ExamGecko
Login
Home / Amazon / SAP-C01 / List of questions
Ask Question

Amazon SAP-C01 Practice Test - Questions Answers, Page 13

List of questions

Question 121

Report
Export
Collapse

A company has built a high performance computing (HPC) cluster in AWS for a tightly coupled workload that generates a large number of shared files stored in Amazon EFS. The cluster was performing well when the number of Amazon EC2 instances in the cluster was 100. However, when the company increased the cluster size to 1,000 EC2 instances, overall performance was well below expectations. Which collection of design choices should a solutions architect make to achieve the maximum performance from the HPC cluster? (Choose three.)

Ensure the HPC cluster is launched within a single Availability Zone.
Ensure the HPC cluster is launched within a single Availability Zone.
Launch the EC2 instances and attach elastic network interfaces in multiples of four.
Launch the EC2 instances and attach elastic network interfaces in multiples of four.
Select EC2 instance types with an Elastic Fabric Adapter (EFA) enabled.
Select EC2 instance types with an Elastic Fabric Adapter (EFA) enabled.
Ensure the clusters is launched across multiple Availability Zones.
Ensure the clusters is launched across multiple Availability Zones.
Replace Amazon EFS win multiple Amazon EBS volumes in a RAID array.
Replace Amazon EFS win multiple Amazon EBS volumes in a RAID array.
Replace Amazon EFS with Amazon FSx for Lustre.
Replace Amazon EFS with Amazon FSx for Lustre.
Suggested answer: D, E, F
asked 16/09/2024
Robert Petty
52 questions

Question 122

Report
Export
Collapse

A Solutions Architect is building a solution for updating user metadata that is initiated by web servers. The solution needs to rapidly scale from hundreds to tens of thousands of jobs in less than 30 seconds. The solution must be asynchronous always avertable and minimize costs.

Which strategies should the Solutions Architect use to meet these requirements?

Create an AWS SWF worker that will update user metadata updating web application to start a new workflow for every job.
Create an AWS SWF worker that will update user metadata updating web application to start a new workflow for every job.
Create an AWS Lambda function that will update user metadata. Create an Amazon SOS queue and configure it as an event source for the Lambda function. Update the web application to send jobs to the queue.
Create an AWS Lambda function that will update user metadata. Create an Amazon SOS queue and configure it as an event source for the Lambda function. Update the web application to send jobs to the queue.
Create an AWS Lambda function that will update user metadata. Create AWS Step Functions that will trigger the Lambda function. Update the web application to initiate Step Functions for every job.
Create an AWS Lambda function that will update user metadata. Create AWS Step Functions that will trigger the Lambda function. Update the web application to initiate Step Functions for every job.
Create an Amazon SQS queue. Create an AMI with a worker to check the queue and update user metadata. Configure an Amazon EC2 Auto Scaling group with the new AMI. Update the web application to send jobs to the queue.
Create an Amazon SQS queue. Create an AMI with a worker to check the queue and update user metadata. Configure an Amazon EC2 Auto Scaling group with the new AMI. Update the web application to send jobs to the queue.
Suggested answer: B
asked 16/09/2024
Simon Tam
35 questions

Question 123

Report
Export
Collapse

A company’s security compliance requirements state that all Amazon EC2 images must be scanned for vulnerabilities and must pass a CVE assessment. A solutions architect is developing a mechanism to create security- approved AMIs that can be used by developers. Any new AMIs should go through an automated assessment process and be marked as approved before developers can use them. The approved images must be scanned every 30 days to ensure compliance.

Which combination of steps should the solutions architect take to meet these requirements while following best practices? (Choose two.)

Use the AWS Systems Manager EC2 agent to run the CVE assessment on the EC2 instances launched from the AMIs that need to be scanned.
Use the AWS Systems Manager EC2 agent to run the CVE assessment on the EC2 instances launched from the AMIs that need to be scanned.
Use AWS Lambda to write automatic approval rules. Store the approved AMI list in AWS Systems Manager Parameter Store. Use Amazon EventBridge to trigger an AWS Systems Manager Automation document on all EC2 instances every 30 days.
Use AWS Lambda to write automatic approval rules. Store the approved AMI list in AWS Systems Manager Parameter Store. Use Amazon EventBridge to trigger an AWS Systems Manager Automation document on all EC2 instances every 30 days.
Use Amazon Inspector to run the CVE assessment on the EC2 instances launched from the AMIs that need to be scanned.
Use Amazon Inspector to run the CVE assessment on the EC2 instances launched from the AMIs that need to be scanned.
Use AWS Lambda to write automatic approval rules. Store the approved AMI list in AWS Systems Manager Parameter Store. Use a managed AWS Config rule for continuous scanning on all EC2 instances, and use AWS Systems Manager Automation documents for remediation.
Use AWS Lambda to write automatic approval rules. Store the approved AMI list in AWS Systems Manager Parameter Store. Use a managed AWS Config rule for continuous scanning on all EC2 instances, and use AWS Systems Manager Automation documents for remediation.
Use AWS CloudTrail to run the CVE assessment on the EC2 instances launched from the AMIs that need to be scanned.
Use AWS CloudTrail to run the CVE assessment on the EC2 instances launched from the AMIs that need to be scanned.
Suggested answer: B, C
asked 16/09/2024
David Llamas Ampudia
32 questions

Question 124

Report
Export
Collapse

An organization is setting up a highly scalable application using Elastic Beanstalk.

They are using Elastic Load Balancing (ELB) as well as a Virtual Private Cloud (VPC) with public and private subnets. They have the following requirements:

- All the EC2 instances should have a private IP

- All the EC2 instances should receive data via the ELB's.

Which of these will not be needed in this setup?

Launch the EC2 instances with only the public subnet.
Launch the EC2 instances with only the public subnet.
Create routing rules which will route all inbound traffic from ELB to the EC2 instances.
Create routing rules which will route all inbound traffic from ELB to the EC2 instances.
Configure ELB and NAT as a part of the public subnet only.
Configure ELB and NAT as a part of the public subnet only.
Create routing rules which will route all outbound traffic from the EC2 instances through NAT.
Create routing rules which will route all outbound traffic from the EC2 instances through NAT.
Suggested answer: A

Explanation:

The Amazon Virtual Private Cloud (Amazon VPC) allows the user to define a virtual networking environment in a private, isolated section of the Amazon Web Services (AWS) cloud. The user has complete control over the virtual networking environment. If the organization wants the Amazon EC2 instances to have a private IP address, he should create a public and private subnet for VPC in each Availability Zone (this is an AWS Elastic Beanstalk requirement). The organization should add their public resources, such as ELB and NAT to the public subnet, and AWC Elastic Beanstalk will assign them unique elastic IP addresses (a static, public IP address). The organization should launch Amazon EC2 instances in a private subnet so that AWS Elastic Beanstalk assigns them non-routable private IP addresses. Now the organization should configure route tables with the following rules: route all inbound traffic from ELB to EC2 instances route all outbound traffic from EC2 instances through NAT

Reference: http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/AWSHowTo-vpc.html

asked 16/09/2024
Trey Contello
42 questions

Question 125

Report
Export
Collapse

The CFO of a company wants to allow one of his employees to view only the AWS usage report page.

Which of the below mentioned IAM policy statements allows the user to have access to the AWS usage report page?

"Effect": "Allow", "Action": ["Describe"], "Resource": "Billing"
"Effect": "Allow", "Action": ["Describe"], "Resource": "Billing"
"Effect": "Allow", "Action": ["aws-portal: ViewBilling"], "Resource": "*"
"Effect": "Allow", "Action": ["aws-portal: ViewBilling"], "Resource": "*"
"Effect": "Allow", "Action": ["aws-portal: ViewUsage"], "Resource": "*"
"Effect": "Allow", "Action": ["aws-portal: ViewUsage"], "Resource": "*"
"Effect": "Allow", "Action": ["AccountUsage], "Resource": "*"
"Effect": "Allow", "Action": ["AccountUsage], "Resource": "*"
Suggested answer: C

Explanation:

AWS Identity and Access Management is a web service which allows organizations to manage users and user permissions for various AWS services. If the CFO wants to allow only AWS usage report page access, the policy for that IAM user will be as given below:

{

"Version": "2012-10-17",

"Statement": [

{

"Effect": "Allow", "Action": [

"aws-portal:ViewUsage"

],

"Resource": "*"

}

]

}

Reference: http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/billing-permissions-ref.html

asked 16/09/2024
Shafqat Balouch
29 questions

Question 126

Report
Export
Collapse

A company runs an application in the cloud that consists of a database and a website. Users can post data to the website, have the data processed, and have the data sent back to them in an email. Data is stored in a MySQL database running on an Amazon EC2 instance. The database is running in a VPC with two private subnets. The website is running on Apache Tomcat in a single EC2 instance in a different VPC with one public subnet. There is a single VPC peering connection between the database and website VPC.

The website has suffered several outages during the last month due to high traffic.

Which actions should a solutions architect take to increase the reliability of the application? (Choose three.)

Place the Tomcat server in an Auto Scaling group with multiple EC2 instances behind an Application Load Balancer.
Place the Tomcat server in an Auto Scaling group with multiple EC2 instances behind an Application Load Balancer.
Provision an additional VPC peering connection.
Provision an additional VPC peering connection.
Migrate the MySQL database to Amazon Aurora with one Aurora Replica.
Migrate the MySQL database to Amazon Aurora with one Aurora Replica.
Provision two NAT gateways in the database VPC.
Provision two NAT gateways in the database VPC.
Move the Tomcat server to the database VPC.
Move the Tomcat server to the database VPC.
Create an additional public subnet in a different Availability Zone in the website VPC.
Create an additional public subnet in a different Availability Zone in the website VPC.
Suggested answer: A, C, F
asked 16/09/2024
Ackim Sanuka
37 questions

Question 127

Report
Export
Collapse

A company runs an application that gives users the ability to search for videos and related information by using keywords that are curated from content providers. The application data is stored in an onpremises Oracle database that is 800 GB in size.

The company wants to migrate the data to an Amazon Aurora MySQL DB instance. A solutions architect plans to use the AWS Schema Conversion Tool and AWS Database Migration Service (AWS DMS) for the migration. During the migration, the existing database must serve ongoing requests. The migration must be completed with minimum downtime. Which solution will meet these requirements?

Create primary key indexes, secondary indexes, and referential integrity constraints in the target database before starting the migration process.
Create primary key indexes, secondary indexes, and referential integrity constraints in the target database before starting the migration process.
Use AWS DMS to run the conversion report for Oracle to Aurora MySQL. Remediate any issues. Then use AWS DMS to migrate the data.
Use AWS DMS to run the conversion report for Oracle to Aurora MySQL. Remediate any issues. Then use AWS DMS to migrate the data.
Use the M5 or C5 DMS replication instance type for ongoing replication.
Use the M5 or C5 DMS replication instance type for ongoing replication.
Turn off automatic backups and logging of the target database until the migration and cutover processes are complete.
Turn off automatic backups and logging of the target database until the migration and cutover processes are complete.
Suggested answer: A

Explanation:

Reference: https://docs.aws.amazon.com/dms/latest/sbs/chap-rdsoracle2aurora.html

asked 16/09/2024
Willians Lima Pereira
45 questions

Question 128

Report
Export
Collapse

One of your AWS Data Pipeline activities has failed consequently and has entered a hard failure state after retrying thrice. You want to try it again. Is it possible to increase the number of automatic retries to more than thrice?

Yes, you can increase the number of automatic retries to 6.
Yes, you can increase the number of automatic retries to 6.
Yes, you can increase the number of automatic retries to indefinite number.
Yes, you can increase the number of automatic retries to indefinite number.
No, you cannot increase the number of automatic retries.
No, you cannot increase the number of automatic retries.
Yes, you can increase the number of automatic retries to 10.
Yes, you can increase the number of automatic retries to 10.
Suggested answer: D

Explanation:

In AWS Data Pipeline, an activity fails if all of its activity attempts return with a failed state. By default, an activity retries three times before entering a hard failure state. You can increase the number of automatic retries to 10. However, the system does not allow indefinite retries.

Reference:

https://aws.amazon.com/datapipeline/faqs/

asked 16/09/2024
Andrea Ciovati
41 questions

Question 129

Report
Export
Collapse

Your Application is not highly available, and your on-premises server cannot access the mount target because the Availability Zone (AZ) in which the mount target exists is unavailable. Which of the following actions is recommended?

The application must implement the checkpoint logic and recreate the mount target.
The application must implement the checkpoint logic and recreate the mount target.
The application must implement the shutdown logic and delete the mount target in the AZ.
The application must implement the shutdown logic and delete the mount target in the AZ.
The application must implement the delete logic and connect to a different mount target in the same AZ.
The application must implement the delete logic and connect to a different mount target in the same AZ.
The application must implement the restart logic and connect to a mount target in a different AZ.
The application must implement the restart logic and connect to a mount target in a different AZ.
Suggested answer: D

Explanation:

To make sure that there is continuous availability between your on-premises data center and your Amazon Virtual Private Cloud (VPC), it is suggested that you configure two AWS Direct Connect connections. Your application should implement restart logic and connect to a mount target in a different AZ if your application is not highly available and your on-premises server cannot access the mount target because the AZ in which the mount target exists becomes unavailable.

Reference: http://docs.aws.amazon.com/efs/latest/ug/performance.html#performance-onpremises

asked 16/09/2024
Zden Bohm Autocont a.s.
27 questions

Question 130

Report
Export
Collapse

An organization has created multiple components of a single application for compartmentalization. Currently all the components are hosted on a single EC2 instance. Due to security reasons the organization wants to implement two separate SSLs for the separate modules although it is already using VPC.

How can the organization achieve this with a single instance?

You have to launch two instances each in a separate subnet and allow VPC peering for a single IP.
You have to launch two instances each in a separate subnet and allow VPC peering for a single IP.
Create a VPC instance which will have multiple network interfaces with multiple elastic IP addresses.
Create a VPC instance which will have multiple network interfaces with multiple elastic IP addresses.
Create a VPC instance which will have both the ACL and the security group attached to it and have separate rules for each IP address.
Create a VPC instance which will have both the ACL and the security group attached to it and have separate rules for each IP address.
Create a VPC instance which will have multiple subnets attached to it and each will have a separate IP address.
Create a VPC instance which will have multiple subnets attached to it and each will have a separate IP address.
Suggested answer: B

Explanation:

A Virtual Private Cloud (VPC) is a virtual network dedicated to the user's AWS account. It enables the user to launch AWS resources into a virtual network that the user has defined. With VPC the user can specify multiple private IP addresses for his instances.

The number of network interfaces and private IP addresses that a user can specify for an instance depends on the instance type. With each network interface the organization can assign an EIP. This scenario helps when the user wants to host multiple websites on a single EC2 instance by using multiple SSL certificates on a single server and associating each certificate with a specific EIP address. It also helps in scenarios for operating network appliances, such as firewalls or load balancers that have multiple private IP addresses for each network interface.

Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/MultipleIP.html

asked 16/09/2024
Khuong Tang
31 questions
Total 906 questions
Go to page: of 91
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A company is running an application on several Amazon EC2 instances in an Auto Scaling group behind an Application Load Balancer. The load on the application varies throughout the day, and EC2 instances are scaled in and out on a regular basis. Log files from the EC2 instances are copied to a central Amazon S3 bucket every 15 minutes. The security team discovers that log files are missing from some of the terminated EC2 instances. Which set of actions will ensure that log files are copied to the central S3 bucket from the terminated EC2 instances?
A company is developing a gene reporting device that will collect genomic information to assist researchers will collecting large samples of data from a diverse population. The device will push 8 KB of genomic data every second to a data platform that will need to process and analyze the data and provide information back to researchers. The data platform must meet the following requirements: Provide near-real-time analytics of the inbound genomic data Ensure the data is flexible, parallel, and durable Deliver results of processing to a data warehouse Which strategy should a solutions architect use to meet these requirements?
A medical company is running an application in the AWS Cloud. The application simulates the effect of medical drugs in development. The application consists of two parts: configuration and simulation. The configuration part runs in AWS Fargate containers in an Amazon Elastic Container Service (Amazon ECS) cluster. The simulation part runs on large, compute optimized Amazon EC2 instances. Simulations can restart if they are interrupted. The configuration part runs 24 hours a day with a steady load. The simulation part runs only for a few hours each night with a variable load. The company stores simulation results in Amazon S3, and researchers use the results for 30 days. The company must store simulations for 10 years and must be able to retrieve the simulations within 5 hours. Which solution meets these requirements MOST cost-effectively?
A Solutions Architect must build a highly available infrastructure for a popular global video game that runs on a mobile phone platform. The application runs on Amazon EC2 instances behind an Application Load Balancer. The instances run in an Auto Scaling group across multiple Availability Zones. The database tier is an Amazon RDS MySQL Multi-AZ instance. The entire application stack is deployed in both us-east-1 and eu-central-1. Amazon Route 53 is used to route traffic to the two installations using a latency-based routing policy. A weighted routing policy is configured in Route 53 as a fail over to another region in case the installation in a region becomes unresponsive. During the testing of disaster recovery scenarios, after blocking access to the Amazon RDS MySQL instance in eu-central-1 from all the application instances running in that region. Route 53 does not automatically failover all traffic to us- east-1. Based on this situation, which changes would allow the infrastructure to failover to us-east-1? (Choose two.)
Your firm has uploaded a large amount of aerial image data to S3. In the past, in your on-premises environment, you used a dedicated group of servers to oaten process this data and used Rabbit MQ - An open source messaging system to get job information to the servers. Once processed the data would go to tape and be shipped offsite. Your manager told you to stay with the current design, and leverage AWS archival storage and messaging services to minimize cost. Which is correct?
A company’s processing team has an AWS account with a production application. The application runs on Amazon EC2 instances behind a Network Load Balancer (NLB). The EC2 instances are hosted in private subnets in a VPC in the eu- west- 1 Region. The VPC was assigned the CIDR block of 10.0.0.0/16. The billing team recently created a new AWS account and deployed an application on EC2 instances that are hosted in private subnets in a VPC in the eu-central-1 Region. The new VPC is assigned the CIDR block of 10.0.0.0/16. The processing application needs to securely communicate with the billing application over a proprietary TCP port. What should a solutions architect do to meet this requirement with the LEAST amount of operational effort?
A company is using multiple AWS accounts. The DNS records are stored in a private hosted zone for Amazon Route 53 in Account A. The company’s applications and databases are running in Account B. A solutions architect will deploy a two-tier application in a new VPC. To simplify the configuration, the db.example.com CNAME record set for the Amazon RDS endpoint was created in a private hosted zone for Amazon Route 53. During deployment the application failed to start. Troubleshooting revealed that db.example.com is not resolvable on the Amazon EC2 instance. The solutions architect confirmed that the record set was created correctly in Route 53. Which combination of steps should the solutions architect take to resolve this issue? (Choose two.)
A company runs an application on AWS. An AWS Lambda function uses credentials to authenticate to an Amazon RDS for MySQL DB instance. A security risk assessment identified that these credentials are not frequently rotated. Also, encryption at rest is not enabled for the DB instance. The security team requires that both of these issues be resolved. Which strategy should a solutions architect recommend to remediate these security risks?
A company runs a dynamic mission-critical web application that has an SLA of 99.99%. Global application users access the application 24/7. The application is currently hosted on premises and routinely fails to meet its SLA, especially when millions of users access the application concurrently. Remote users complain of latency. How should this application be redesigned to be scalable and allow for automatic failover at the lowest cost?
A 3-Ber e-commerce web application is currently deployed on-premises, and will be migrated to AWS for greater scalability and elasticity. The web tier currently shares read-only data using a network distributed file system. The app server tier uses a clustering mechanism for discovery and shared session state that depends on IP multicast. The database tier uses sharedstorage clustering to provide database failover capability, and uses several read slaves for scaling. Data on all servers and the distributed file system directory is backed up weekly to off-site tapes. Which AWS storage and database architecture meets the requirements of the application?