Amazon (SAA-C03) Exam Questions And Answers page 3
A company has a 10 Gbps AWS Direct Connect connection from its on-premises servers to AWS. The workloads using the connection are critical. The company requires a disaster recovery strategy with maximum resiliency that maintains the current connection bandwidth at a minimum.
What should a solutions architect recommend?
What should a solutions architect recommend?
Set up a new AWS managed VPN connection in another AWS Region.
Set up two new Direct Connect connections: one in the current AWS Region and one in another Region.
Set up two new AWS managed VPN connections: one in the current AWS Region and one in another Region.
Design Resilient Architectures
Define Performant Architectures
A company has a 143 TB MySQL database that it wants to migrate to AWS. The plan is to use Amazon Aurora MySQL as the platform going forward. The company has a 100 Mbps AWS Direct Connect connection to Amazon VPC.
Which solution meets the company s needs and takes the LEAST amount of time?
Which solution meets the company s needs and takes the LEAST amount of time?
Use a gateway endpoint for Amazon S3. Migrate the data to Amazon S3. Import the data into Aurora.
Upgrade the Direct Connect link to 500 Mbps. Copy the data to Amazon S3. Import the data into Aurora.
Order an AWS Snowmobile and copy the database backup to it. Have AWS import the data into Amazon S3. Import the backup into Aurora.
Order four 50-TB AWS Snowball devices and copy the database backup onto them. Have AWS import the data into Amazon S3. Import the data into Aurora.
Design Resilient Architectures
Define Performant Architectures
A company has a build server that is in an Auto Scaling group and often has multiple Linux instances running. The build server requires consistent and mountable shared NFS storage for jobs and configurations.
Which storage option should a solutions architect recommend?
Which storage option should a solutions architect recommend?
Amazon S3
Amazon FSx
Amazon Elastic Block Store (Amazon EBS)
Amazon Elastic File System (Amazon EFS)
Design Resilient Architectures
Define Performant Architectures
A company has a custom application running on an Amazon EC instance that:
" Reads a large amount of data from Amazon S3
" Performs a multi-stage analysis
" Writes the results to Amazon DynamoDB
The application writes a significant number of large, temporary files during the multi-stage analysis. The process performance depends on the temporary storage performance.
What would be the fastest storage option for holding the temporary files?
" Reads a large amount of data from Amazon S3
" Performs a multi-stage analysis
" Writes the results to Amazon DynamoDB
The application writes a significant number of large, temporary files during the multi-stage analysis. The process performance depends on the temporary storage performance.
What would be the fastest storage option for holding the temporary files?
Multiple Amazon S3 buckets with Transfer Acceleration for storage.
Multiple Amazon EBS drives with Provisioned IOPS and EBS optimization.
Multiple Amazon EFS volumes using the Network File System version 4.1 (NFSv4.1) protocol.
Multiple instance store volumes with software RAID 0.
Define Performant Architectures
Specify Secure Applications and Architectures
A company has a custom application running on an Amazon EC instance that:
" Reads a large amount of data from Amazon S3
" Performs a multi-stage analysis
" Writes the results to Amazon DynamoDB
The application writes a significant number of large, temporary files during the multi-stage analysis. The process performance depends on the temporary storage performance.
What would be the fastest storage option for holding the temporary files?
" Reads a large amount of data from Amazon S3
" Performs a multi-stage analysis
" Writes the results to Amazon DynamoDB
The application writes a significant number of large, temporary files during the multi-stage analysis. The process performance depends on the temporary storage performance.
What would be the fastest storage option for holding the temporary files?
Multiple Amazon S3 buckets with Transfer Acceleration for storage.
Multiple Amazon Elastic Block Store (Amazon EBS) drives with Provisioned IOPS and EBS optimization.
Multiple Amazon Elastic File System (Amazon EFS) volumes using the Network File System version 4.1 (NFSv4.1) protocol.
Multiple instance store volumes with software RAID 0.
Define Performant Architectures
Specify Secure Applications and Architectures
A company has a custom application with embedded credentials that retrieves information from an Amazon RDS MySQL DB instance. Management says the application must be made more secure with the least amount of programming effort.
What should a solutions architect do to meet these requirements?
What should a solutions architect do to meet these requirements?
Use AWS Key Management Service (AWS KMS) customer master keys (CMKs) to create keys. Configure the application to load the database credentials from AWS KMS. Enable automatic key rotation.
Create credentials on the RDS for MySQL database for the application user and store the credentials in AWS Secrets Manager. Configure the application to load the database credentials from Secrets Manager. Create an AWS Lambda function that rotates the credentials in Secret Manager.
Create credentials on the RDS for MySQL database for the application user and store the credentials in AWS Secrets Manager. Configure the application to load the database credentials from Secrets Manager. Set up a credentials rotation schedule for the application user in the RDS for MySQL database using Secrets Manager.
Create credentials on the RDS for MySQL database for the application user and store the credentials in AWS Systems Manager Parameter Store. Configure the application to load the database credentials from Parameter Store. Set up a credentials rotation schedule for the application user in the RDS for MySQL database using Parameter Store.
Specify Secure Applications and Architectures
A company has a customer relationship management (CRM) application that stores data in an Amazon RDS DB instance that runs Microsoft SQL Server. The company s IT staff has administrative access to the database. The database contains sensitive data. The company wants to ensure that the data is not accessible to the IT staff and that only authorized personnel can view the data.
What should a solutions architect do to secure the data?
What should a solutions architect do to secure the data?
Use client-side encryption with an Amazon RDS managed key.
Use client-side encryption with an AWS Key Management Service (AWS KMS) customer managed key.
Use Amazon RDS encryption with an AWS Key Management Service (AWS KMS) default encryption key.
Use Amazon RDS encryption with an AWS Key Management Service (AWS KMS) customer managed key.
Specify Secure Applications and Architectures
A company has a dynamic web application hosted on two Amazon EC2 instances. The company has its own SSL certificate, which is on each instance to perform SSL termination.
There has been an increase in traffic recently, and the operations team determined that SSL encryption and decryption is causing the compute capacity of the web servers to reach their maximum limit.
What should a solutions architect do to increase the application s performance?
There has been an increase in traffic recently, and the operations team determined that SSL encryption and decryption is causing the compute capacity of the web servers to reach their maximum limit.
What should a solutions architect do to increase the application s performance?
Create a new SSL certificate using AWS Certificate Manager (ACM). Install the ACM certificate on each instance.
Create an Amazon S3 bucket. Migrate the SSL certificate to the S3 bucket. Configure the EC2 instances to reference the bucket for SSL termination.
Create another EC2 instance as a proxy server. Migrate the SSL certificate to the new instance and configure it to direct connections to the existing EC2 instances.
Import the SSL certificate into AWS Certificate Manager (ACM). Create an Application Load Balancer with an HTTPS listener that uses the SSL certificate from ACM.
Define Performant Architectures
A company has a highly dynamic batch processing job that uses many Amazon EC2 instances to complete it. The job is stateless in nature, can be started and stopped at any given time with no negative impact, and typically takes upwards of 60 minutes total to complete. The company has asked a solutions architect to design a scalable and cost-effective solution that meets the requirements of the job.
What should the solutions architect recommend?
What should the solutions architect recommend?
Implement EC2 Spot Instances.
Purchase EC2 Reserved Instances.
Implement EC2 On-Demand Instances.
Implement the processing on AWS Lambda.
Design Cost-Optimized Architectures
A company has a hybrid application hosted on multiple on-premises servers with static IP addresses. There is already a VPN that provides connectivity between the VPC and the on-premises network. The company wants to distribute TCP traffic across the on-premises servers for internet users.
What should a solutions architect recommend to provide a highly available and scalable solution?
What should a solutions architect recommend to provide a highly available and scalable solution?
Launch an internet-facing Network Load Balancer (NLB) and register on-premises IP addresses with the NLB.
Launch an internet-facing Application Load Balancer (ALB) and register on-premises IP addresses with the ALB.
Launch an Amazon EC2 instance, attach an Elastic IP address, and distribute traffic to the on-premises servers.
Launch an Amazon EC2 instance with public IP addresses in an Auto Scaling group and distribute traffic to the on-premises servers.
Design Resilient Architectures
Define Performant Architectures
Comments