Exam Logo

Amazon (SAP-C01) Exam Questions And Answers page 14

A company is launching a new web application on Amazon EC2 instances. Development and production workloads exist in separate AWS accounts.

According to the company s security requirements, only automated configuration tools are allowed to access the production account. The company s security team wants to receive immediate notification if any manual access to the production AWS account or EC2 instances occurs.

Which combination of actions should a solutions architect take in the production account to meet these requirements? (Choose three.)
Designing highly available, cost-efficient, fault-tolerant, scalable systems Designing for security and compliance
A company is launching a new web application on Amazon EC2 instances. Development and production workloads exist in separate AWS accounts.

According to the company s security requirements, only automated configuration tools are allowed to access the production account. The company s security team wants to receive immediate notification if any manual access to the production AWS account or EC2 instances occurs.

Which combination of actions should a solutions architect take in the production account to meet these requirements? (Choose three.)
Designing highly available, cost-efficient, fault-tolerant, scalable systems Designing for security and compliance
A company is launching a web-based application in multiple regions around the world. The application consists of both static content stored in a private Amazon S3 bucket and dynamic content hosted in Amazon ECS containers content behind an Application Load Balancer (ALB). The company requires that the static and dynamic application content be accessible through Amazon CloudFront only.

Which combination of steps should a solutions architect recommend to restrict direct content access to CloudFront? (Choose three.)
Designing highly available, cost-efficient, fault-tolerant, scalable systems Designing enterprise-wide scalable operations on AWS
A company is manually deploying its application to production and wants to move to a more mature deployment pattern. The company has asked a solutions architect to design a solution that leverages its current Chef tools and knowledge. The application must be deployed to a staging environment for testing and verification before being deployed to production. Any new deployment must be rolled back in 5 minutes if errors are discovered after a deployment.

Which AWS service and deployment pattern should the solutions architect use to meet these requirements?
Designing highly available, cost-efficient, fault-tolerant, scalable systems Designing enterprise-wide scalable operations on AWS
A company is migrating a legacy application from an on-premises data center to AWS. The application consists of a single application server and a Microsoft SQL Server database server. Each server is deployed on a VMware VM that consumes 500 TB of data across multiple attached volumes.

The company has established a 10 Gbps AWS Direct Connect connection from the closest AWS Region to its on-premises data center. The Direct Connect connection is not currently in use by other services.

Which combination of steps should a solutions architect take to migrate the application with the LEAST amount of downtime? (Choose two.)
Migrating complex, multi-tier applications on AWS Designing enterprise-wide scalable operations on AWS
A company is migrating an application to AWS. It wants to use fully managed services as much as possible during the migration. The company needs to store large, important documents within the application with the following requirements:

• The data must be highly durable and available.
• The data must always be encrypted at rest and in transit.
• The encryption key must be managed by the company and rotated periodically.

Which of the following solutions should the Solutions Architect recommend?
Designing enterprise-wide scalable operations on AWS Designing for security and compliance
A company is migrating an application to the AWS Cloud. The application runs in an on-premises data center and writes thousands of images into a mounted NFS file system each night. After the company migrates the application, the company will host the application on an Amazon EC2 instance with a mounted Amazon Elastic File System (Amazon EFS) file system.

The company has established an AWS Direct Connect connection to AWS. Before the migration cutover, a solutions architect must build a process that will replicate the newly created on-premises images to the EFS file system.

What is the MOST operationally efficient way to replicate the images?
Designing enterprise-wide scalable operations on AWS Designing for security and compliance
A company is migrating applications from on premises to the AWS Cloud. These applications power the company s internal web forms. These web forms collect data for specific events several times each quarter. The web forms use simple SQL statements to save the data to a local relational database.

Data collection occurs for each event, and the on-premises servers are idle most of the time. The company needs to minimize the amount of idle infrastructure that supports the web forms.

Which solution will meet these requirements?
Designing highly available, cost-efficient, fault-tolerant, scalable systems Designing enterprise-wide scalable operations on AWS
A company is migrating a subset of its application APIs from Amazon EC2 instances to run on a serverless infrastructure. The company has set up Amazon API Gateway, AWS Lambda, and Amazon DynamoDB for the new application. The primary responsibility of the Lambda function is to obtain data from a third-party Software as a Service (SaaS) provider. For consistency, the Lambda function is attached to the same virtual private cloud (VPC) as the original EC2 instances.

Test users report an inability to use this newly moved functionality, and the company is receiving 5xx errors from API Gateway. Monitoring reports from the SaaS provider shows that the requests never made it to its systems. The company notices that Amazon CloudWatch Logs are being generated by the Lambda functions. When the same functionality is tested against the EC2 systems, it works as expected.

What is causing the issue?
Designing highly available, cost-efficient, fault-tolerant, scalable systems Implementing cost control strategies
A company is migrating its applications to AWS. The applications will be deployed to AWS accounts owned by business units. The company has several teams of developers who are responsible for the development and maintenance of all applications. The company is expecting rapid growth in the number of users.

The company's chief technology officer has the following requirements:

• Developers must launch the AWS infrastructure using AWS CloudFormation.
• Developers must not be able to create resources outside of CloudFormation.
• The solution must be able to scale to hundreds of AWS accounts.

Which of the following would meet these requirements? (Choose two.)
Designing highly available, cost-efficient, fault-tolerant, scalable systems Designing enterprise-wide scalable operations on AWS