Exam Logo

Amazon (SAP-C01) Exam Questions And Answers page 56

A web application is hosted in a dedicated VPC that is connected to a company s on-premises data center over a Site-to-Site VPN connection. The application is accessible from the company network only. This is a temporary non-production application that is used during business hours. The workload is generally low with occasional surges.

The application has an Amazon Aurora MySQL provisioned database cluster on the backend. The VPC has an internet gateway and a NAT gateways attached. The web servers are in private subnets in an Auto Scaling group behind an Elastic Load Balancer. The web servers also upload data to an Amazon S3 bucket through the internet.

A solutions architect needs to reduce operational costs and simplify the architecture.

Which strategy should the solutions architect use?
Implementing cost control strategies
A web company is looking to implement an external payment service into their highly available application deployed in a VPC Their application EC2 instances are behind a public facing ELB. Auto scaling is used to add additional instances as traffic increases under normal load the application runs 2 instances in the Auto Scaling group but at peak it can scale 3x in size. The application instances need to communicate with the payment service over the Internet which requires whitelisting of all public IP addresses used to communicate with it. A maximum of 4 whitelisting IP addresses are allowed at a time and can be added through an API.

How should they architect their solution?
Designing highly available, cost-efficient, fault-tolerant, scalable systems Designing enterprise-wide scalable operations on AWS
A web company is looking to implement an intrusion detection and prevention system into their deployed VPC. This platform should have the ability to scale to thousands of instances running inside of the VPC.

How should they architect their solution to achieve these goals?
Designing highly available, cost-efficient, fault-tolerant, scalable systems Designing for security and compliance
A web design company currently runs several FTP servers that their 250 customers use to upload and download large graphic files They wish to move this system to AWS to make it more scalable, but they wish to maintain customer privacy and Keep costs to a minimum.

What AWS architecture would you recommend?
Designing enterprise-wide scalable operations on AWS Designing for security and compliance
A web-startup runs its very successful social news application on Amazon EC2 with an Elastic Load Balancer, an Auto-Scaling group of Java/Tomcat application-servers, and DynamoDB as data store. The main web-application best runs on m2 x large instances since it is highly memory- bound Each new deployment requires semi-automated creation and testing of a new AMI for the application servers which takes quite a while ana is therefore only done once per week.
Recently, a new chat feature has been implemented in nodejs and wails to be integrated in the architecture. First tests show that the new component is CPU bound Because the company has some experience with using Chef, they decided to streamline the deployment process and use AWS Ops Works as an application life cycle tool to simplify management of the application and reduce the deployment cycles.

What configuration in AWS Ops Works is necessary to integrate the new chat module in the most cost-efficient and flexible way?
Designing highly available, cost-efficient, fault-tolerant, scalable systems Implementing cost control strategies
AWS CloudFormation ______ are special actions you use in your template to assign values to properties that are not available until runtime.
Designing highly available, cost-efficient, fault-tolerant, scalable systems Designing enterprise-wide scalable operations on AWS
AWS Direct Connect itself has NO specific resources for you to control access to. Therefore, there are no AWS Direct Connect Amazon Resource Names (ARNs) for you to use in an Identity and Access Management (IAM) policy.

With that in mind, how is it possible to write a policy to control access to AWS Direct Connect actions?
Designing highly available, cost-efficient, fault-tolerant, scalable systems Designing for security and compliance
AWS has launched T2 instances which come with CPU usage credit. An organization has a requirement which keeps an instance running for 24 hours. However, the organization has high usage only during 11 AM to 12 PM. The organization is planning to use a T2 small instance for this purpose.

If the organization already has multiple instances running since Jan 2012, which of the below mentioned options should the organization implement while launching a T2 instance?
Designing highly available, cost-efficient, fault-tolerant, scalable systems
AWS ________supports__________ environments as one of the AWS resource types.
Designing highly available, cost-efficient, fault-tolerant, scalable systems Designing enterprise-wide scalable operations on AWS
By default, Amazon Cognito maintains the last-written version of the data. You can override this behavior and resolve data conflicts programmatically.
In addition, push synchronization allows you to use Amazon Cognito to send a silent notification to all devices associated with an identity to notify them that new data is available.
Designing highly available, cost-efficient, fault-tolerant, scalable systems Designing for security and compliance