Amazon (SAA-C03) Exam Questions And Answers page 7
A company has an application that uses Amazon Elastic File System (Amazon EFS) to store data. The files are 1 GB in size or larger and are accessed often only for the first few days after creation. The application data is shared across a cluster of Linux servers. The company wants to reduce storage costs tor the application.
What should a solutions architect do to meet these requirements?
What should a solutions architect do to meet these requirements?
Move the files from Amazon EFS and store them locally on each Amazon EC2 instance.
Configure a Lifecycle policy to move the files to the EFS Infrequent Access (IA) storage class after 7 days.
Move the files to Amazon S3 with S3 lifecycle policies enabled. Rewrite the application to support mounting the S3 bucket.
Design Cost-Optimized Architectures
A company has an application that uses overnight digital images of products on store shelves to analyze inventory data. The application runs on Amazon EC2 instances behind an Application Load Balancer (ALB) and obtains the images from an Amazon S3 bucket for its metadata to be processed by worker nodes for analysis. A solutions architect needs to ensure that every image is processed by the worker nodes.
What should the solutions architect do to meet this requirement in the MOST cost-efficient way?
What should the solutions architect do to meet this requirement in the MOST cost-efficient way?
Send the image metadata from the application directly to a second ALB for the worker nodes that use an Auto Scaling group of EC2 Spot Instances as the target group.
Process the image metadata by sending it directly to EC2 Reserved Instances in an Auto Scaling group. With a dynamic scaling policy, use an Amazon CloudWatch metric for average CPU utilization of the Auto Scaling group as soon as the front-end application obtains the images.
Write messages to Amazon Simple Queue Service (Amazon SQS) when the front-end application obtains an image. Process the images with EC2 On-Demand instances in an Auto Scaling group with instance scale-in protection and a fixed number of instances with periodic health checks.
Write messages to Amazon Simple Queue Service (Amazon SQS) when the application obtains an image. Process the images with EC2 Spot Instances in an Auto Scaling group with instance scale-in protection and a dynamic scaling policy using a custom Amazon CloudWatch metric for the current number of messages in the queue.
Design Cost-Optimized Architectures
A company has an application with a REST-based interface that allows data to be received in near-real time from a third-party vendor. Once received, the application processes and stores the data for further analysis. The application is running on Amazon EC2 instances.
The third-party vendor has received many 503 Service Unavailable Errors when sending data to the application. When the data volume spikes, the compute capacity reaches its maximum limit and the application is unable to process all requests.
Which design should a solutions architect recommend to provide a more scalable solution?
The third-party vendor has received many 503 Service Unavailable Errors when sending data to the application. When the data volume spikes, the compute capacity reaches its maximum limit and the application is unable to process all requests.
Which design should a solutions architect recommend to provide a more scalable solution?
Use Amazon Kinesis Data Streams to ingest the data. Process the data using AWS Lambda functions.
Use Amazon API Gateway on top of the existing application. Create a usage plan with a quota limit for the third-party vendor.
Use Amazon Simple Notification Service (Amazon SNS) to ingest the data. Put the EC2 instances in an Auto Scaling group behind an Application Load Balancer.
Repackage the application as a container. Deploy the application using Amazon Elastic Container Service (Amazon ECS) using the EC2 launch type with an Auto Scaling group.
Design Resilient Architectures
Define Performant Architectures
A company has an application workflow that uses an AWS Lambda function to download and decrypt files from Amazon S3. These files are encrypted using AWS Key Management Service Customer Master Keys (AWS KMS CMKs). A solutions architect needs to design a solution that will ensure the required permissions are set correctly.
Which combination of actions accomplish this? (Choose two.)
Which combination of actions accomplish this? (Choose two.)
Attach the kms:decrypt permission to the Lambda function s resource policy.
Grant the decrypt permission for the Lambda IAM role in the KMS key s policy.
Grant the decrypt permission for the Lambda resource policy in the KMS key s policy.
Create a new IAM policy with the kms:decrypt permission and attach the policy to the Lambda function.
Create a new IAM role with the kms:decrypt permission and attach the execution role to the Lambda function.
Define Performant Architectures
Specify Secure Applications and Architectures
A company has an automobile sales website that stores its listings in a database on Amazon RDS. When an automobile is sold, the listing needs to be removed from the website and the data must be sent to multiple target systems.
Which design should a solutions architect recommend?
Which design should a solutions architect recommend?
Create an AWS Lambda function triggered when the database on Amazon RDS is updated to send the information to an Amazon Simple Queue Service (Amazon SQS) queue for the targets to consume.
Create an AWS Lambda function triggered when the database on Amazon RDS is updated to send the information to an Amazon Simple Queue Service (Amazon SQS) FIFO queue for the targets to consume.
Subscribe to an RDS event notification and send an Amazon Simple Queue Service (Amazon SQS) queue fanned out to multiple Amazon Simple Notification Service (Amazon SNS) topics. Use AWS Lambda functions to update the targets.
Subscribe to an RDS event notification and send an Amazon Simple Notification Service (Amazon SNS) topic fanned out to multiple Amazon Simple Queue Service (Amazon SQS) queues. Use AWS Lambda functions to update the targets.
Define Performant Architectures
Specify Secure Applications and Architectures
A company has an AWS account used for software engineering. The AWS account has access to the company s on-premises data center through a pair of AWS Direct Connect connections. All non-VPC traffic routes to the virtual private gateway.
A development team recently created an AWS Lambda function through the console. The development team needs to allow the function to access a database that runs in a private subnet in the company s data center.
Which solution will meet these requirements?
A development team recently created an AWS Lambda function through the console. The development team needs to allow the function to access a database that runs in a private subnet in the company s data center.
Which solution will meet these requirements?
Configure the Lambda function to run in the VPC with the appropriate security group.
Set up a VPN connection from AWS to the data center. Route the traffic from the Lambda function through the VPN.
Update the route tables in the VPC to allow the Lambda function to access the on-premises data center through Direct Connect.
Create an Elastic IP address. Configure the Lambda function to send traffic through the Elastic IP address without an elastic network interface.
Define Performant Architectures
Design Cost-Optimized Architectures
A company has an AWS Lambda function that needs read access to an Amazon S3 bucket that is located in the same AWS account.
Which solution will meet these requirements in the MOST secure manner?
Which solution will meet these requirements in the MOST secure manner?
Apply an S3 bucket policy that grants read access to the S3 bucket.
Apply an IAM role to the Lambda function. Apply an IAM policy to the role to grant read access to the S3 bucket.
Embed an access key and a secret key in the Lambda function s code to grant the required IAM permissions for read access to the S3 bucket.
Apply an IAM role to the Lambda function. Apply an IAM policy to the role to grant read access to all S3 buckets in the account.
Specify Secure Applications and Architectures
A company has an ecommerce application running in a single VPC. The application stack has a single web server and an Amazon RDS Multi-AZ DB instance.
The company launches new products twice a month. This increases website traffic by approximately 400% for a minimum of 72 hours. During product launches, users experience slow response times and frequent timeout errors in their browsers.
What should a solutions architect do to mitigate the slow response times and timeout errors while minimizing operational overhead?
The company launches new products twice a month. This increases website traffic by approximately 400% for a minimum of 72 hours. During product launches, users experience slow response times and frequent timeout errors in their browsers.
What should a solutions architect do to mitigate the slow response times and timeout errors while minimizing operational overhead?
Increase the instance size of the web server.
Add an Application Load Balancer and an additional web server.
Add Amazon EC2 Auto Scaling and an Application Load Balancer.
Deploy an Amazon ElastiCache cluster to store frequently accessed data.
Design Resilient Architectures
Define Performant Architectures
A company has an ecommerce application that stores data in an on-premises SQL database. The company has decided to migrate this database to AWS. However, as part of the migration, the company wants to find a way to attain sub-millisecond responses to common read requests.
A solutions architect knows that the increase in speed is paramount and that a small percentage of stale data returned in the database reads is acceptable.
What should the solutions architect recommend?
A solutions architect knows that the increase in speed is paramount and that a small percentage of stale data returned in the database reads is acceptable.
What should the solutions architect recommend?
Build Amazon RDS read replicas.
Build the database as a larger instance type.
Build a database cache using Amazon ElastiCache.
Build a database cache using Amazon Elasticsearch Service (Amazon ES).
Define Performant Architectures
A company has an image processing workload running on Amazon Elastic Container Service (Amazon ECS) in two private subnets. Each private subnet uses a NAT instance for internet access. All images are stored in Amazon S3 buckets. The company is concerned about the data transfer costs between Amazon ECS and Amazon S3.
What should a solutions architect do to reduce costs?
What should a solutions architect do to reduce costs?
Configure a NAT gateway to replace the NAT instances.
Configure a gateway endpoint for traffic destined to Amazon S3.
Configure an interface endpoint for traffic destined to Amazon S3.
Configure Amazon CloudFront for the S3 bucket storing the images.
Design Cost-Optimized Architectures
Comments