
Create IAM users for each of the departments and configure a read-only IAM policy.
Define Performant Architectures
Design Cost-Optimized Architectures
A company has multiple AWS accounts with applications deployed in the us-west-2 Region. Application logs are stored within Amazon S3 buckets in each account. The company wants to build a centralized log analysis solution that uses a single S3 bucket. Logs must not leave us-west-2, and the company wants to incur minimal operational overhead.
Which solution meets these requirements and is MOST cost-effective?
Which solution meets these requirements and is MOST cost-effective?
Create an S3 Lifecycle policy that copies the objects from one of the application S3 buckets to the centralized S3 bucket.
Use S3 Same-Region Replication to replicate logs from the S3 buckets to another S3 bucket in us-west-2. Use this S3 bucket for log analysis.
Write a script that uses the PutObject API operation every day to copy the entire contents of the buckets to another S3 bucket in us-west-2. Use this S3 bucket for log analysis.
Write AWS Lambda functions in these accounts that are triggered every time logs are delivered to the S3 buckets (s3:ObjectCreated:* event). Copy the logs to another S3 bucket in us-west-2. Use this S3 bucket for log analysis.
Design Cost-Optimized Architectures
A company has NFS servers in an on-premises data center that need to periodically back up small amounts of data to Amazon S3. Which solution meets these requirements and is MOST cost-effective?
Set up AWS Glue to copy the data from the on-premises servers to Amazon S3.
Set up an AWS DataSync agent on the on-premises servers, and sync the data to Amazon S3.
Set up an SFTP sync using AWS Transfer for SFTP to sync data from on-premises to Amazon S3.
Set up an AWS Direct Connect connection between the on-premises data center and a VPC, and copy the data to Amazon S3.
Design Cost-Optimized Architectures
A company has no existing file share services. A new project requires access to file storage that is mountable as a drive for on-premises desktops. The file server must authenticate users to an Active Directory domain before they are able to access the storage.
Which service will allow Active Directory users to mount storage as a drive on their desktops?
Which service will allow Active Directory users to mount storage as a drive on their desktops?
Amazon S3 Glacier
AWS DataSync
AWS Snowball Edge
AWS Storage Gateway
Define Performant Architectures
Specify Secure Applications and Architectures
Comments