Amazon (SAA-C03) Exam Questions And Answers page 35
A company recently deployed a new auditing system to centralize information about operating system versions, patching, and installed software for Amazon EC2 instances. A solutions architect must ensure all instances provisioned through EC2 Auto Scaling groups successfully send reports to the auditing system as soon as they are launched and terminated.
Which solution achieves these goals MOST efficiently?
Which solution achieves these goals MOST efficiently?
Use EC2 Auto Scaling lifecycle hooks to execute a custom script to send data to the audit system when instances are launched and terminated.
Use an EC2 Auto Scaling launch configuration to execute a custom script through user data to send data to the audit system when instances are launched and terminated.
Execute a custom script on the instance operating system to send data to the audit system. Configure the script to be executed by the EC2 Auto Scaling group when the instance starts and is terminated.
Define Performant Architectures
Design Cost-Optimized Architectures
A company recently deployed a two-tier application in two Availability Zones in the us-east-1 Region. The databases are deployed in a private subnet while the web servers are deployed in a public subnet. An internet gateway is attached to the VPC. The application and database run on Amazon EC2 instances. The database servers are unable to access patches on the internet. A solutions architect needs to design a solution that maintains database security with the least operational overhead.
Which solution meets these requirements?
Which solution meets these requirements?
Deploy a NAT gateway inside the public subnet for each Availability Zone and associate it with an Elastic IP address. Update the routing table of the private subnet to use it as the default route.
Deploy a NAT gateway inside the private subnet for each Availability Zone and associate it with an Elastic IP address. Update the routing table of the private subnet to use it as the default route.
Deploy two NAT instances inside the public subnet for each Availability Zone and associate them with Elastic IP addresses. Update the routing table of the private subnet to use it as the default route.
Deploy two NAT instances inside the private subnet for each Availability Zone and associate them with Elastic IP addresses. Update the routing table of the private subnet to use it as the default route.
Specify Secure Applications and Architectures
A company recently expanded globally and wants to make its application accessible to users in those geographic locations. The application is deployed on Amazon EC2 instances behind an Application Load Balancer in an Auto Scaling group. The company needs the ability shift traffic from resources in one region to another.
What should a solutions architect recommend?
What should a solutions architect recommend?
Configure an Amazon Route 53 latency routing policy.
Configure an Amazon Route 53 geolocation routing policy.
Configure an Amazon Route 53 geoproximity routing policy.
Configure an Amazon Route 53 multivalue answer routing policy.
Design Resilient Architectures
Define Performant Architectures
A company recently expanded globally and wants to make its application accessible to users in those geographic locations. The application is deployed on Amazon EC2 instances behind an Application Load Balancer in an Auto Scaling group. The company needs the ability to shift traffic from resources in one region to another.
What should a solutions architect recommend?
What should a solutions architect recommend?
Configure an Amazon Route 53 latency routing policy.
Configure an Amazon Route 53 geolocation routing policy.
Configure an Amazon Route 53 geoproximity routing policy.
Configure an Amazon Route 53 multivalue answer routing policy.
Design Resilient Architectures
Define Performant Architectures
A company recently implemented hybrid cloud connectivity using AWS Direct Connect and is migrating data to Amazon S3. The company is looking for a fully managed solution that will automate and accelerate the replication of data between the on-premises storage systems and AWS storage services.
Which solution should a solutions architect recommend to keep the data private?
Which solution should a solutions architect recommend to keep the data private?
Deploy an AWS DataSync agent for the on-premises environment. Configure a sync job to replicate the data and connect it with an AWS service endpoint.
Deploy an AWS DataSync agent for the on-premises environment. Schedule a batch job to replicate point-in-time snapshots to AWS.
Deploy an AWS Storage Gateway volume gateway for the on-premises environment. Configure it to store data locally, and asynchronously back up point-in-time snapshots to AWS.
Deploy an AWS Storage Gateway file gateway for the on-premises environment. Configure it to store data locally, and asynchronously back up point-in-time snapshots to AWS.
Specify Secure Applications and Architectures
A company recently launched a new service that involves medical images. The company scans the images and sends them from its on-premises data center through an AWS Direct Connect connection to Amazon EC2 instances. After processing is complete, the images are stored in an Amazon S3 bucket.
A company requirement states that the EC2 instances cannot be accessible through the internet. The EC2 instances run in a private subnet, which has a default route back to the on-premises data center for outbound internet access.
Usage of the new service is increasing rapidly. A solutions architect must recommend a solution that meets the company s requirements and reduces the Direct Connect charges.
Which solution accomplishes these goals MOST cost-effectively?
A company requirement states that the EC2 instances cannot be accessible through the internet. The EC2 instances run in a private subnet, which has a default route back to the on-premises data center for outbound internet access.
Usage of the new service is increasing rapidly. A solutions architect must recommend a solution that meets the company s requirements and reduces the Direct Connect charges.
Which solution accomplishes these goals MOST cost-effectively?
Configure a VPC endpoint for Amazon S3. Add an entry to the private subnet s route table for the S3 endpoint.
Configure a NAT gateway in a public subnet. Configure the private subnet s route table to use the NAT gateway.
Configure Amazon S3 as a file system mount point on the EC2 instances. Access Amazon S3 through the mount.
Move the EC2 instances into a public subnet. Configure the public subnet route table to point to an internet gateway.
Design Cost-Optimized Architectures
A company recently launched its website to serve content to its global user base. The company wants to store and accelerate the delivery of static content to its users by leveraging Amazon CloudFront with an Amazon EC2 instance attached as its origin.
How should a solutions architect optimize high availability for the application?
How should a solutions architect optimize high availability for the application?
Use Lambda@Edge for CloudFront.
Use Amazon S3 Transfer Acceleration for CloudFront.
Configure another EC2 instance in a different Availability Zone as part of the origin group.
Configure another EC2 instance as part of the origin server cluster in the same Availability Zone.
Design Resilient Architectures
A company recently launched Linux-based application instances on Amazon EC2 in a private subnet and launched a Linux-based bastion host on an Amazon EC2 instance in a public subnet of a VPC. A solutions architect needs to connect from the on-premises network, through the company s internet connection, to the bastion host, and to the application servers. The solutions architect must make sure that the security groups of all the EC2 instances will allow that access.
Which combination of steps should the solutions architect take to meet these requirements? (Choose two.)
Which combination of steps should the solutions architect take to meet these requirements? (Choose two.)
Replace the current security group of the bastion host with one that only allows inbound access from the application instances.
Replace the current security group of the bastion host with one that only allows inbound access from the internal IP range for the company.
Replace the current security group of the bastion host with one that only allows inbound access from the external IP range for the company.
Replace the current security group of the application instances with one that allows inbound SSH access from only the private IP address of the bastion host.
Replace the current security group of the application instances with one that allows inbound SSH access from only the public IP address of the bastion host.
Define Performant Architectures
Specify Secure Applications and Architectures
A company recently migrated a message processing system to AWS. The system receives messages into an ActiveMQ queue running on an Amazon EC2 instance. Messages are processed by a consumer application running on Amazon EC2. The consumer application processes the messages and writes results to a MySQL database running on Amazon EC2. The company wants this application to be highly available with low operational complexity.
Which architecture offers the HIGHEST availability?
Which architecture offers the HIGHEST availability?
Add a second ActiveMQ server to another Availability Zone. Add an additional consumer EC2 instance in another Availability Zone. Replicate the MySQL database to another Availability Zone.
Use Amazon MQ with active/standby brokers configured across two Availability Zones. Add an additional consumer EC2 instance in another Availability Zone. Replicate the MySQL database to another Availability Zone.
Use Amazon MQ with active/standby brokers configured across two Availability Zones. Add an additional consumer EC2 instance in another Availability Zone. Use Amazon RDS for MySQL with Multi-AZ enabled.
Use Amazon MQ with active/standby brokers configured across two Availability Zones. Add an Auto Scaling group for the consumer EC2 instances across two Availability Zones. Use Amazon RDS for MySQL with Multi-AZ enabled.
Design Resilient Architectures
Define Performant Architectures
A company recently migrated a message processing system to AWS. The system receives messages into an ActiveMQ queue running on an Amazon EC2 instance. Messages are processed by a consumer application running on Amazon EC2. The consumer application processes the messages and writes results to a MySQL database running on Amazon EC2. The company wants this application to be highly available with low operational complexity.
Which architecture offers the HIGHEST availability?
Which architecture offers the HIGHEST availability?
Add a second ActiveMQ server to another Availability Zone. Add an additional consumer EC2 instance in another Availability Zone Replicate the MySQL database to another Availability Zone.
Use Amazon MQ with active/standby brokers configured across two Availability Zones. Add an additional consumer EC2 instance in another Availability Zone. Replicate the MySQL database to another Availability Zone.
Use Amazon MQ with active/standby brokers configured across two Availability Zones. Add an additional consumer EC2 instance in another Availability Zone. Use Amazon RDS for MySQL with Multi-AZ enabled.
Use Amazon MQ with active/standby brokers configured across two Availability Zones. Add an Auto Scaling group for the consumer EC2 instances across two Availability Zones. Use Amazon RDS for MySQL with Multi-AZ enabled.
Design Resilient Architectures
Define Performant Architectures
Comments