Amazon (SAA-C03) Exam Questions And Answers page 54
An ecommerce company is creating an application that requires a connection to a third-party payment service to process payments. The payment service needs to explicitly allow the public IP address of the server that is making the payment request. However, the company s security policies do not allow any server to be exposed directly to the public internet.
Which solution will meet these requirements?
Which solution will meet these requirements?
Create a NAT gateway in a public subnet. Host the application servers on Amazon EC2 instances in a private subnet. Route payment requests through the NAT gateway.
Deploy an Application Load Balancer (ALB). Host the application servers on Amazon EC2 instances in a private subnet. Route the payment requests through the ALB.
Set up an AWS Client VPN connection to the payment service. Host the application servers on Amazon EC2 instances in a private subnet. Route the payment requests through the VPN.
Define Performant Architectures
Specify Secure Applications and Architectures
An ecommerce company is experiencing an increase in user traffic. The company s store is deployed on Amazon EC2 instances as a two-tier two application consisting of a web tier and a separate database tier. As traffic increases, the company notices that the architecture is causing significant delays in sending timely marketing and order confirmation email to users. The company wants to reduce the time it spends resolving complex email delivery issues and minimize operational overhead.
What should a solutions architect do to meet these requirements?
What should a solutions architect do to meet these requirements?
Create a separate application tier using EC2 instances dedicated to email processing.
Configure the web instance to send email through Amazon Simple Email Service (Amazon SES).
Configure the web instance to send email through Amazon Simple Notification Service (Amazon SNS).
Create a separate application tier using EC2 instances dedicated to email processing. Place the instances in an Auto Scaling group.
Design Resilient Architectures
Define Performant Architectures
An ecommerce company is running a multi-tier application on AWS. The front-end and backend tiers both run on Amazon EC2, and the database runs on Amazon RDS for MySQL. The backend tier communicates with the RDS instance. There are frequent calls to return identical datasets from the database that are causing performance slowdowns.
Which action should be taken to improve the performance of the backend?
Which action should be taken to improve the performance of the backend?
Implement Amazon SNS to store the database calls.
Implement Amazon ElastiCache to cache the large datasets.
Implement an RDS for MySQL read replica to cache database calls.
Implement Amazon Kinesis Data Firehose to stream the calls to the database.
Define Performant Architectures
An ecommerce company needs to run a scheduled daily job to aggregate and filter sales records for analytics. The company stores the sales records in an Amazon S3 bucket. Each object can be up to 10 GB in size. Based on the number of sales events, the job can take up to an hour to complete. The CPU and memory usage of the job are constant and are known in advance.
A solutions architect needs to minimize the amount of operational effort that is needed for the job to run.
Which solution meets these requirements?
A solutions architect needs to minimize the amount of operational effort that is needed for the job to run.
Which solution meets these requirements?
Create an AWS Lambda function that has an Amazon EventBridge (Amazon CloudWatch Events) notification. Schedule the EventBridge (CloudWatch Events) event to run once a day.
Create an AWS Lambda function. Create an Amazon API Gateway HTTP API. and integrate the API with the function. Create an Amazon EventBridge (Amazon CloudWatch Events) scheduled event that calls the API and invokes the function.
Create an Amazon Elastic Container Service (Amazon ECS) cluster with an AWS Fargate launch type. Create an Amazon EventBridge (Amazon CloudWatch Events) scheduled event that launches an ECS task on the cluster to run the job.
Create an Amazon Elastic Container Service (Amazon ECS) cluster with an Amazon EC2 launch type and an Auto Scaling group with at least one EC2 instance. Create an Amazon EventBridge (Amazon CloudWatch Events) scheduled event that launches an ECS task on the cluster to run the job.
Define Performant Architectures
Design Cost-Optimized Architectures
An ecommerce website is deploying its web application as Amazon Elastic Container Service (Amazon ECS) container instances behind an Application Load Balancer (ALB). During periods of high activity, the website slows down and availability is reduced. A solutions architect uses Amazon CloudWatch alarms to receive notifications whenever there is an availability issue so they can scale out resources. Company management wants a solution that automatically responds to such events.
Which solution meets these requirements?
Which solution meets these requirements?
Set up AWS Auto Scaling to scale out the ECS service when there are timeouts on the ALB. Set up AWS Auto Scaling to scale out the ECS cluster when the CPU or memory reservation is too high.
Set up AWS Auto Scaling to scale out the ECS service when the ALB CPU utilization is too high. Setup AWS Auto Scaling to scale out the ECS cluster when the CPU or memory reservation is too high.
Set up AWS Auto Scaling to scale out the ECS service when the service s CPU utilization is too high. Set up AWS Auto Scaling to scale out the ECS cluster when the CPU or memory reservation is too high.
Set up AWS Auto Scaling to scale out the ECS service when the ALB target group CPU utilization is too high. Set up AWS Auto Scaling to scale out the ECS cluster when the CPU or memory reservation is too high.
Design Resilient Architectures
Define Performant Architectures
An engineering team is developing and deploying AWS Lambda functions. The team needs to create roles and manage policies in AWS IAM to configure the permissions of the Lambda functions.
How should the permissions for the team be configured so they also adhere to the concept of least privilege?
How should the permissions for the team be configured so they also adhere to the concept of least privilege?
Create an IAM role with a managed policy attached. Allow the engineering team and the Lambda functions to assume this role.
Create an IAM group for the engineering team with an IAMFullAccess policy attached. Add all the users from the team to this IAM group.
Create an execution role for the Lambda functions. Attach a managed policy that has permission boundaries specific to these Lambda functions.
Create an IAM role with a managed policy attached that has permission boundaries specific to the Lambda functions. Allow the engineering team to assume this role.
Define Performant Architectures
Specify Secure Applications and Architectures
An entertainment company is using Amazon DynamoDB to store media metadata. The application is read intensive and experiencing delays. The company does not have staff to handle additional operational overhead and needs to improve the performance efficiency of DynamoDB without reconfiguring the application.
What should a solutions architect recommend to meet this requirement?
What should a solutions architect recommend to meet this requirement?
Use Amazon ElastiCache for Redis.
Use Amazon DynamoDB Accelerator (DAX).
Replicate data by using DynamoDB global tables.
Use Amazon ElastiCache for Memcached with Auto Discovery enabled.
Define Performant Architectures
A new employee has joined a company as a deployment engineer. The deployment engineer will be using AWS CloudFormation templates to create multiple AWS resources. A solutions architect wants the deployment engineer to perform job activities while following the principle of least privilege.
Which combination of actions should the solutions architect take to accomplish this goal? (Choose two.)
Which combination of actions should the solutions architect take to accomplish this goal? (Choose two.)
Have the deployment engineer use AWS account roof user credentials for performing AWS CloudFormation stack operations.
Create a new IAM user for the deployment engineer and add the IAM user to a group that has the PowerUsers IAM policy attached.
Create a new IAM user for the deployment engineer and add the IAM user to a group that has the Administrate/Access IAM policy attached.
Create a new IAM User for the deployment engineer and add the IAM user to a group that has an IAM policy that allows AWS CloudFormation actions only.
Create an IAM role for the deployment engineer to explicitly define the permissions specific to the AWS CloudFormation stack and launch stacks using Dial IAM role.
Define Performant Architectures
Specify Secure Applications and Architectures
A new employee has joined a company as a deployment engineer. The deployment engineer will be using AWS CloudFormation templates to create multiple AWS resources. A solutions architect wants the deployment engineer to perform job activities while following the principle of least privilege.
Which combination of actions should the solutions architect take to accomplish this goal? (Choose two.)
Which combination of actions should the solutions architect take to accomplish this goal? (Choose two.)
Have the deployment engineer use AWS account roof user credentials for performing AWS CloudFormation stack operations.
Create a new IAM user for the deployment engineer and add the IAM user to a group that has the PowerUsers IAM policy attached.
Create a new IAM user for the deployment engineer and add the IAM user to a group that has the Administrate/Access IAM policy attached.
Create a new IAM User for the deployment engineer and add the IAM user to a group that has an IAM policy that allows AWS CloudFormation actions only.
Create an IAM role for the deployment engineer to explicitly define the permissions specific to the AWS CloudFormation stack and launch stacks using Dial IAM role.
Define Performant Architectures
Specify Secure Applications and Architectures
A news company that has reporters all over the world is hosting its broadcast system on AWS. The reporters send live broadcasts to the broadcast system. The reporters use software on their phones to send live streams through the Real Time Messaging Protocol (RTMP).
A solutions architect must design a solution that gives the reporters the ability to send the highest quality streams. The solution must provide accelerated TCP connections back to the broadcast system.
What should the solutions architect use to meet these requirements?
A solutions architect must design a solution that gives the reporters the ability to send the highest quality streams. The solution must provide accelerated TCP connections back to the broadcast system.
What should the solutions architect use to meet these requirements?
Amazon CloudFront
AWS Global Accelerator
AWS Client VPN
Amazon EC2 instances and AWS Elastic IP addresses
Design Resilient Architectures
Define Performant Architectures
Comments