Amazon (SAP-C01) Exam Questions And Answers page 51
A United Kingdom (UK) company recently completed a successful proof of concept in Amazon WorkSpaces. The company also has a large office in the United States (US). Staff members from each office regularly travel between the two locations and need access to a corporate WorkSpace without any reconfiguration of their WorkSpaces client.
The company has purchased a domain by using Amazon Route 53 for the connection alias. The company will use a Windows profile and document management solution.
A solutions architect needs to design the full solution. The solution must use a configuration of WorkSpaces in two AWS Regions and must provide Regional resiliency.
Which solution will meet these requirements?
The company has purchased a domain by using Amazon Route 53 for the connection alias. The company will use a Windows profile and document management solution.
A solutions architect needs to design the full solution. The solution must use a configuration of WorkSpaces in two AWS Regions and must provide Regional resiliency.
Which solution will meet these requirements?
Create a connection alias in a UK Region. Associated the connection alias with a directory in the UK Region. Configure the DNS service for the domain in the connection alias. Configure a weighted routing policy, with the UK Region set to 1 and a US Region set to 255. Distribute the connection string for the UK Region to the WorkSpaces users.
Create a connection alias in a UK Region and a US Region. Associate the connection aliases with a directory in each Region. Configure the DNS service for the domain in the connection alias. Configure a geolocation routing policy. Distribute the connection string to the WorkSpaces users.
Create a connection alias in a US Region. Associated the connection alias with a directory in the UK Region. Configure the DNS service for the domain in the connection alias. Configure a multivalue answer routing policy. Distribute the connection string for the US Region to the WorkSpaces users.
Designing highly available, cost-efficient, fault-tolerant, scalable systems
Designing enterprise-wide scalable operations on AWS
A user authenticating with Amazon Cognito will go through a multi-step process to bootstrap their credentials.
Amazon Cognito has two different flows for authentication with public providers.
Which of the following are the two flows?
Amazon Cognito has two different flows for authentication with public providers.
Which of the following are the two flows?
Authenticated and non-authenticated
Public and private
Enhanced and basic
Single step and multistep
Designing highly available, cost-efficient, fault-tolerant, scalable systems
Implementing cost control strategies
A user has configured an EC2 instance in the US-East-1a zone. The user has enabled detailed monitoring of the instance. The user is trying to get the data from CloudWatch using a CLI.
Which of the below mentioned CloudWatch endpoint URLs should the user use?
Which of the below mentioned CloudWatch endpoint URLs should the user use?
monitoring.us-east-1a.amazonaws.com
cloudwatch.us-east-1a.amazonaws.com
monitoring.us-east-1.amazonaws.com
monitoring.us-east-1-a.amazonaws.com
Designing highly available, cost-efficient, fault-tolerant, scalable systems
Designing for security and compliance
A user has configured EBS volume with PIOPS. The user is not experiencing the optimal throughput.
Which of the following could not be factor affecting I/O performance of that EBS volume?
Which of the following could not be factor affecting I/O performance of that EBS volume?
Instance type is not EBS optimized
EBS bandwidth of dedicated instance exceeding the PIOPS
EBS volume size
EC2 bandwidth
Designing highly available, cost-efficient, fault-tolerant, scalable systems
Implementing cost control strategies
A user has configured two security groups which allow traffic as given below: 1: SecGrp1:
Inbound on port 80 for 0.0.0.0/0 Inbound on port 22 for 0.0.0.0/0 2: SecGrp2:
Inbound on port 22 for 10.10.10.1/32
If both the security groups are associated with the same instance, which of the below mentioned statements is true?
Inbound on port 80 for 0.0.0.0/0 Inbound on port 22 for 0.0.0.0/0 2: SecGrp2:
Inbound on port 22 for 10.10.10.1/32
If both the security groups are associated with the same instance, which of the below mentioned statements is true?
It is not possible to have more than one security group assigned to a single instance
It is not possible to create the security group with conflicting rules. AWS will reject the request
It allows inbound traffic for everyone on both ports 22 and 80
It allows inbound traffic on port 22 for IP 10.10.10.1 and for everyone else on port 80
Designing highly available, cost-efficient, fault-tolerant, scalable systems
Designing for security and compliance
A user has created a launch configuration for Auto Scaling where CloudWatch detailed monitoring is disabled. The user wants to now enable detailed monitoring.
How can the user achieve this?
How can the user achieve this?
Update the Launch config with CLI to set InstanceMonitoringDisabled = false
The user should change the Auto Scaling group from the AWS console to enable detailed monitoring
Create a new Launch Config with detail monitoring enabled and update the Auto Scaling group
Update the Launch config with CLI to set InstanceMonitoring.Enabled = true
Designing highly available, cost-efficient, fault-tolerant, scalable systems
A user has created a MySQL RDS instance with PIOPS. Which of the below mentioned statements will help user understand the advantage of PIOPS?
The user can achieve additional dedicated capacity for the EBS I/O with an enhanced RDS option
It uses a standard EBS volume with optimized configuration the stacks
It uses optimized EBS volumes and optimized configuration stacks
It provides a dedicated network bandwidth between EBS and RDS
Designing highly available, cost-efficient, fault-tolerant, scalable systems
A user has created an AWS AMI. The user wants the AMI to be available only to his friend and not anyone else. How can the user manage this?
Share the AMI with the community and setup the approval workflow before anyone launches it.
It is not possible to share the AMI with the selected user.
Share the AMI with a friend's AWS account ID.
Share the AMI with a friend's AWS login ID.
Designing for security and compliance
A user has created a VPC with a public subnet. The user has terminated all the instances which are part of the subnet.
Which of the below mentioned statements is true with respect to this scenario?
Which of the below mentioned statements is true with respect to this scenario?
The subnet to which the instances were launched with will be deleted
When the user launches a new instance it cannot use the same subnet
The user cannot delete the VPC since the subnet is not deleted
Secondary network interfaces attached to the terminated instances may persist.
Designing highly available, cost-efficient, fault-tolerant, scalable systems
A user has created a VPC with CIDR 20.0.0.0/16. The user has created one subnet with CIDR 20.0.0.0/16 by mistake. The user is trying to create another subnet of CIDR 20.0.1.0/24.
How can the user create the second subnet?
How can the user create the second subnet?
The user can modify the first subnet CIDR with AWS CLI
The user can modify the first subnet CIDR from the console
There is no need to update the subnet as VPC automatically adjusts the CIDR of the first subnet based on the second subnet's CIDR
It is not possible to create a second subnet with overlapping IP CIDR without deleting the first subnet.
Designing enterprise-wide scalable operations on AWS
Comments