Amazon (SAA-C03) Exam Questions And Answers page 2
A company collects temperature, humidity, and atmospheric pressure data in cities across multiple continents. The average volume of data collected per site each day is 500 GB. Each site has a high-speed internet connection. The company's weather forecasting applications are based in a single Region and analyze the data daily.
What is the FASTEST way to aggregate data from all of these global sites?
What is the FASTEST way to aggregate data from all of these global sites?
Upload site data to an Amazon S3 bucket in the closest AWS Region. Use S3 cross-Region replication to copy objects to the destination bucket.
Schedule AWS Snowball jobs daily to transfer data to the closest AWS Region. Use S3 cross-Region replication to copy objects to the destination bucket.
Upload the data to an Amazon EC2 instance in the closest Region. Store the data in an Amazon Elastic Block Store (Amazon EBS) volume. Once a day take an EBS snapshot and copy it to the centralized Region. Restore the EBS volume in the centralized Region and run an analysis on the data daily.
Define Performant Architectures
A company currently has 250 TB of backup files stored in Amazon S3 in a vendor's proprietary format. Using a Linux-based software application provided by the vendor, the company wants to retrieve files from Amazon S3, transform the files to an industry-standard format, and re-upload them to Amazon S3. The company wants to minimize the data transfer charges associated with this conversation.
What should a solutions architect do to accomplish this?
What should a solutions architect do to accomplish this?
Install the conversion software as an Amazon S3 batch operation so the data is transformed without leaving Amazon S3.
Install the conversion software onto an on-premises virtual machine. Perform the transformation and re-upload the files to Amazon S3 from the virtual machine.
Use AWS Snowball Edge devices to export the data and install the conversion software onto the devices. Perform the data transformation and re-upload the files to Amazon S3 from the Snowball Edge devices.
Launch an Amazon EC2 instance in the same Region as Amazon S3 and install the conversion software onto the instance. Perform the transformation and re-upload the files to Amazon S3 from the EC2 instance.
Define Performant Architectures
Design Cost-Optimized Architectures
A company currently operates a web application backed by an Amazon RDS MySQL database. It has automated backups that are run daily and are not encrypted. A security audit requires future backups to be encrypted and the unencrypted backups to be destroyed. The company will make at least one encrypted backup before destroying the old backups.
What should be done to enable encryption for future backups?
What should be done to enable encryption for future backups?
Enable default encryption for the Amazon S3 bucket where backups are stored.
Modify the backup section of the database configuration to toggle the Enable encryption check box.
Create a snapshot of the database. Copy it to an encrypted snapshot. Restore the database from the encrypted snapshot.
Enable an encrypted read replica on RDS for MySQL. Promote the encrypted read replica to primary. Remove the original database instance.
Specify Secure Applications and Architectures
A company currently stores symmetric encryption keys in a hardware security module (HSM). A solutions architect must design a solution to migrate key management to AWS. The solution should allow for key rotation and support the use of customer provided keys.
Where should the key material be stored to meet these requirements?
Where should the key material be stored to meet these requirements?
Amazon S3
AWS Secrets Manager
AWS Systems Manager Parameter store
AWS Key Management Service (AWS KMS)
Define Performant Architectures
Specify Secure Applications and Architectures
A company decides to migrate its three-tier web application from on-premises to the AWS Cloud. The new database must be capable of dynamically scaling storage capacity and performing table joins.
Which AWS service meets these requirements?
Which AWS service meets these requirements?
Amazon DynamoDB Streams
Amazon Aurora
Amazon RDS for SqlServer
Amazon DynamoDB on-demand
Design Resilient Architectures
Define Performant Architectures
A company delivers files in Amazon S3 to certain users who do not have AWS credentials. These users must be given access for a limited time. What should a solutions architect do to securely meet these requirements?
Enable public access on an Amazon S3 bucket.
Generate a presigned URL to share with the users.
Encrypt files using AWS KMS and provide keys to the users.
Create and assign IAM roles that will grant GetObject permissions to the users.
Specify Secure Applications and Architectures
A company designed a stateless two-tier application that uses Amazon EC2 in a single Availability Zone and an Amazon RDS Multi-AZ DB instance. New company management wants to ensure the application is highly available.
What should a solutions architect do to meet this requirement?
What should a solutions architect do to meet this requirement?
Configure the application to use Multi-AZ EC2 Auto Scaling and create an Application Load Balancer.
Configure the application to take snapshots of the EC2 instances and send them to a different AWS Region.
Configure the application to use Amazon Route 53 latency-based routing to feed requests to the application.
Configure Amazon Route 53 rules to handle incoming requests and create a Multi-AZ Application Load Balancer.
Design Resilient Architectures
Define Performant Architectures
A company designs a mobile app for its customers to upload photos to a website. The app needs a secure login with multi-factor authentication (MFA). The company wants to limit the initial build time and the maintenance of the solution.
Which solution should a solutions architect recommend to meet these requirements?
Which solution should a solutions architect recommend to meet these requirements?
Use Amazon Cognito Identity with SMS-based MFA.
Edit IAM policies to require MFA for all users.
Federate IAM against the corporate Active Directory that requires MFA.
Use Amazon API Gateway and require server-side encryption (SSE) for photos.
Specify Secure Applications and Architectures
Design Cost-Optimized Architectures
A company has 150 TB of archived image data stored on-premises that needs to be moved to the AWS Cloud within the next month. The company's current network connection allows up to 100 Mbps uploads for this purpose during the night only.
What is the MOST cost-effective mechanism to move this data and meet the migration deadline?
What is the MOST cost-effective mechanism to move this data and meet the migration deadline?
Use AWS Snowmobile to ship the data to AWS.
Order multiple AWS Snowball devices to ship the data to AWS.
Enable Amazon S3 Transfer Acceleration and securely upload the data.
Create an Amazon S3 VPC endpoint and establish a VPN to upload the data.
Design Cost-Optimized Architectures
A company has 700 TB of backup data stored in network attached storage (NAS) in its data center This backup data need to be accessible for infrequent regulatory requests and must be retained 7 years. The company has decided to migrate this backup data from its data center to AWS. The migration must be complete within 1 month. The company has 500 Mbps of dedicated bandwidth on its public internet connection available for data transfer.
What should a solutions architect do to migrate and store the data at the LOWEST cost?
What should a solutions architect do to migrate and store the data at the LOWEST cost?
Order AWS Snowball devices to transfer the data. Use a lifecycle policy to transition the files to Amazon S3 Glacier Deep Archive.
Deploy a VPN connection between the data center and Amazon VPC. Use the AWS CLI to copy the data from on premises to Amazon S3 Glacier.
Provision a 500 Mbps AWS Direct Connect connection and transfer the data to Amazon S3. Use a lifecycle policy to transition the files to Amazon S3 Glacier Deep Archive.
Use AWS DataSync to transfer the data and deploy a DataSync agent on premises. Use the DataSync task to copy files from the on-premises NAS storage to Amazon S3 Glacier.
Design Cost-Optimized Architectures
Comments