Amazon (SAA-C03) Exam Questions And Answers page 33
A company needs to store data in Amazon S3. A compliance requirement states that when any changes are made to objects the previous state of the object with any changes must be preserved. Additionally, files older than 5 years should not be accessed but need to be archived for auditing.
What should a solutions architect recommend that is MOST cost-effective?
What should a solutions architect recommend that is MOST cost-effective?
Enable object-level versioning and S3 Object Lock in compliance mode
Enable object-level versioning. Enable a lifecycle policy to move data older than 5 years to S3 Glacier Deep Archive
Enable object-level versioning. Enable a lifecycle policy to move data older than 5 years to S3 Standard-Infrequent Access (S3 Standard-IA)
Design Cost-Optimized Architectures
A company observes an increase in Amazon EC2 costs in its most recent bill. The billing team notices unwanted vertical scaling of instance types for a couple of EC2 instances. A solutions architect needs to create a graph comparing the last 2 months of EC2 costs and perform an in-depth analysis to identify the root cause of the vertical scaling.
How should the solutions architect generate the information with the LEAST operational overhead?
How should the solutions architect generate the information with the LEAST operational overhead?
Use AWS Budgets to create a budget report and compare EC2 costs based on instance types.
Use Cost Explorer s granular filtering feature to perform an in-depth analysis of EC2 costs based on instance types.
Use graphs from the AWS Billing and Cost Management dashboard to compare EC2 costs based on instance types for the last 2 months.
Use AWS Cost and Usage Reports to create a report and send it to an Amazon S3 bucket. Use Amazon QuickSight with Amazon S3 as a source to generate an interactive graph based on instance types.
Define Performant Architectures
Design Cost-Optimized Architectures
A company operates an ecommerce website on Amazon EC2 instances behind an Application Load Balancer (ALB) in an Auto Scaling group. The site is experiencing performance issues related to a high request rate from illegitimate external systems with changing IP addresses. The security team is worried about potential DDoS attacks against the website. The company must block the illegitimate incoming requests in a way that has a minimal impact on legitimate users.
What should a solutions architect recommend?
What should a solutions architect recommend?
Deploy Amazon Inspector and associate it with the ALB.
Deploy AWS WAF, associate it with the ALB, and configure a rate-limiting rule.
Deploy rules to the network ACLs associated with the ALB to block the incoming traffic.
Deploy Amazon GuardDuty and enable rate-limiting protection when configuring GuardDuty.
Define Performant Architectures
Specify Secure Applications and Architectures
A company operates a two-tier application for image processing. The application uses two Availability Zones, each with one public subnet and one private subnet. An Application Load Balancer (ALB) for the web tier uses the public subnets. Amazon EC2 instances for the application tier use the private subnets.
Users report that the application is running more slowly than expected. A security audit of the web server log files shows that the application is receiving millions of illegitimate requests from a small number of IP addresses. A solutions architect needs to resolve the immediate performance problem while the company investigates a more permanent solution.
What should the solutions architect recommend to meet this requirement?
Users report that the application is running more slowly than expected. A security audit of the web server log files shows that the application is receiving millions of illegitimate requests from a small number of IP addresses. A solutions architect needs to resolve the immediate performance problem while the company investigates a more permanent solution.
What should the solutions architect recommend to meet this requirement?
Modify the inbound security group for the web tier. Add a deny rule for the IP addresses that are consuming resources.
Modify the network ACL for the web tier subnets. Add an inbound deny rule for the IP addresses that are consuming resources.
Modify the inbound security group for the application tier. Add a deny rule for the IP addresses that are consuming resources.
Modify the network ACL for the application tier subnets. Add an inbound deny rule for the IP addresses that are consuming resources.
Define Performant Architectures
Design Cost-Optimized Architectures
A company operates a two-tier application for image processing. The application uses two Availability Zones, each with one public subnet and one private subnet. An Application Load Balancer (ALB) for the web tier uses the public subnets. Amazon EC2 instances for the application tier use the private subnets.
Users report that the application is running more slowly than expected. A security audit of the web server log files shows that the application is receiving millions of illegitimate requests from a small number of IP addresses. A solutions architect needs to resolve the immediate performance problem while the company investigates a more permanent solution.
What should the solutions architect recommend to meet this requirement?
Users report that the application is running more slowly than expected. A security audit of the web server log files shows that the application is receiving millions of illegitimate requests from a small number of IP addresses. A solutions architect needs to resolve the immediate performance problem while the company investigates a more permanent solution.
What should the solutions architect recommend to meet this requirement?
Modify the inbound security group for the web tier. Add a deny rule for the IP addresses that are consuming resources.
Modify the network ACL for the web tier subnets. Add an inbound deny rule for the IP addresses that are consuming resources.
Modify the inbound security group for the application tier. Add a deny rule for the IP addresses that are consuming resources.
Modify the network ACL for the application tier subnets. Add an inbound deny rule for the IP addresses that are consuming resources.
Define Performant Architectures
Design Cost-Optimized Architectures
A company operates a website on Amazon EC2 Linux instances. Some of the instances are failing. Troubleshooting points to insufficient swap space on the failed instances. The operations team lead needs a solution to monitor this.
What should a solutions architect recommend?
What should a solutions architect recommend?
Configure an Amazon CloudWatch SwapUsage metric dimension. Monitor the SwapUsage dimension in the EC2 metrics in CloudWatch.
Use EC2 metadata to collect information, then publish it to Amazon CloudWatch custom metrics. Monitor SwapUsage metrics in CloudWatch.
Install an Amazon CloudWatch agent on the instances. Run an appropriate script on a set schedule. Monitor SwapUtilization metrics in CloudWatch.
Enable detailed monitoring in the EC2 console. Create an Amazon CloudWatch SwapUtilization custom metric. Monitor SwapUtilization metrics in CloudWatch.
Design Resilient Architectures
Define Performant Architectures
A company owns an asynchronous API that is used to ingest user requests and, based on the request type, dispatch requests to the appropriate microservice for processing. The company is using Amazon API Gateway to deploy the API front end, and an AWS Lambda function that invokes Amazon DynamoDB to store user requests before dispatching them to the processing microservices.
The company provisioned as much DynamoDB throughput as its budget allows, but the company is still experiencing availability issues and is losing user requests.
What should a solutions architect do to address this issue without impacting existing users?
The company provisioned as much DynamoDB throughput as its budget allows, but the company is still experiencing availability issues and is losing user requests.
What should a solutions architect do to address this issue without impacting existing users?
Add throttling on the API Gateway with server-side throttling limits.
Use DynamoDB Accelerator (DAX) and Lambda to buffer writes to DynamoDB.
Create a secondary index in DynamoDB for the table with the user requests.
Use the Amazon Simple Queue Service (Amazon SQS) queue and Lambda to buffer writes to DynamoDB.
Define Performant Architectures
Design Cost-Optimized Architectures
A company plans to host a survey website on AWS. The company anticipates an unpredictable amount of traffic. This traffic results in asynchronous updates to the database. The company wants to ensure that writes to the database hosted on AWS do not get dropped.
How should the company write its application to handle these database requests?
How should the company write its application to handle these database requests?
Configure the application to publish to an Amazon Simple Notification Service (Amazon SNS) tope Subscribe the database to the SNS topic.
Configure the application to subscribe to an Amazon Simple Notification Service (Amazon SNS) topic. Publish the database updates to the SNS topic.
Use Amazon Simple Queue Service (Amazon SQS) FIFO queues to queue the database connection until the database has resources to write the data.
Use Amazon Simple Queue Service (Amazon SQS) FIFO queues for capturing the writes and drafting the queue as each write is made to the database.
Define Performant Architectures
Specify Secure Applications and Architectures
A company plans to host a survey website on AWS. The company anticipates an unpredictable amount of traffic. This traffic results in asynchronous updates to the database. The company wants to ensure that writes to the database hosted on AWS do not get dropped.
How should the company write its application to handle these database requests?
How should the company write its application to handle these database requests?
Configure the application to publish to an Amazon Simple Notification Service (Amazon SNS) topic. Subscribe the database to the SNS topic.
Configure the application to subscribe to an Amazon Simple Notification Service (Amazon SNS) topic. Publish the database updates to the SNS topic.
Use Amazon Simple Queue Service (Amazon SQS) FIFO queues to queue the database connection until the database has resources to write the data.
Use Amazon Simple Queue Service (Amazon SQS) FIFO queues for capturing the writes and draining the queue as each write is made to the database.
Design Resilient Architectures
Define Performant Architectures
A company plans to store sensitive user data on Amazon S3. Internal security compliance requirement mandate encryption of data before sending it to Amazon S3.
What should a solutions architect recommend to satisfy these requirements?
What should a solutions architect recommend to satisfy these requirements?
Server-side encryption with customer-provided encryption keys
Client-side encryption with Amazon S3 managed encryption keys
Server-side encryption with keys stored in AWS key Management Service (AWS KMS)
Client-side encryption with a master key stored in AWS Key Management Service (AWS KMS)
Specify Secure Applications and Architectures
Comments