Exam Logo

Amazon (SAP-C01) Exam Questions And Answers page 50

A Solutions Architect needs to design a highly available application that will allow authenticated users to stay connected to the application even when there are underlying failures.

Which solution will meet these requirements?
Designing highly available, cost-efficient, fault-tolerant, scalable systems Designing for security and compliance
A solutions architect needs to implement a client-side encryption mechanism for objects that will be stored in a new Amazon S3 bucket. The solutions architect created a CMK that is stored in AWS Key Management Service (AWS KMS) for this purpose.

The solutions architect created the following IAM policy and attached it to an IAM role:


During tests, the solutions architect was able to successfully get existing test objects in the S3 bucket. However, attempts to upload a new object resulted in an error message. The error message stated that the action was forbidden.

Which action must the solutions architect add to the IAM policy to meet all the requirements?
Designing highly available, cost-efficient, fault-tolerant, scalable systems
A solutions architect needs to migrate 50 TB of NFS data to Amazon S3. The files are on several NFS file servers on corporate network. These are dense file systems containing tens of millions of small files. The system operators have configured the file interface on an AWS Snowball Edge device and are using a shell script to copy data.

Developers report that copying the data to the Snowball Edge device is very slow. The solutions architect suspects this may be related to the overhead of encrypting all the small files and transporting them over the network.

Which changes can be made to speed up the data transfer?
Migrating complex, multi-tier applications on AWS Designing enterprise-wide scalable operations on AWS
A Solutions Architect needs to migrate a legacy application from on premises to AWS. On premises, the application runs on two Linux servers behind a load balancer and accesses a database that is master-master on two servers. Each application server requires a license file that is tied to the MAC address of the server s network adapter. It takes the software vendor 12 hours to send ne license files through email. The application requires configuration files to use static. IPv4 addresses to access the database servers, not DNS.

Given these requirements, which steps should be taken together to enable a scalable architecture for the application servers? (Choose two.)
Migrating complex, multi-tier applications on AWS Designing enterprise-wide scalable operations on AWS
A Solutions Architect wants to make sure that only AWS users or roles with suitable permissions can access a new Amazon API Gateway endpoint. The Solutions Architect wants an end-to-end view of each request to analyze the latency of the request and create service maps.

How can the Solutions Architect design the API Gateway access control and perform request inspections?
Designing highly available, cost-efficient, fault-tolerant, scalable systems Implementing cost control strategies
A startup company hosts a fleet of Amazon EC2 instances in private subnets using the latest Amazon Linux 2 AMI. The company s engineers rely heavily on SSH access to the instances for troubleshooting.

The company s existing architecture includes the following:

• A VPC with private and public subnets, and a NAT gateway
• Site-to-Site VPN for connectivity with the on-premises environment
• EC2 security groups with direct SSH access from the on-premises environment

The company needs to increase security controls around SSH access and provide auditing of commands run by the engineers.

Which strategy should a solutions architect use?
Designing for security and compliance
A sys admin is maintaining an application on AWS. The application is installed on EC2 and user has configured ELB and Auto Scaling. Considering future load increase, the user is planning to launch new servers proactively so that they get registered with ELB.

How can the user add these instances with Auto Scaling?
Designing enterprise-wide scalable operations on AWS
A team collects and routes behavioral data for an entire company. The company runs a Multi-AZ VPC environment with public subnets, private subnets, and in internet gateway. Each public subnet also contains a NAT gateway. Most of the company s applications read from and write to Amazon Kinesis Data Streams. Most of the workloads run in private subnets.

A solutions architect must review the infrastructure. The solution architect needs to reduce costs and maintain the function of the applications. The solutions architect uses Cost Explorer and notices that the cost in the EC2-Other category is consistently high. A further review shows that NatGateway-Bytes charges are increasing the cost in the EC2-Other category.

What should the solutions architect do to meet these requirements?
Designing highly available, cost-efficient, fault-tolerant, scalable systems Implementing cost control strategies
A three-tier web application runs on Amazon EC2 instances. Cron daemons are used to trigger scripts that collect the web server, application, and database logs and send them to a centralized location every hour. Occasionally, scaling events or unplanned outages have caused the instances to stop before the latest logs were collected, and the log files were lost.

Which of the following options is the MOST reliable way of collecting and preserving the log files?
Designing highly available, cost-efficient, fault-tolerant, scalable systems Designing for security and compliance
Attempts, one of the three types of items associated with the schedule pipeline in the AWS Data Pipeline, provides robust data management.

Which of the following statements is NOT true about Attempts?
Designing highly available, cost-efficient, fault-tolerant, scalable systems Implementing cost control strategies