ExamGecko
Login
Home / Amazon / SAP-C01 / List of questions
Ask Question

Amazon SAP-C01 Practice Test - Questions Answers, Page 53

List of questions

Question 521

Report
Export
Collapse

A company used Amazon EC2 instances to deploy a web fleet to host a blog site. The EC2 instances are behind an Application Load Balancer (ALB) and are configured in an Auto Scaling group. The web application stores all blog content on an Amazon EFS volume.

The company recently added a feature for bloggers to add video to their posts, attracting 10 times the previous user traffic. At peak times of day, users report buffering and timeout issues while attempting to reach the site or watch videos. Which is the MOST cost-efficient and scalable deployment that will resolve the issues for users?

Reconfigure Amazon EFS to enable maximum I/O.
Reconfigure Amazon EFS to enable maximum I/O.
Update the blog site to use instance store volumes for storage. Copy the site contents to the volumes at launch and to Amazon S3 at shutdown.
Update the blog site to use instance store volumes for storage. Copy the site contents to the volumes at launch and to Amazon S3 at shutdown.
Configure an Amazon CloudFront distribution. Point the distribution to an S3 bucket, and migrate the videos from EFS to Amazon S3.
Configure an Amazon CloudFront distribution. Point the distribution to an S3 bucket, and migrate the videos from EFS to Amazon S3.
Set up an Amazon CloudFront distribution for all site contents, and point the distribution at the ALB.
Set up an Amazon CloudFront distribution for all site contents, and point the distribution at the ALB.
Suggested answer: C

Explanation:

Reference:

https://aws.amazon.com/premiumsupport/knowledge-center/cloudfront-https-connection-fails/

asked 16/09/2024
Rui Carrapico
33 questions

Question 522

Report
Export
Collapse

You are the new IT architect in a company that operates a mobile sleep tracking application.

When activated at night, the mobile app is sending collected data points of 1 kilobyte every 5 minutes to your backend. The backend takes care of authenticating the user and writing the data points into an Amazon DynamoDB table. Every morning, you scan the table to extract and aggregate last night's data on a per user basis, and store the results in Amazon S3. Users are notified via Amazon SNS mobile push notifications that new data is available, which is parsed and visualized by the mobile app.

Currently you have around 100k users who are mostly based out of North America.

You have been tasked to optimize the architecture of the backend system to lower cost.

What would you recommend? (Choose two.)

Have the mobile app access Amazon DynamoDB directly Instead of JSON files stored on Amazon S3.
Have the mobile app access Amazon DynamoDB directly Instead of JSON files stored on Amazon S3.
Write data directly into an Amazon Redshift cluster replacing both Amazon DynamoDB and Amazon S3.
Write data directly into an Amazon Redshift cluster replacing both Amazon DynamoDB and Amazon S3.
Introduce an Amazon SQS queue to buffer writes to the Amazon DynamoDB table and reduce provisioned write throughput.
Introduce an Amazon SQS queue to buffer writes to the Amazon DynamoDB table and reduce provisioned write throughput.
Introduce Amazon Elasticache to cache reads from the Amazon DynamoDB table and reduce provisioned read throughput.
Introduce Amazon Elasticache to cache reads from the Amazon DynamoDB table and reduce provisioned read throughput.
Create a new Amazon DynamoDB table each day and drop the one for the previous day after its data is on Amazon S3.
Create a new Amazon DynamoDB table each day and drop the one for the previous day after its data is on Amazon S3.
Suggested answer: C, D

Explanation:

Reference: https://d0.awsstatic.com/whitepapers/performance-at-scale-with-amazon-elasticache.pdf

asked 16/09/2024
Gudni Hauksson
42 questions

Question 523

Report
Export
Collapse

Which of the following does Amazon DynamoDB perform?

Atomic increment or decrement on scalar values
Atomic increment or decrement on scalar values
Neither increment nor decrement operations
Neither increment nor decrement operations
Only increment on vector values
Only increment on vector values
Only atomic decrement operations
Only atomic decrement operations
Suggested answer: A

Explanation:

Amazon DynamoDB allows atomic increment and decrement operations on scalar values.

Reference: http://aws.amazon.com/dynamodb/faqs/

asked 16/09/2024
Joe Pardee
46 questions

Question 524

Report
Export
Collapse

What happens when Dedicated instances are launched into a VPC?

If you launch an instance into a VPC that has an instance tenancy of dedicated, you must manually create a Dedicated instance.
If you launch an instance into a VPC that has an instance tenancy of dedicated, you must manually create a Dedicated instance.
If you launch an instance into a VPC that has an instance tenancy of dedicated, your instance is created as a Dedicated instance, only based on the tenancy of the instance.
If you launch an instance into a VPC that has an instance tenancy of dedicated, your instance is created as a Dedicated instance, only based on the tenancy of the instance.
If you launch an instance into a VPC that has an instance tenancy of dedicated, your instance is automatically a Dedicated instance, regardless of the tenancy of the instance.
If you launch an instance into a VPC that has an instance tenancy of dedicated, your instance is automatically a Dedicated instance, regardless of the tenancy of the instance.
None of these are true.
None of these are true.
Suggested answer: C

Explanation:

If you launch an instance into a VPC that has an instance tenancy of dedicated, your instance is automatically a Dedicated instance, regardless of the tenancy of the instance.

Reference: http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/dedicated-instance.html

asked 16/09/2024
Charles Marlin
36 questions

Question 525

Report
Export
Collapse

A company is deploying a third-party firewall appliance solution from AWS Marketplace to monitor and protect traffic that leaves the company’s AWS environments. The company wants to deploy this appliance into a shared services VPC and route all outbound internet-bound traffic through the appliances.

A solutions architect needs to recommend a deployment method that prioritizes reliability and minimizes failover time between firewall appliances within a single AWS Region. The company has set up routing from the shared services VPC to other VPCs.

Which steps should the solutions architect recommend to meet these requirements? (Choose three.)

Deploy two firewall appliances into the shared services VPC, each in a separate Availability Zone.
Deploy two firewall appliances into the shared services VPC, each in a separate Availability Zone.
Create a new Network Load Balancer in the shared services VPC. Create a new target group, and attach it to the new Network Load Balancer. Add each of the firewall appliance instances to the target group.
Create a new Network Load Balancer in the shared services VPC. Create a new target group, and attach it to the new Network Load Balancer. Add each of the firewall appliance instances to the target group.
Create a new Gateway Load Balancer in the shared services VPCreate a new target group, and attach it to the new Gateway Load Balancer. Add each of the firewall appliance instances to the target group.
Create a new Gateway Load Balancer in the shared services VPCreate a new target group, and attach it to the new Gateway Load Balancer. Add each of the firewall appliance instances to the target group.
Create a VPC interface endpoint. Add a route to the route table in the shared services VPC. Designate the new endpoint as the next hop for traffic that enters the shared services VPC from other VPCs.
Create a VPC interface endpoint. Add a route to the route table in the shared services VPC. Designate the new endpoint as the next hop for traffic that enters the shared services VPC from other VPCs.
Deploy two firewall appliances into the shared services VPC, each in the same Availability Zone.
Deploy two firewall appliances into the shared services VPC, each in the same Availability Zone.
Create a VPC Gateway Load Balancer endpoint. Add a route to the route table in the shared services VPC. Designate the new endpoint as the next hop for traffic that enters the shared services VPC from other VPCs.
Create a VPC Gateway Load Balancer endpoint. Add a route to the route table in the shared services VPC. Designate the new endpoint as the next hop for traffic that enters the shared services VPC from other VPCs.
Suggested answer: B, E, F
asked 16/09/2024
Zaw Zaw
32 questions

Question 526

Report
Export
Collapse

A large global financial services company has multiple business units. The company wants to allow Developers to try new services, but there are multiple compliance requirements for different workloads. The Security team is concerned about the access strategy for on-premises and AWS implementations. They would like to enforce governance for AWS services used by business teams for regulatory workloads, including Payment Card Industry (PCI) requirements. Which solution will address the Security team’s concerns and allow the Developers to try new services?

Implement a strong identity and access management model that includes users, groups, and roles in various AWS accounts. Ensure that centralized AWS CloudTrail logging is enabled to detect anomalies. Build automation with AWS Lambda to tear down unapproved AWS resources for governance.
Implement a strong identity and access management model that includes users, groups, and roles in various AWS accounts. Ensure that centralized AWS CloudTrail logging is enabled to detect anomalies. Build automation with AWS Lambda to tear down unapproved AWS resources for governance.
Build a multi-account strategy based on business units, environments, and specific regulatory requirements. Implement SAML-based federation across all AWS accounts with an on-premises identity store. Use AWS Organizations and build organizational units (OUs) structure based on regulations and service governance. Implement service control policies across OUs.
Build a multi-account strategy based on business units, environments, and specific regulatory requirements. Implement SAML-based federation across all AWS accounts with an on-premises identity store. Use AWS Organizations and build organizational units (OUs) structure based on regulations and service governance. Implement service control policies across OUs.
Implement a multi-account strategy based on business units, environments, and specific regulatory requirements. Ensure that only PCI-compliant services are approved for use in the accounts. Build IAM policies to give access to only PCIcompliant services for governance.
Implement a multi-account strategy based on business units, environments, and specific regulatory requirements. Ensure that only PCI-compliant services are approved for use in the accounts. Build IAM policies to give access to only PCIcompliant services for governance.
Build one AWS account for the company for strong security controls. Ensure that all the service limits are raised to meet company scalability requirements. Implement SAML federation with an onpremises identity store, and ensure that only approved services are used in the account.
Build one AWS account for the company for strong security controls. Ensure that all the service limits are raised to meet company scalability requirements. Implement SAML federation with an onpremises identity store, and ensure that only approved services are used in the account.
Suggested answer: B

Explanation:

Reference:

https://docs.aws.amazon.com/organizations/latest/userguide/orgs_introduction.html

asked 16/09/2024
maddalena barbaro
33 questions

Question 527

Report
Export
Collapse

When I/O performance is more important than fault tolerance, which of the following configurations should be used?

SPAN 10
SPAN 10
RAID 1
RAID 1
RAID 0
RAID 0
NFS 1
NFS 1
Suggested answer: C

Explanation:

When I/O performance is more important than fault tolerance, the RAID 0 configuration must be used; for example, as in a heavily used database (where data replication is already set up separately).

Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/raid-config.html

asked 16/09/2024
Yesaldine Salazar
42 questions

Question 528

Report
Export
Collapse

A company asks a solution architect to optimize the cost of a solution. The solution handles requests from multiple customers. The solution includes a multi-tier architecture that uses Amazon API Gateway, AWS Lambda, AWS Fargate, Amazon Simple Queue Service (Amazon SQS), and Amazon EC2.

In the current setup, requests go through API Gateway to Lambda and either start a container in Fargate or push a message to an SQS queue. An EC2 Fleet provides EC2 instances that serve as workers for the SQS queue. The EC2 Fleet scales based on the number of items in the SQS queue.

Which combination of steps should the solutions architect recommend to reduce cost the MOST? (Choose three.)

Determine the minimum number of EC2 instances that are needed during a day. Reserve this number of instances in a 3- year plan with payment all upfront.
Determine the minimum number of EC2 instances that are needed during a day. Reserve this number of instances in a 3- year plan with payment all upfront.
Examine the last 6 months of compute utilization across the services. Use this information to determine the needed compute for the solution. Commit to a Savings Plan for this amount.
Examine the last 6 months of compute utilization across the services. Use this information to determine the needed compute for the solution. Commit to a Savings Plan for this amount.
Determine the average number of EC2 instances that are needed during a day. Reserve this number of instances in a 3- year plan with payment all upfront.
Determine the average number of EC2 instances that are needed during a day. Reserve this number of instances in a 3- year plan with payment all upfront.
Remove the SQS queue from the solution and from the solution infrastructure.
Remove the SQS queue from the solution and from the solution infrastructure.
Change the solution so that it runs as a container instead of on EC2 instances. Configure Lambda to start up the solution in Fargate by using environment variables to give the solution the message.
Change the solution so that it runs as a container instead of on EC2 instances. Configure Lambda to start up the solution in Fargate by using environment variables to give the solution the message.
Change the Lambda function so that it posts the message directly to the EC2 instances through an Application Load Balancer.
Change the Lambda function so that it posts the message directly to the EC2 instances through an Application Load Balancer.
Suggested answer: C, D, E

Explanation:

Reference: https://aws.amazon.com/ec2/pricing/reserved-instances/

asked 16/09/2024
Rahul Biradavolu
41 questions

Question 529

Report
Export
Collapse

You're trying to delete an SSL certificate from the IAM certificate store, and you're getting the message "Certificate: is being used by CloudFront." Which of the following statements is probably the reason why you are getting this error?

Before you can delete an SSL certificate you need to set up https on your server.
Before you can delete an SSL certificate you need to set up https on your server.
Before you can delete an SSL certificate, you need to set up the appropriate access level in IAM
Before you can delete an SSL certificate, you need to set up the appropriate access level in IAM
Before you can delete an SSL certificate, you need to either rotate SSL certificates or revert from using a custom SSL certificate to using the default CloudFront certificate.
Before you can delete an SSL certificate, you need to either rotate SSL certificates or revert from using a custom SSL certificate to using the default CloudFront certificate.
You can't delete SSL certificates. You need to request it from AWS.
You can't delete SSL certificates. You need to request it from AWS.
Suggested answer: C

Explanation:

CloudFront is a web service that speeds up distribution of your static and dynamic web content, for example, .html, .css,.php, and image files, to end users. Every CloudFront web distribution must be associated either with the default CloudFront certificate or with a custom SSL certificate. Before you can delete an SSL certificate, you need to either rotate SSL certificates (replace the current custom SSL certificate with another custom SSL certificate) or revert from using a custom SSL certificate to using the default CloudFront certificate.

Reference: http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Troubleshooting.html

asked 16/09/2024
Ricardo Tellez
25 questions

Question 530

Report
Export
Collapse

Which of the following is the final step that should be completed to start using AWS Direct Connect?

Creating your Virtual Interface
Creating your Virtual Interface
Configuring your router
Configuring your router
Completing the Cross Connect
Completing the Cross Connect
Verifying your Virtual Interface
Verifying your Virtual Interface
Suggested answer: D

Explanation:

You can get started using AWS Direct Connect by completing the following steps. Step 1: Sign Up for Amazon Web Services Step 2: Submit AWS Direct Connect Connection Request Step 3: Complete the Cross Connect (optional) Step 4:

Configure Redundant Connections with AWS Direct Connect Step 5: Create a Virtual Interface Step 6: Download Router Configuration Step 7: Verify Your Virtual Interface

Reference: http://docs.aws.amazon.com/directconnect/latest/UserGuide/getstarted.html#connected

asked 16/09/2024
Vagner Nicodemo
33 questions
Total 906 questions
Go to page: of 91
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A company is running an application on several Amazon EC2 instances in an Auto Scaling group behind an Application Load Balancer. The load on the application varies throughout the day, and EC2 instances are scaled in and out on a regular basis. Log files from the EC2 instances are copied to a central Amazon S3 bucket every 15 minutes. The security team discovers that log files are missing from some of the terminated EC2 instances. Which set of actions will ensure that log files are copied to the central S3 bucket from the terminated EC2 instances?
A company is developing a gene reporting device that will collect genomic information to assist researchers will collecting large samples of data from a diverse population. The device will push 8 KB of genomic data every second to a data platform that will need to process and analyze the data and provide information back to researchers. The data platform must meet the following requirements: Provide near-real-time analytics of the inbound genomic data Ensure the data is flexible, parallel, and durable Deliver results of processing to a data warehouse Which strategy should a solutions architect use to meet these requirements?
A medical company is running an application in the AWS Cloud. The application simulates the effect of medical drugs in development. The application consists of two parts: configuration and simulation. The configuration part runs in AWS Fargate containers in an Amazon Elastic Container Service (Amazon ECS) cluster. The simulation part runs on large, compute optimized Amazon EC2 instances. Simulations can restart if they are interrupted. The configuration part runs 24 hours a day with a steady load. The simulation part runs only for a few hours each night with a variable load. The company stores simulation results in Amazon S3, and researchers use the results for 30 days. The company must store simulations for 10 years and must be able to retrieve the simulations within 5 hours. Which solution meets these requirements MOST cost-effectively?
A Solutions Architect must build a highly available infrastructure for a popular global video game that runs on a mobile phone platform. The application runs on Amazon EC2 instances behind an Application Load Balancer. The instances run in an Auto Scaling group across multiple Availability Zones. The database tier is an Amazon RDS MySQL Multi-AZ instance. The entire application stack is deployed in both us-east-1 and eu-central-1. Amazon Route 53 is used to route traffic to the two installations using a latency-based routing policy. A weighted routing policy is configured in Route 53 as a fail over to another region in case the installation in a region becomes unresponsive. During the testing of disaster recovery scenarios, after blocking access to the Amazon RDS MySQL instance in eu-central-1 from all the application instances running in that region. Route 53 does not automatically failover all traffic to us- east-1. Based on this situation, which changes would allow the infrastructure to failover to us-east-1? (Choose two.)
Your firm has uploaded a large amount of aerial image data to S3. In the past, in your on-premises environment, you used a dedicated group of servers to oaten process this data and used Rabbit MQ - An open source messaging system to get job information to the servers. Once processed the data would go to tape and be shipped offsite. Your manager told you to stay with the current design, and leverage AWS archival storage and messaging services to minimize cost. Which is correct?
A company’s processing team has an AWS account with a production application. The application runs on Amazon EC2 instances behind a Network Load Balancer (NLB). The EC2 instances are hosted in private subnets in a VPC in the eu- west- 1 Region. The VPC was assigned the CIDR block of 10.0.0.0/16. The billing team recently created a new AWS account and deployed an application on EC2 instances that are hosted in private subnets in a VPC in the eu-central-1 Region. The new VPC is assigned the CIDR block of 10.0.0.0/16. The processing application needs to securely communicate with the billing application over a proprietary TCP port. What should a solutions architect do to meet this requirement with the LEAST amount of operational effort?
A company is using multiple AWS accounts. The DNS records are stored in a private hosted zone for Amazon Route 53 in Account A. The company’s applications and databases are running in Account B. A solutions architect will deploy a two-tier application in a new VPC. To simplify the configuration, the db.example.com CNAME record set for the Amazon RDS endpoint was created in a private hosted zone for Amazon Route 53. During deployment the application failed to start. Troubleshooting revealed that db.example.com is not resolvable on the Amazon EC2 instance. The solutions architect confirmed that the record set was created correctly in Route 53. Which combination of steps should the solutions architect take to resolve this issue? (Choose two.)
A company runs an application on AWS. An AWS Lambda function uses credentials to authenticate to an Amazon RDS for MySQL DB instance. A security risk assessment identified that these credentials are not frequently rotated. Also, encryption at rest is not enabled for the DB instance. The security team requires that both of these issues be resolved. Which strategy should a solutions architect recommend to remediate these security risks?
A company runs a dynamic mission-critical web application that has an SLA of 99.99%. Global application users access the application 24/7. The application is currently hosted on premises and routinely fails to meet its SLA, especially when millions of users access the application concurrently. Remote users complain of latency. How should this application be redesigned to be scalable and allow for automatic failover at the lowest cost?
A 3-Ber e-commerce web application is currently deployed on-premises, and will be migrated to AWS for greater scalability and elasticity. The web tier currently shares read-only data using a network distributed file system. The app server tier uses a clustering mechanism for discovery and shared session state that depends on IP multicast. The database tier uses sharedstorage clustering to provide database failover capability, and uses several read slaves for scaling. Data on all servers and the distributed file system directory is backed up weekly to off-site tapes. Which AWS storage and database architecture meets the requirements of the application?