Amazon (SAA-C03) Exam Questions And Answers page 14
A company has two applications it wants to migrate to AWS. Both applications process a large set of files by accessing the same files at the same time. Both applications need to read the files with low latency.
Which architecture should a solutions architect recommend for this situation?
Which architecture should a solutions architect recommend for this situation?
Configure two AWS Lambda functions to run the applications. Create an Amazon EC2 instance with an Amazon Elastic Block Store (Amazon EBS) volume to store the data.
Configure one memory optimized Amazon EC2 instance to run both applications simultaneously. Create an Amazon Elastic Block Store (Amazon EBS) volume with Provisioned IOPS to store the data.
Configure two Amazon EC2 instances to run both applications. Configure Amazon Elastic File System (Amazon EFS) with General Purpose performance mode and Bursting Throughput mode to store the data.
Design Resilient Architectures
Define Performant Architectures
A company has two AWS accounts: Production and Development. There are code changes ready in the Development account to push to the Production account. In the alpha phase, only two senior developers on the development team need access to the Production account. In the beta phase, more developers might need access to perform testing as well.
What should a solutions architect recommend?
What should a solutions architect recommend?
Create two policy documents using the AWS Management Console in each account. Assign the policy to developers who need access.
Create an IAM role in the Development account. Give one IAM role access to the Production account. Allow developers to assume the role.
Create an IAM role in the Production account with the trust policy that specifies the Development account. Allow developers to assume the role.
Create an IAM group in the Production account and add it as a principal in the trust policy that specifies the Production account. Add developers to the group.
Define Performant Architectures
Specify Secure Applications and Architectures
A company has two VPCs named Management and Production. The Management VPC uses VPNs through a customer gateway to connect to a single device in the data center. The Production VPC uses a virtual private gateway with two attached AWS Direct Connect connections. The Management and Production VPCs both use a single VPC peering connection to allow communication between the applications.
What should a solutions architect do to mitigate any single point of failure in this architecture?
What should a solutions architect do to mitigate any single point of failure in this architecture?
Add a set of VPNs between the Management and Production VPCs.
Add a second virtual private gateway and attach it to the Management VPC.
Add a second set of VPNs to the Management VPC from a second customer gateway device.
Add a second VPC peering connection between the Management VPC and the Production VPC.
Specify Secure Applications and Architectures
Design Cost-Optimized Architectures
A company has two VPCs that are located in the us-west-2 Region within the same AWS account. The company needs to allow network traffic between these VPCs. Approximately 500 GB of data transfer will occur between the VPCs each month.
What is the MOST cost-effective solution to connect these VPCs?
What is the MOST cost-effective solution to connect these VPCs?
Implement AWS Transit Gateway to connect the VPCs. Update the route tables of each VPC to use the transit gateway for inter-VPC communication.
Implement an AWS Site-to-Site VPN tunnel between the VPCs. Update the route tables of each VPC to use the VPN tunnel for inter-VPC communication.
Set up a VPC peering connection between the VPCs. Update the route tables of each VPC to use the VPC peering connection for inter-VPC communication.
Set up a 1 GB AWS Direct Connect connection between the VPCs. Update the route tables of each VPC to use the Direct Connect connection for inter-VPC communication.
Design Cost-Optimized Architectures
A company hosts a multi-tier web application that uses an Amazon Aurora MySQL DB cluster for storage. The application tier is hosted on Amazon EC2 instances. The company s IT security guidelines mandate that the database credentials be encrypted and rotated every 14 days.
What should a solutions architect do to meet this requirement with the LEAST operational effort?
What should a solutions architect do to meet this requirement with the LEAST operational effort?
Create a new AWS Key Management Service (AWS KMS) encryption key. Use AWS Secrets Manager to create a new secret that uses the KMS key with the appropriate credentials. Associate the secret with the Aurora DB cluster. Configure a custom rotation period of 14 days.
Create two parameters in AWS Systems Manager Parameter Store: one for the user name as a string parameter and one that uses the SecureString type for the password. Select AWS Key Management Service (AWS KMS) encryption for the password parameter, and load these parameters in the application tier. Implement an AWS Lambda function that rotates the password every 14 days.
Store a file that contains the credentials in an AWS Key Management Service (AWS KMS) encrypted Amazon Elastic File System (Amazon EFS) file system. Mount the EFS file system in all EC2 instances of the application tier. Restrict the access to the file on the file system so that the application can read the file and that only super users can modify the file. Implement an AWS Lambda function that rotates the key in Aurora every 14 days and writes new credentials into the file.
Store a file that contains the credentials in an AWS Key Management Service (AWS KMS) encrypted Amazon S3 bucket that the application uses to load the credentials. Download the file to the application regularly to ensure that the correct credentials are used. Implement an AWS Lambda function that rotates the Aurora credentials every 14 days and uploads these credentials to the file in the S3 bucket.
Specify Secure Applications and Architectures
A company hosts an application on an Amazon EC2 instance that requires a maximum of 200 GB storage space. The application is used infrequently, with peaks during mornings and evenings. Disk I/O varies, but peaks at 3,000 IOPS. The chief financial officer of the company is concerned about costs and has asked a solutions architect to recommend the most cost-effective storage option that does not sacrifice performance.
Which solution should the solutions architect recommend?
Which solution should the solutions architect recommend?
Amazon Elastic Block Store (Amazon EBS) Cold HDD (sc1)
Amazon Elastic Block Store (Amazon EBS) General Purpose SSD (gp2)
Amazon Elastic Block Store (Amazon EBS) Provisioned IOPS SSD (io1)
Amazon Elastic Block Store (Amazon EBS) Throughput Optimized HDD (st1)
Design Cost-Optimized Architectures
A company hosts an application on an Amazon EC2 instance that requires a maximum of 200 GB storage space. The application is used infrequently, with peaks during mornings and evenings. Disk I/O varies, but peaks at 3,000 IOPS. The chief financial officer of the company is concerned about costs and has asked a solutions architect to recommend the most cost-effective storage option that does not sacrifice performance.
Which solution should the solutions architect recommend?
Which solution should the solutions architect recommend?
Amazon EBS Cold HDD (sc1)
Amazon EBS General Purpose SSD (gp2)
Amazon EBS Provisioned IOPS SSD (io1)
Amazon EBS Throughput Optimized HDD (st1)
Design Cost-Optimized Architectures
A company hosts an application on AWS Lambda functions that are invoked by an Amazon API Gateway API. The Lambda functions save customer data to an Amazon Aurora MySQL database. Whenever the company upgrades the database, the Lambda functions fail to establish database connections until the upgrade is complete. The result is that customer data is not recorded for some of the event.
A solutions architect needs to design a solution that stores customer data that is created during database upgrades.
Which solution will meet these requirements?
A solutions architect needs to design a solution that stores customer data that is created during database upgrades.
Which solution will meet these requirements?
Provision an Amazon RDS proxy to sit between the Lambda functions and the database. Configure the Lambda functions to connect to the RDS proxy.
Increase the run time of the Lambda functions to the maximum. Create a retry mechanism in the code that stores the customer data in the database.
Persist the customer data to Lambda local storage. Configure new Lambda functions to scan the local storage to save the customer data to the database.
Store the customer data in an Amazon Simple Queue Service (Amazon SQS) FIFO queue. Create a new Lambda function that polls the queue and stores the customer data in the database.
Design Resilient Architectures
Define Performant Architectures
A company hosts an application on multiple Amazon EC2 instances. The application processes messages from an Amazon SQS queue, writes for an Amazon RDS table, and deletes
the message from the queue. Occasional duplicate records are found in the RDS table. The SQS queue does not contain any duplicate messages.
What should a solutions architect do to ensure messages are being processed once only?
the message from the queue. Occasional duplicate records are found in the RDS table. The SQS queue does not contain any duplicate messages.
What should a solutions architect do to ensure messages are being processed once only?
Use the CreateQueue API call to create a new queue.
Use the AddPermission API call to add appropriate permissions.
Use the ReceiveMessage API call to set an appropriate wait time.
Use the ChangeMessageVisibility API call to increase the visibility timeout.
Define Performant Architectures
Specify Secure Applications and Architectures
A company hosts an application used to upload files to an Amazon S3 bucket. Once uploaded, the files are processed to extract metadata, which takes less than 5 seconds. The volume and frequency of the uploads varies from a few files each hour to hundreds of concurrent uploads. The company has asked a solutions architect to design a cost-effective architecture that will meet these requirements.
What should the solutions architect recommend?
What should the solutions architect recommend?
Configure AWS CloudTrail trails to log S3 API calls. Use AWS AppSync to process the files.
Configure an object-created event notification within the S3 bucket to invoke an AWS Lambda function to process the files.
Configure Amazon Kinesis Data Streams to process and send data to Amazon S3. Invoke an AWS Lambda function to process the files.
Configure an Amazon Simple Notification Service (Amazon SNS) topic to process the files uploaded to Amazon S3. Invoke an AWS Lambda function to process the files.
Design Cost-Optimized Architectures
Comments