Amazon (SAA-C03) Exam Questions And Answers page 41
A company s legacy application is currently relying on a single-instance Amazon RDS MySQL database without encryption. Due to new compliance requirements, all existing and new data in this database must be encrypted.
How should this be accomplished?
How should this be accomplished?
Enable RDS Multi-AZ mode with encryption at rest enabled. Perform a failover to the standby instance to delete the original instance.
Take a Snapshot of the RDS instance. Create an encrypted copy of the snapshot. Restore the RDS instance from the encrypted snapshot.
Create an RDS read replica with encryption at rest enabled. Promote the read replica to master and switch the application over to the new master. Delete the old RDS instance.
Specify Secure Applications and Architectures
A company s near-real-time streaming application is running on AWS. As the data is ingested, a job runs on the data and takes 30 minutes to complete. The workload frequently experiences high latency due to large amounts of incoming data. A solutions architect needs to design a scalable and serverless solution to enhance performance.
Which combination of steps should the solutions architect take? (Choose two.)
Which combination of steps should the solutions architect take? (Choose two.)
Use Amazon Kinesis Data Firehose to ingest the data.
Use AWS Lambda with AWS Step Functions to process the data.
Use AWS Database Migration Service (AWS DMS) to ingest the data.
Use Amazon EC2 instances in an Auto Scaling group to process the data.
Use AWS Fargate with Amazon Elastic Container Service (Amazon ECS) to process the data.
Define Performant Architectures
Specify Secure Applications and Architectures
A company's operations team has an existing Amazon S3 bucket configured to notify an Amazon SQS queue when new objects are created within the bucket. The development team also wants to receive events when new objects are created. The existing operations team workflow must remain intact.
Which solution would satisfy these requirements?
Which solution would satisfy these requirements?
Create another SQS queue. Update the S3 events in the bucket to also update the new queue when a new object is created.
Create a new SQS queue that only allows Amazon S3 to access the queue. Update Amazon S3 to update this queue when a new object is created.
Create an Amazon SNS topic and SQS queue for the bucket updates. Update the bucket to send events to the new topic. Updates both queues to poll Amazon SNS.
Create an Amazon SNS topic and SQS queue for the bucket updates. Update the bucket to send events to the new topic. Add subscriptions for both queues in the topic.
Design Resilient Architectures
Define Performant Architectures
A company s order fulfillment service uses a MySQL database. The database needs to support a large number of concurrent queries and transactions. Developers are spending time patching and tuning the database This is causing delays in releasing new product features.
The company wants to use cloud-based services to help address this new challenge. The solution must allow the developers to migrate the database with little or no code changes and must optimize performance.
Which service should a solutions architect use to meet these requirements?
The company wants to use cloud-based services to help address this new challenge. The solution must allow the developers to migrate the database with little or no code changes and must optimize performance.
Which service should a solutions architect use to meet these requirements?
Amazon Aurora
Amazon DynamoDB
Amazon ElastiCache
MySQL on Amazon EC2
Define Performant Architectures
Specify Secure Applications and Architectures
A company s order fulfillment service uses a MySQL database. The database needs to support a large number of concurrent queries and transactions. Developers are spending time patching and tuning the database. This is causing delays in releasing new product features.
The company wants to use cloud-based services to help address this new challenge. The solution must allow the developers to migrate the database with little or no code changes and must optimize performance.
Which service should a solutions architect use to meet these requirements?
The company wants to use cloud-based services to help address this new challenge. The solution must allow the developers to migrate the database with little or no code changes and must optimize performance.
Which service should a solutions architect use to meet these requirements?
Amazon Aurora
Amazon DynamoDB
Amazon ElastiCache
MySQL on Amazon EC2
Define Performant Architectures
Specify Secure Applications and Architectures
A company's packaged application dynamically creates and returns single-use text files in response to user requests. The company is using Amazon CloudFront for distribution, but wants to further reduce data transfer costs. The company cannot modify the application's source code.
What should a solutions architect do to reduce costs?
What should a solutions architect do to reduce costs?
Use Lambda@Edge to compress the files as they are sent to users.
Enable Amazon S3 Transfer Acceleration to reduce the response times.
Enable caching on the CloudFront distribution to store generated files at the edge.
Use Amazon S3 multipart uploads to move the files to Amazon S3 before returning them to users.
Design Cost-Optimized Architectures
A company s production application runs online transaction processing (OLTP) transactions on an Amazon RDS MySQL DB instance. The company is launching a new reporting tool that will access the same data. The reporting tool must be highly available and not impact the performance of the production application.
How can this be achieved?
How can this be achieved?
Create hourly snapshots of the production RDS DB instance.
Create a Multi-AZ RDS Read Replica of the production RDS DB instance.
Create multiple RDS Read Replicas of the production RDS DB instance. Place the Read Replicas in an Auto Scaling group.
Create a Single-AZ RDS Read Replica of the production RDS DB instance. Create a second Single-AZ RDS Read Replica from the replica.
Define Performant Architectures
Specify Secure Applications and Architectures
A company s security policy requires that all AWS API activity in its AWS accounts be recorded for periodic auditing. The company needs to ensure that AWS CloudTrail is enabled on all of its current and future AWS accounts using AWS Organizations.
Which solution is MOST secure?
Which solution is MOST secure?
At the organization s root, define and attach a service control policy (SCP) that permits enabling CloudTrail only.
Create IAM groups in the organization s management account as needed. Define and attach an IAM policy to the groups that prevents users from disabling CloudTrail.
Organize accounts into organizational units (OUs). At the organization s root, define and attach a service control policy (SCP) that prevents users from disabling CloudTrail.
Add all existing accounts under the organization s root. Define and attach a service control policy (SCP) to every account that prevents users from disabling CloudTrail.
Specify Secure Applications and Architectures
A company s security team requests that network traffic be captured in VPC Flow Logs. The logs will be frequently accessed for 90 days and then accessed intermittently.
What should a solutions architect do to meet these requirements when configuring the logs?
What should a solutions architect do to meet these requirements when configuring the logs?
Use Amazon CloudWatch as the target. Set the CloudWatch log group with an expiration of 90 days.
Use Amazon Kinesis as the target. Configure the Kinesis stream to always retain the logs for 90 days.
Use AWS CloudTrail as the target. Configure CloudTrail to save to an Amazon S3 bucket, and enable S3 Intelligent-Tiering.
Use Amazon S3 as the target. Enable an S3 Lifecycle policy to transition the logs to S3 Standard-Infrequent Access (S3 Standard-IA) after 90 days.
Specify Secure Applications and Architectures
Design Cost-Optimized Architectures
A company stores 200 GB of data each month in Amazon S3. The company needs to perform analytics on this data at the end of each month to determine the number of items sold in each sales region for the previous month.
Which analytics strategy is MOST cost-effective for the company to use?
Which analytics strategy is MOST cost-effective for the company to use?
Create an Amazon Elasticsearch Service (Amazon ES) cluster. Query the data in Amazon ES. Visualize the data by using Kibana.
Create a table in the AWS Glue Data Catalog. Query the data in Amazon S3 by using Amazon Athena. Visualize the data in Amazon QuickSight.
Create an Amazon EMR cluster. Query the data by using Amazon EMR, and store the results in Amazon S3. Visualize the data in Amazon QuickSight.
Create an Amazon Redshift cluster. Query the data in Amazon Redshift, and upload the results to Amazon S3. Visualize the data in Amazon QuickSight.
Design Cost-Optimized Architectures
Comments