Amazon SAP-C01 Practice Test - Questions Answers, Page 6
List of questions
Question 51
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
Which of the following Amazon RDS storage types is ideal for applications with light or burst I/O requirements?
Explanation:
Amazon RDS provides three storage types: magnetic, General Purpose (SSD), and Provisioned IOPS (input/output operations per second). Magnetic (Standard) storage is ideal for applications with light or burst I/O requirements.
Reference: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html
Question 52
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A company is running a high-user-volume media-sharing application on premises. It currently hosts about 400 TB of data with millions of video files. The company is migrating this application to AWS to improve reliability and reduce costs. The Solutions Architecture team plans to store the videos in an Amazon S3 bucket and use Amazon CloudFront to distribute videos to users. The company needs to migrate this application to AWS within 10 days with the least amount of downtime possible. The company currently has 1 Gbps connectivity to the Internet with 30 percent free capacity. Which of the following solutions would enable the company to migrate the workload to AWS and meet all of the requirements?
Explanation:
Reference:
https://www.edureka.co/blog/aws-snowball-and-snowmobile-tutorial/
Question 53
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A company has an existing on-premises three-tier web application. The Linux web servers serve content from a centralized file share on a NAS server because the content is refreshed several times a day from various sources. The existing infrastructure is not optimized and the company would like to move to AWS in order to gain the ability to scale resources up and down in response to load. On-premises and AWS resources are connected using AWS Direct Connect. How can the company migrate the web infrastructure to AWS without delaying the content refresh process?
Explanation:
Reference:
https://docs.aws.amazon.com/storagegateway/latest/userguide/GettingStartedAccessFileShare.html
Question 54
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A company uses a load balancer to distribute traffic to Amazon EC2 instances in a single Availability Zone. The company is concerned about security and wants a solutions architect to re-architect the solution to meet the following requirements:
Inbound requests must be filtered for common vulnerability attacks.
Rejected requests must be sent to a third-party auditing application. All resources should be highly available. Which solution meets these requirements?
Question 55
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A company has been using a third-party provider for its content delivery network and recently decided to switch to Amazon CloudFront. The development team wants to maximize performance for the global user base. The company uses a content management system (CMS) that serves both static and dynamic content. The CMS is behind an Application Load Balancer (ALB) which is set as the default origin for the distribution. Static assets are served from an Amazon S3 bucket. The Origin Access Identity (OAI) was created properly and the S3 bucket policy has been updated to allow the GetObject action from the OAI, but static assets are receiving a 404 error. Which combination of steps should the solutions architect take to fix the error? (Choose two.)
Question 56
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A company wants to launch an online shopping website in multiple countries and must ensure that customers are protected against potential “man-in-the-middle” attacks. Which architecture will provide the MOST secure site access?
Question 57
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A large company is migrating its entire IT portfolio to AWS. Each business unit in the company has a standalone AWS account that supports both development and test environments. New accounts to support production workloads will be needed soon.
The Finance department requires a centralized method for payment but must maintain visibility into each group’s spending to allocate costs. The Security team requires a centralized mechanism to control IAM usage in all the company’s accounts. What combination of the following options meet the company’s needs with the LEAST effort? (Choose two.)
Explanation:
Reference:
https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/ce-what-is.html
Question 58
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A company is running a legacy application on Amazon EC2 instances in multiple Availability Zones behind a software load balancer that runs on an active/standby set of EC2 instances. For disaster recovery, the company has created a warm standby version of the application environment that is deployed in another AWS Region. The domain for the application uses a hosted zone from Amazon Route 53. The company needs the application to use static IP addresses, even in the case of a failover event to the secondary Region. The company also requires the client’s source IP address to be available for auditing purposes.
Which solution meets these requirements with the LEAST amount of operational overhead?
Question 59
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A media company is hosting a high-traffic news website on AWS. The website’s front end is based solely on HTML and JavaScript. The company loads all dynamic content by using dynamic asynchronous JavaScript requests to a dedicated backend infrastructure.
The front end runs on four Amazon EC2 instances as web servers. The dynamic backend runs in containers on an Amazon Elastic Container Service (Amazon ECS) cluster that uses an Auto Scaling group of EC2 instances. The ECS tasks are behind an Application Load Balancer (ALB).
Which solutions should a solutions architect recommend to optimize costs? (Choose two.)
Explanation:
Reference: https://aws.amazon.com/blogs/security/how-to-enhance-amazon-cloudfront-origin-security-with-aws-waf-andaws-secrets-manager/ https://digitalcloud.training/certification-training/aws-solutions-architect-associate/compute/ elasticload-balancing/
Question 60
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
After setting an AWS Direct Connect, which of the following cannot be done with an AWS Direct Connect Virtual Interface?
Explanation:
You must create a virtual interface to begin using your AWS Direct Connect connection. You can create a public virtual interface to connect to public resources or a private virtual interface to connect to your VPC. Also, it is possible to configure multiple virtual interfaces on a single AWS Direct Connect connection, and you'll need one private virtual interface for each VPC to connect to. Each virtual interface needs a VLAN ID, interface IP address, ASN, and BGP key. To use your AWS Direct Connect connection with another AWS account, you can create a hosted virtual interface for that account. These hosted virtual interfaces work the same as standard virtual interfaces and can connect to public resources or a VPC.
Reference: http://docs.aws.amazon.com/directconnect/latest/UserGuide/WorkingWithVirtualInterfaces.html
Question