ExamGecko
Home / Amazon / PAS-C01 / List of questions
Ask Question

Amazon PAS-C01 Practice Test - Questions Answers, Page 4

List of questions

Question 31

Report
Export
Collapse

A company is running an SAP HANA database on AWS The company is running AWS Backint Agent for SAP HANA(AWS Backint agent) on an Amazon EC2 instance AWS Back agent is configured to back up to an Amazon S3 bucket The backups are failing with an AccessDeniod error m the AWS Backint agent log file.

What should an SAP basis administrator do to resolve this error?

Assign execute permissions at the operating system level for the AWS Backint agent binary and for AWS Backint agent
Assign execute permissions at the operating system level for the AWS Backint agent binary and for AWS Backint agent
Assign an 1AM role to an EC2 instance Attach a policy to the IAM role to grant access to the target S3 bucket
Assign an 1AM role to an EC2 instance Attach a policy to the IAM role to grant access to the target S3 bucket
Assign the correct Region ID for the S3BucketAwsRegion parameter in AWS Backint agent for the SAP HANA configuration file
Assign the correct Region ID for the S3BucketAwsRegion parameter in AWS Backint agent for the SAP HANA configuration file
Assign the value for the Enable Tagging parameter in AWS Backint agent for the SAP HANA configuration file
Assign the value for the Enable Tagging parameter in AWS Backint agent for the SAP HANA configuration file
Suggested answer: B

Explanation:


asked 16/09/2024
Min Soe Aye
40 questions

Question 32

Report
Export
Collapse

A company is using SAP NetWeaver with Java on AWS The company has updated its generation of Amazon EC2 instances to the most recent generation of EC2 instances When the company tries to start SAP the startup fails The tog indicates that the SAP license expired Of is not valid.

What is the reason for this issue?

The instance ID changed as part of the EC2 generation change
The instance ID changed as part of the EC2 generation change
The instance's hypervisor changed from Xen to Nitro
The instance's hypervisor changed from Xen to Nitro
The SAP Java Virtual Machine (SAP JVM) is not compatible with the new instance type
The SAP Java Virtual Machine (SAP JVM) is not compatible with the new instance type
An EC2 generation change is not supported for SAP Java-based systems
An EC2 generation change is not supported for SAP Java-based systems
Suggested answer: B

Explanation:

The change in hypervisor from Xen to Nitro may be the cause of the hardware ID change.https://docs.aws.amazon.com/sap/latest/general/overview-sap-on- aws.html#:~:text=SAP%20Note%202113263,AWS%20Hardware%20ID


asked 16/09/2024
Jorge Pinto
30 questions

Question 33

Report
Export
Collapse

A company's basis administrator is planning to deploy SAP on AWS m Linux. The basis administrator must set up the proper storage to store SAP HANAdata and log volumes. Which storage options should the basis administrator choose to meet these requirements? (Select TWO.)

Amazon Elastic Block Store (Amazon EBS) Throughput Optimized HDD (st1)
Amazon Elastic Block Store (Amazon EBS) Throughput Optimized HDD (st1)
Amazon Elastic Block Store (Amazon EBS) Provisioned IOPS SSD (io1, k>2)
Amazon Elastic Block Store (Amazon EBS) Provisioned IOPS SSD (io1, k>2)
Amazon S3
Amazon S3
Amazon Elastic File System (Amazon EFS>
Amazon Elastic File System (Amazon EFS>
Amazon Elastic Block Store (Amazon EBS) General Purpose SSD (gp2 gp3)
Amazon Elastic Block Store (Amazon EBS) General Purpose SSD (gp2 gp3)
Suggested answer: B, E

Explanation:


asked 16/09/2024
IOSSIF ZINGUER
46 questions

Question 34

Report
Export
Collapse

A company has deployed a highly available SAP NetWeaver system on SAP HANA into a VPC The system is distributed across multiple Availability Zones within a single AWS Region SAP NetWeaver is running on SUSE Linux Enterprise Server for SAP SUSE Linux Enterprise High Availability Extension is configured to protect SAP ASCS and ERS instances and uses the overlay IP address concept The SAP shared dies sapmnt and . usrsap. trans are hosted on an Amazon Elastic File System (Amazon EFS) tile system The company needs a solution that uses already-existing private connectivity to the VPC. The SAP NetWeaver system must be accessible through the SAP GUI client tool. Which solutions will meet these requirements? (Select TWO)

Deploy an Application Load Balancer Configure the overlay IP address as a target
Deploy an Application Load Balancer Configure the overlay IP address as a target
Deploy a Network Load Balancer Configure the overlay IP address as a target
Deploy a Network Load Balancer Configure the overlay IP address as a target
Use an Amazon Route 53 private zone Create an A record that has the overlay IP address as a target
Use an Amazon Route 53 private zone Create an A record that has the overlay IP address as a target
Use AWS Transit Gateway Configure the overlay IP address as a static route in the transit gateway route table Specify the VPC as a target
Use AWS Transit Gateway Configure the overlay IP address as a static route in the transit gateway route table Specify the VPC as a target
Use a NAT gateway Configure the overlay IP address as a target
Use a NAT gateway Configure the overlay IP address as a target
Suggested answer: B, C

Explanation:

Option B is correct because it uses a Network Load Balancer to enable network access to the overlay IP address for the SAP NetWeaver system. A Network Load Balancer supports TCP protocol and can route traffic to targets using IP addresses. It also provides high availability and scalability for the network connection.Option C is correct because it uses Amazon Route 53 private zone to create an A record that has the overlay IP address as a target. This allows the SAP GUI client tool to resolve the overlay IP address to the SAP NetWeaver system. It also uses the existing private connectivity to the VPC without requiring any additional components or configuration.Option A is incorrect because it uses an Application Load Balancer, which does not support TCP protocol for the SAP NetWeaver system. It also uses an overlay IP address as a target, which is not necessary for the network access to the SAP NetWeaver system.Option D is incorrect because it uses AWS Transit Gateway, which is not a network configuration for data transfer. It also uses an overlay IP address as a static route in the transit gateway route table, which may cause routing conflicts or errors with the existing private connectivity to the VPC.Option E is incorrect because it uses a NAT gateway, which is not a network configuration for data transfer. It also uses an overlay IP address as a target, which may cause routing conflicts or errors with the existing private connectivity to the VPC.Reference: https://docs.aws.amazon.com/sap/latest/sap-hana/sap-ha-overlay-ip.html https://docs.aws.amazon.com/sap/latest/sap-netweaver/cluster-configuration-prereqs-sap- netweaver-ha.html https://docs.aws.amazon.com/sap/latest/sap-hana/sap-oip-overlay-ip-routing-using-aws-transit- gateway.html


asked 16/09/2024
Daniel Vong
42 questions

Question 35

Report
Export
Collapse

A company is planning to move all its SAP applications to Amazon EC2 instances in a VPC Recently the company signed a multiyear contract with a payroll software-as-a-service (SaaS) provider integration with the payroll SaaS solution is available only through public web APIs.

Corporate security guidelines state that all outbound traffic must be validated against an allow list. The payroll SaaS provider provides only fully qualified domain name (FQDN) addresses and no IP addresses or IP address ranges Currently, an on-premises firewall appliance filters FQDNs. The company needs to connect an SAP Process Orchestration (SAP PO) system to the payroll SaaS provider.

What must the company do on AWS to meet these requirements?

Add an outbound rule to the security group of the SAP PO system to allow the FODN of the payroll SaaS provider and deny all other outbound traffic
Add an outbound rule to the security group of the SAP PO system to allow the FODN of the payroll SaaS provider and deny all other outbound traffic
Add an outbound rule to the network ACL of the subnet that contains the SAP PO system to allow the FQDN of the payroll SaaS provider and deny all other outbound traffic
Add an outbound rule to the network ACL of the subnet that contains the SAP PO system to allow the FQDN of the payroll SaaS provider and deny all other outbound traffic
Add an AWS WAF web ACL to the VPC Add an outbound rule to allow the SAP PO system to connect to the FQDN of the payroll SaaS provider
Add an AWS WAF web ACL to the VPC Add an outbound rule to allow the SAP PO system to connect to the FQDN of the payroll SaaS provider
Add an AWS Network Firewall firewall to the VPC Add an outbound rule to allow the SAP PO system to connect to the FQDN of the payroll SaaS provider
Add an AWS Network Firewall firewall to the VPC Add an outbound rule to allow the SAP PO system to connect to the FQDN of the payroll SaaS provider
Suggested answer: D

Explanation:


asked 16/09/2024
Nikita Kazanenko
39 questions

Question 36

Report
Export
Collapse

A company is planning to migrate its on-premises SAP application to AWS. The application runs on VMware vSphere The SAP ERP Central Component (SAP ECC) server runs on an IBM Db2 database that is 2 TB m size The company wants to migrate the database to SAP HANA Which migration strategy will meet these requirements'?

Use AWS Application Migration Service (CloudEndure Migration)
Use AWS Application Migration Service (CloudEndure Migration)
Use SAP Software Update Manager (SUM) Database Migration Option (DMO) with System Move
Use SAP Software Update Manager (SUM) Database Migration Option (DMO) with System Move
Use AWS Server Migration Service (AWS SMS)
Use AWS Server Migration Service (AWS SMS)
Use AWS Database Migration Service (AWS DMS)
Use AWS Database Migration Service (AWS DMS)
Suggested answer: B

Explanation:


asked 16/09/2024
Dereque Datson
41 questions

Question 37

Report
Export
Collapse

A company hosts multiple SAP applications on Amazon EC2 instances in a VPC While monitoring the environment the company notices that multiple port scans are attempting to connect to SAP portals inside the VPC. These port scans are originating from the same IP address block. The company must deny access to the VPC from all the offending IP addresses for the next 24 hours. Which solution win meet this requirement?

Modify network ACLs that are associated with all public subnets in the VPC to deny access from the IP address block
Modify network ACLs that are associated with all public subnets in the VPC to deny access from the IP address block
Add a rule in the security group of the EC2 instances to deny access from the IP address block
Add a rule in the security group of the EC2 instances to deny access from the IP address block
Create a policy in AWS identity and Access Management (1AM) to deny access from the IP address block
Create a policy in AWS identity and Access Management (1AM) to deny access from the IP address block
Configure the firewall m the operating system of the EC2 instances to deny access from the IP address block
Configure the firewall m the operating system of the EC2 instances to deny access from the IP address block
Suggested answer: A

Explanation:


asked 16/09/2024
Jesserey Joseph
44 questions

Question 38

Report
Export
Collapse

A company has deployed SAP workloads on AWS The AWS Data Provider for SAP is installed on the Amazon EC2 instance where the SAP application is running An SAP solutions architect has attached an IAM role to the EC2 instance with the following policy.

Amazon PAS-C01 image Question 38 4884 09162024005708000000

The AWS Data Provider for SAP is not returning any metrics to the SAP application. Which change should the SAP solutions architect make to the 1AM permissions to resolve this issued.

Add the cloudwatch ListMetrics action to the policy statement with Sid AWSDataProvider1.
Add the cloudwatch ListMetrics action to the policy statement with Sid AWSDataProvider1.
Add the cloudwatch GetMetricStatrstics action to the policy statement with Sid AWSDataProvider1
Add the cloudwatch GetMetricStatrstics action to the policy statement with Sid AWSDataProvider1
Add the cloudwatch GetMetricStream action (o the policy statement with Sid AWSDataProvider
Add the cloudwatch GetMetricStream action (o the policy statement with Sid AWSDataProvider
Add the cloudwatch DescribeAlarmsForMetric action to the policy statement with Sid AWSDataProvider
Add the cloudwatch DescribeAlarmsForMetric action to the policy statement with Sid AWSDataProvider
Suggested answer: B

Explanation:

The AWS Data Provider for SAP requires the ability to access metrics data in order to return metrics to the SAP application. The IAM policy statement with Sid "AWSDataProvider1" currently does not have the necessary permissions to access metrics data. The SAP solutions architect should add the cloudwatch:GetMetricStatistics action to the policy statement with Sid "AWSDataProvider1" to grant the necessary permissions for the Data Provider to access metrics data.The other actions such as "EC2:DescribeInstances" and "EC2:DescribeVolumes" are not related to CloudWatch metrics and only provide the ability to describe EC2 instances and volumes. Actions such as "s3:GetObject" are not related to CloudWatch metrics, it's used to get an object from an S3 bucket. Actions such as "cloudwatch:ListMetrics" and "cloudwatch:DescribeAlarmsForMetric" would not be necessary for the AWS Data Provider for SAP to return metrics to the SAP application and it's not related to the problem described.https://docs.aws.amazon.com/sap/latest/general/data-provider-troubleshooting.html


asked 16/09/2024
Yassin Benjajji
37 questions

Question 39

Report
Export
Collapse

A company wants to deploy an SAP HANA database on AWS by using AWS Launch Wizard for SAP An SAP solutions architect needs to run a custom post-deployment script on the Amazon EC2 instance that Launch Wizard provisions. Which actions can the SAP solutions architect take to provide the post-deployment script m the Launch Wizard console? (Select TWO.)

Provide the FTP URL of the script
Provide the FTP URL of the script
Provide the HTTPS URL of the script on a web server
Provide the HTTPS URL of the script on a web server
Provide the Amazon S3 URL of the script
Provide the Amazon S3 URL of the script
Write the script inline
Write the script inline
Upload the script
Upload the script
Suggested answer: C, E

Explanation:

https://catalog.us-east-1.prod.workshops.aws/workshops/754ba343-2704-404a-8abe- be7b21c4d9d5/en-US/800-other/802-prepostscript


asked 16/09/2024
Yogen Trikannad
34 questions

Question 40

Report
Export
Collapse

A company has an SAP environment that runs on AWS. The company wants to enhance security by restricting Amazon EC2 Instance Metadata Service (IMDS) to IMDSv2 only. The company's current configuration option supports both iMDSvi and iM0Sv2. The security enhancement must not create an SAP outage.

What should the company do before it applies the security enhancement on EC2 instances that are running the SAP environment?

Ensure that the SAP kernel versions are 7 45 or later
Ensure that the SAP kernel versions are 7 45 or later
Ensure that the EC2 instances are Nitro based
Ensure that the EC2 instances are Nitro based
Ensure that the AWS Data Provider for SAP is installed on each EC2 instance
Ensure that the AWS Data Provider for SAP is installed on each EC2 instance
Stop the EC2 instances
Stop the EC2 instances
Suggested answer: A

Explanation:


asked 16/09/2024
Dirk Prinsloo
34 questions
Total 65 questions
Go to page: of 7
Search

Related questions