Amazon (SAA-C03) Exam Questions And Answers page 24
A company is migrating from an on-premises infrastructure to the AWS Cloud. One of the company s applications stores files on a Windows file server farm that uses Distributed File System Replication (DFSR) to keep data in sync. A solutions architect needs to replace the file server farm.
Which service should the solutions architect use?
Which service should the solutions architect use?
Amazon FSx
Amazon S3
AWS Storage Gateway
Design Resilient Architectures
Define Performant Architectures
A company is migrating its applications to AWS. Currently, applications that run on premises generate hundreds of terabytes of data that is stored on a shared file system. The company is running an analytics application in the cloud that runs hourly to generate insights from this data.
The company needs a solution to handle the ongoing data transfer between the on-premises shared file system and Amazon S3. The solution also must be able to handle occasional interruptions in internet connectivity.
Which solutions should the company use for the data transfer to meet these requirements?
The company needs a solution to handle the ongoing data transfer between the on-premises shared file system and Amazon S3. The solution also must be able to handle occasional interruptions in internet connectivity.
Which solutions should the company use for the data transfer to meet these requirements?
AWS DataSync
AWS Migration Hub
AWS Snowball Edge Storage Optimized
AWS Transfer for SFTP
Design Resilient Architectures
Define Performant Architectures
A company is migrating to the AWS Cloud. A file server is the first workload to migrate. Users must be able to access the file share using the Server Message Block (SMB) protocol. Which AWS managed service meets these requirements?
Amazon S3
Amazon Elastic Block Store (Amazon EBS)
Amazon EC2
Amazon FSx
Design Resilient Architectures
Define Performant Architectures
A company is migrating to the AWS Cloud. A file server is the first workload to migrate. Users must be able to access the file share using the Server Message Block (SMB) protocol. Which AWS managed service meets these requirements?
Amazon EBS
Amazon EC2
Amazon FSx
Amazon S3
Design Resilient Architectures
Define Performant Architectures
A company is moving its on-premises applications to Amazon EC2 instances. However, as a result of fluctuating compute requirements, the EC2 instances must always be ready to use between 8 AM and 5 PM in specific Availability Zones.
Which EC2 instances should the company choose to run the applications?
Which EC2 instances should the company choose to run the applications?
Scheduled Reserved Instances
On-Demand Instances
Spot Instances as part of a Spot Fleet
EC2 instances in an Auto Scaling group
Design Resilient Architectures
Define Performant Architectures
A company is moving its on-premises Oracle database to Amazon Aurora PostgreSQL. The database has several applications that write to the same tables. The applications need to be migrated one by one with a month in between each migration Management has expressed concerns that the database has a high number of reads and writes. The data must be kept in sync across both databases throughout tie migration.
What should a solutions architect recommend?
What should a solutions architect recommend?
Use AWS DataSync for the initial migration. Use AWS Database Migration Service (AWS DMS) to create a change data capture (CDC) replication task and a table mapping to select all cables.
Use AWS DataSync for the initial migration. Use AWS Database Migration Service (AWS DMS) to create a full load plus change data capture (CDC) replication task and a table mapping to select all tables.
Use the AWS Schema Conversion Tool with AWS DataBase Migration Service (AWS DMS) using a memory optimized replication instance. Create a full load plus change data capture (CDC) replication task and a table mapping to select all tables.
Use the AWS Schema Conversion Tool with AWS Database Migration Service (AWS DMS) using a compute optimized replication instance. Create a full load plus change data capture (CDC) replication task and a table mapping to select the largest tables.
Define Performant Architectures
Specify Secure Applications and Architectures
A company is performing an AWS Well-Architected Framework review of an existing workload deployed on AWS. The review identified a public-facing website running on the same Amazon EC2 instance as a Microsoft Active Directory domain controller that was install recently to support other AWS services. A solutions architect needs to recommend a new design that would improve the security of the architecture and minimize the administrative demand on IT staff.
What should the solutions architect recommend?
What should the solutions architect recommend?
Use AWS Directory Service to create a managed Active Directory. Uninstall Active Directory on the current EC2 instance.
Create another EC2 instance in the same subnet and reinstall Active Directory on it. Uninstall Active Directory.
Use AWS Directory Service to create an Active Directory connector. Proxy Active Directory requests to the Active domain controller running on the current EC2 instance.
Enable AWS Single Sign-On (AWS SSO) with Security Assertion Markup Language (SAML) 2.0 federation with the current Active Directory controller. Modify the EC2 instance s security group to deny public access to Active Directory.
Specify Secure Applications and Architectures
How to Configure AWS VPC for Secure Web and Database Layers?
Multiple Choice
A company is planning on deploying a newly built application on AWS in a default VPC. The application will consist of a web layer and database layer. The web server was created in public subnets, and the MySQL database was created in private subnets. All subnets are created with the default network ACL settings, and the default security group in the VPC will be replaced with new custom security groups.
The following are the key requirements:
• The web servers must be accessible only to users on an SSL connection.
• The database should be accessible to the web layer, which is created in a public subnet only.
• All traffic to and from the IP range 182.20.0.0/16 subnet should be blocked.
Which combination of steps meets these requirements? (Choose two.)
The following are the key requirements:
• The web servers must be accessible only to users on an SSL connection.
• The database should be accessible to the web layer, which is created in a public subnet only.
• All traffic to and from the IP range 182.20.0.0/16 subnet should be blocked.
Which combination of steps meets these requirements? (Choose two.)
Create a database server security group with inbound and outbound rules for MySQL port 3306 traffic to and from anywhere (0 0.0.0/0).
Create a database server security group with an inbound rule for MySQL port 3306 and specify the source as a web server security group.
Create a web server security group with an inbound allow rule for HTTPS port 443 traffic from anywhere (0.0.0.0/0) and an inbound deny rule for IP range 182.20.0.0/16.
Create a web server security group with an inbound rule for HTTPS port 443 traffic from anywhere (0.0.0.0/0). Create network ACL inbound and outbound deny rules for IP range 182.20.0.0/16.
Create a web server security group with inbound and outbound rules for HTTPS port 443 traffic to and from anywhere (0.0.0.0/0). Create a network ACL inbound deny rule for IP range 182.20.0.0/16.
Define Performant Architectures
Specify Secure Applications and Architectures
How to Configure AWS VPC for Secure Web and Database Layers?
Multiple Choice
A company is planning on deploying a newly built application on AWS in a default VPC. The application will consist of a web layer and database layer. The web server was created in public subnets, and the MySQL database was created in private subnets. All subnets are created with the default network ACL settings, and the default security group in the VPC will be replaced with new custom security groups.
The following are the key requirements:
• The web servers must be accessible only to users on an SSL connection.
• The database should be accessible to the web layer, which is created in a public subnet only.
• All traffic to and from the IP range 182.20.0.0/16 subnet should be blocked.
Which combination of steps meets these requirements? (Select two.)
The following are the key requirements:
• The web servers must be accessible only to users on an SSL connection.
• The database should be accessible to the web layer, which is created in a public subnet only.
• All traffic to and from the IP range 182.20.0.0/16 subnet should be blocked.
Which combination of steps meets these requirements? (Select two.)
Create a database server security group with inbound and outbound rules for MySQL port 3306 traffic to and from anywhere (0 0.0.0/0).
Create a database server security group with an inbound rule for MySQL port 3306 and specify the source as a web server security group.
Create a web server security group with an inbound allow rule for HTTPS port 443 traffic from anywhere (0.0.0.0/0) and an inbound deny rule for IP range 182.20.0.0/16.
Create a web server security group with an inbound rule for HTTPS port 443 traffic from anywhere (0.0.0.0/0). Create network ACL inbound and outbound deny rules for IP range 182.20.0.0/16.
Create a web server security group with inbound and outbound rules for HTTPS port 443 traffic to and from anywhere (0.0.0.0/0). Create a network ACL inbound deny rule for IP range 182.20.0.0/16.
Define Performant Architectures
Specify Secure Applications and Architectures
A company is planning to build a new web application on AWS. The company expects predictable traffic most of the year and very high traffic on occasion. The web application needs to be highly available and fault tolerant with minimal latency.
What should a solutions architect recommend to meet these requirements?
What should a solutions architect recommend to meet these requirements?
Use an Amazon Route 53 routing policy to distribute requests to two AWS Regions, each with one Amazon EC2 instance.
Use Amazon EC2 instances in an Auto Scaling group with an Application Load Balancer across multiple Availability Zones.
Use Amazon EC2 instances in a cluster placement group with an Application Load Balancer across multiple Availability Zones.
Use Amazon EC2 instances in a cluster placement group and include the cluster placement group within a new Auto Scaling group.
Design Resilient Architectures
Define Performant Architectures
Comments