Amazon (SAA-C03) Exam Questions And Answers page 31
A company is using a VPC that is provisioned with a 10.10.1.0/24 CIDR block. Because of continued growth, IP address space in this block might be depleted soon. A solutions architect must add more IP address capacity to the VPC.
Which solution will meet these requirements with the LEAST operational overhead?
Which solution will meet these requirements with the LEAST operational overhead?
Add a secondary CIDR block of 10.10.2.0/24 to the VPC.
Resize the existing VPC CIDR block from 10.10.1.0/24 to 10.10.1.0/16.
Establish VPC peering with a new VPC that has a CIDR block of 10.10.1.0/16.
Design Cost-Optimized Architectures
A company is using AWS Organizations with two AWS accounts: Logistics and Sales. The Logistics account operates an Amazon Redshift cluster. The Sales account includes Amazon EC2 instances. The Sales account needs to access the Logistics account s Amazon Redshift cluster.
What should a solutions architect recommend to meet this requirement MOST cost-effectively?
What should a solutions architect recommend to meet this requirement MOST cost-effectively?
Set up VPC sharing with the Logistics account as the owner and the Sales account as the participant to transfer the data.
Create an AWS Lambda function in the Logistics account to transfer data to the Amazon EC2 instances in the Sales account.
Create a snapshot of the Amazon Redshift cluster, and share the snapshot with the Sales account. In the Sales account, restore the cluster by using the snapshot ID that is shared by the Logistics account.
Run COPY commands to load data from Amazon Redshift into Amazon S3 buckets in the Logistics account. Grant permissions to the Sales account to access the S3 buckets of the Logistics account.
Design Cost-Optimized Architectures
A company is using AWS Organizations with two AWS accounts: Logistics and Sales. The Logistics account operates an Amazon Redshift cluster. The Sales account includes Amazon EC2 instances. The Sales account needs to access the Logistics account s Amazon Redshift cluster.
What should a solutions architect recommend to meet this requirement MOST cost-effectively?
What should a solutions architect recommend to meet this requirement MOST cost-effectively?
Set up VPC sharing with the Logistics account as the owner and the Sales account as the participant to transfer the data.
Create an AWS Lambda function in the Logistics account to transfer data to the Amazon EC2 instances in the Sales account.
Create a snapshot of the Amazon Redshift cluster, and share the snapshot with the Sales account. In the Sales account, restore the cluster by using the snapshot ID that is shared by the Logistics account.
Run COPY commands to load data from Amazon Redshift into Amazon S3 buckets in the Logistics account. Grant permissions to the Sales account to access the S3 buckets of the Logistics account.
Design Cost-Optimized Architectures
A company is using Site-to-Site VPN connections for secure connectivity to its AWS Cloud resources from on premises. Due to an increase in traffic across the VPN connections to the Amazon EC2 instances, users are experiencing slower VPN connectivity.
Which solution will improve the VPN throughput?
Which solution will improve the VPN throughput?
Implement multiple customer gateways for the same network to scale the throughput.
Use a transit gateway with equal cost multipath routing and add additional VPN tunnels.
Configure a virtual private gateway with equal cost multipath routing and multiple channels.
Increase the number of tunnels in the VPN configuration to scale the throughput beyond the default limit.
Define Performant Architectures
A company is working with an external vendor that requires write access to the company s Amazon Simple Queue Service (Amazon SQS) queue. The vendor has its own AWS account.
What should a solutions architect do to implement least privilege access?
What should a solutions architect do to implement least privilege access?
Update the permission policy on the SQS queue to give write access to the vendor s AWS account.
Create an IAM user with write access to the SQS queue and share the credentials for the IAM user.
Update AWS Resource Access Manager to provide write access to the SQS queue from the vendor s AWS account.
Create a cross-account role with access to all SQS queues and use the vendor s AWS account in the trust document for the role.
Specify Secure Applications and Architectures
A company maintains a searchable repository of items on its website. The data is stored in an Amazon RDS for MySQL database table that contains over 10 million rows. The database has 2 TB of General Purpose SSD (gp2) storage. There are millions of updates against this data every day through the company s website. The company has noticed some operations are taking 10 seconds or longer and has determined that the database storage performance is the bottleneck.
Which solution addresses the performance issue?
Which solution addresses the performance issue?
Change the storage type to Provisioned IOPS SSD (io1).
Change the instance to a memory-optimized instance class.
Change the instance to a burstable performance DB instance class.
Enable Multi-AZ RDS read replicas with MySQL native asynchronous replication.
Define Performant Architectures
A company manages its own Amazon EC2 instances that run MySQL databases. The company is manually managing replication and scaling as demand increases or decreases. The company needs a new solution that simplifies the process of adding or removing compute capacity to or from its database tier as needed. The solution also must offer improved performance, scaling, and durability with minimal effort from operations.
Which solution meets these requirements?
Which solution meets these requirements?
Migrate the databases to Amazon Aurora Serverless for Aurora MySQL.
Migrate the databases to Amazon Aurora Serverless for Aurora PostgreSQL.
Combine the databases into one larger MySQL database. Run the larger database on larger EC2 instances.
Create an EC2 Auto Scaling group for the database tier. Migrate the existing databases to the new environment.
Design Resilient Architectures
Define Performant Architectures
A company mandates that an Amazon S3 gateway endpoint must allow traffic to trusted buckets only.
Which method should a solutions architect implement to meet this requirement?
Which method should a solutions architect implement to meet this requirement?
Create a bucket policy for each of the company's trusted S3 buckets that allows traffic only from the company's trusted VPCs.
Create a bucket policy for each of the company's trusted S3 buckets that allows traffic only from the company's S3 gateway endpoint IDs.
Create an S3 endpoint policy for each of the company's S3 gateway endpoints that blocks access from any VPC other than the company's trusted VPCs.
Create an S3 endpoint policy for each of the company's S3 gateway endpoints that provides access to the Amazon Resource Name (ARN) of the trusted S3 buckets.
Define Performant Architectures
Specify Secure Applications and Architectures
A company must generate sales reports at the beginning of every month. The reporting process launches 20 Amazon EC2 instances on the first of the month. The process runs for 7 days and cannot be interrupted. The company wants to minimize costs.
Which pricing model should the company choose?
Which pricing model should the company choose?
Reserved Instances
Spot Block Instances
On-Demand Instances
Scheduled Reserved Instances
Design Cost-Optimized Architectures
A company must generate sales reports at the beginning of every month. The reporting process launches 20 Amazon EC2 instances on the first of the month. The process runs for 7 days and cannot be interrupted. The company wants to minimize costs.
Which pricing model should the company choose?
Which pricing model should the company choose?
Reserved Instances
Spot Block Instances
On-Demand Instances
Scheduled Reserved Instances
Design Cost-Optimized Architectures
Comments