Amazon (SAA-C03) Exam Questions And Answers page 60
A solutions architect is designing a solution to access a catalog of images and provide users with the ability to submit requests to customize images. Image customization parameters will be in any request sent to an AWS API Gateway API. The customized image will be generated on demand, and users will receive a link they can click to view or download their customized image. The solution must be highly available for viewing and customizing images.
What is the MOST cost-effective solution to meet these requirements?
What is the MOST cost-effective solution to meet these requirements?
Use AWS Lambda to manipulate the original image to the requested customizations. Store the original and manipulated images in Amazon S3. Configure an Amazon CloudFront distribution with the S3 bucket as the origin.
Use AWS Lambda to manipulate the original image to the requested customizations. Store the original images in Amazon S3 and the manipulated images in Amazon DynamoDB. Configure an Elastic Load Balancer in front of the Amazon EC2 instances.
Use Amazon EC2 instances to manipulate the original image into the requested customizations. Store the original images in Amazon S3 and the manipulated images in Amazon DynamoDB. Configure an Amazon CloudFront distribution with the S3 bucket as the origin.
Design Cost-Optimized Architectures
A solutions architect is designing a solution where users will be directed to a backup static error page if the primary website is unavailable. The primary website s DNS records are hosted in Amazon Route 53 where their domain is pointing to an Application Load Balancer (ALB).
Which configuration should the solutions architect use to meet the company s needs while minimizing changes and infrastructure overhead?
Which configuration should the solutions architect use to meet the company s needs while minimizing changes and infrastructure overhead?
Point a Route 53 alias record to an Amazon CloudFront distribution with the ALB as one of its origins. Then, create custom error pages for the distribution.
Set up a Route 53 active-passive failover configuration. Direct traffic to a static error page hosted within an Amazon S3 bucket when Route 53 health checks determine that the ALB endpoint is unhealthy.
Update the Route 53 record to use a latency-based routing policy. Add the backup static error page hosted within an Amazon S3 bucket to the record so the traffic is sent to the most responsive endpoints.
Set up a Route 53 active-active configuration with the ALB and an Amazon EC2 instance hosting a static error page as endpoints. Route 53 will only send requests to the instance if the health checks fail for the ALB.
Design Resilient Architectures
Define Performant Architectures
A solutions architect is designing a system to analyze the performance of financial markets while the markets are closed. The system will run a series of compute-intensive jobs for 4 hours every night. The time to complete the compute jobs is expected to remain constant, and jobs cannot be interrupted once started. Once completed, the system is expected to run for a minimum of 1 year.
Which type of Amazon EC2 instances should be used to reduce the cost of the system?
Which type of Amazon EC2 instances should be used to reduce the cost of the system?
Spot Instances
On-Demand Instances
Standard Reserved Instances
Scheduled Reserved Instances
Design Cost-Optimized Architectures
A solutions architect is designing a two-tiered architecture that has separate private subnets for compute resources and the database. An AWS Lambda function that is deployed in the compute subnets needs connectivity to the database.
Which solution will provide this connectivity in the MOST secure way?
Which solution will provide this connectivity in the MOST secure way?
Configure the Lambda function to use Amazon RDS Proxy outside the VPC.
Associate a security group with the Lambda function. Authorize this security group in the database's security group.
Authorize the compute subnet s CIDR ranges in the database's security group.
During the initialization phase, authorize all IP addresses in the database's security group temporarily. Remove the rule after the initialization is complete.
Specify Secure Applications and Architectures
A solutions architect is designing a two-tier web application. The application consists of a public-facing web tier hosted on Amazon EC2 in public subnets. The database tier consists of Microsoft SQL Server running on Amazon EC2 in a private subnet. Security is a high priority for the company.
How should security groups be configured in this situation? (Choose two.)
How should security groups be configured in this situation? (Choose two.)
Configure the security group for the web tier to allow inbound traffic on port 443 from 0.0.0.0/0.
Configure the security group for the web tier to allow outbound traffic on port 443 from 0.0.0.0/0.
Configure the security group for the database tier to allow inbound traffic on port 1433 from the security group for the web tier.
Configure the security group for the database tier to allow outbound traffic on ports 443 and 1433 to the security group for the web tier.
Configure the security group for the database tier to allow inbound traffic on ports 443 and 1433 from the security group for the web tier.
Specify Secure Applications and Architectures
Design Cost-Optimized Architectures
A solutions architect is designing a VPC with public and private subnets. The VPC and subnets use IPv4 CIDR blocks. There is one public subnet and one private subnet in each of three Availability Zones (AZs) for high availability. An internet gateway is used to provide internet access for the public subnets. The private subnets require access to the internet to allow Amazon EC2 instances to download software updates.
What should the solutions architect do to enable internet access for the private subnets?
What should the solutions architect do to enable internet access for the private subnets?
Create three NAT gateways, one for each public subnet in each AZ. Create a private route table for each AZ that forwards non-VPC traffic to the NAT gateway in its AZ.
Create three NAT instances, one for each private subnet in each AZ. Create a private route table for each AZ that forwards non-VPC traffic to the NAT instance in its AZ.
Create a second internet gateway on one of the private subnets. Update the route table for the private subnets that forward non-VPC traffic to the private internet gateway.
Create an egress-only internet gateway on one of the public subnets. Update the route table for the private subnets that forward non-VPC traffic to the egress-only internet gateway.
Define Performant Architectures
A solutions architect is designing a web application that will run on Amazon EC2 instances behind an Application Load Balancer (ALB). The company strictly requires that the application be resilient against malicious internet activity and attacks, and protect against new common vulnerabilities and exposures.
What should the solutions architect recommend?
What should the solutions architect recommend?
Leverage Amazon CloudFront with the ALB endpoint as the origin.
Deploy an appropriate managed rule for AWS WAF and associate it with the ALB.
Subscribe to AWS Shield Advanced and ensure common vulnerabilities and exposures are blocked.
Configure network ACLs and security groups to allow only ports 80 and 443 to access the EC2 instances.
Design Resilient Architectures
Specify Secure Applications and Architectures
A solutions architect is designing a workload that will store hourly energy consumption by business tenants in a building. The sensors will feed a database through HTTP requests that will add up usage for each tenant. The solutions architect must use managed services when possible. The workload will receive more features in the future as the solutions architect adds independent components.
Which solution will meet these requirements with the LEAST operational overhead?
Which solution will meet these requirements with the LEAST operational overhead?
Use Amazon API Gateway with AWS Lambda functions to receive the data from the sensors, process the data, and store the data in an Amazon DynamoDB table.
Use an Elastic Load Balancer that is supported by an Auto Scaling group of Amazon EC2 instances to receive and process the data from the sensors. Use an Amazon S3 bucket to store the processed data.
Use Amazon API Gateway with AWS Lambda functions to receive the data from the sensors, process the data, and store the data in a Microsoft SQL Server Express database on an Amazon EC2 instance.
Use an Elastic Load Balancer that is supported by an Auto Scaling group of Amazon EC2 instances to receive and process the data from the sensors. Use an Amazon Elastic File System (Amazon EFS) shared file system to store the processed data.
Design Resilient Architectures
Define Performant Architectures
A solutions architect is designing storage for a high performance computing (HPC) environment based on Amazon Linux. The workload stores and processes a large amount of engineering drawings that require shared storage and heavy computing.
Which storage option would be the optimal solution?
Which storage option would be the optimal solution?
Amazon Elastic File System (Amazon EFS)
Amazon FSx for Lustre
Amazon EC2 instance store
Amazon Elastic Block Store (Amazon EBS) Provisioned IOPS SSD (io1)
Define Performant Architectures
A solutions architect is designing storage for a high performance computing (HPC) environment based on Amazon Linux. The workload stores and processes a large amount of engineering drawings that require shared storage and heavy computing.
Which storage option would be the optimal solution?
Which storage option would be the optimal solution?
Amazon Elastic File System (Amazon EFS)
Amazon FSx for Lustre
Amazon EC2 instance store
Amazon EBS Provisioned IOPS SSD (io1)
Define Performant Architectures
Comments