Amazon SAP-C01 Practice Test - Questions Answers, Page 53
List of questions
Question 521
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A company used Amazon EC2 instances to deploy a web fleet to host a blog site. The EC2 instances are behind an Application Load Balancer (ALB) and are configured in an Auto Scaling group. The web application stores all blog content on an Amazon EFS volume.
The company recently added a feature for bloggers to add video to their posts, attracting 10 times the previous user traffic. At peak times of day, users report buffering and timeout issues while attempting to reach the site or watch videos. Which is the MOST cost-efficient and scalable deployment that will resolve the issues for users?
Explanation:
Reference:
https://aws.amazon.com/premiumsupport/knowledge-center/cloudfront-https-connection-fails/
Question 522
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
You are the new IT architect in a company that operates a mobile sleep tracking application.
When activated at night, the mobile app is sending collected data points of 1 kilobyte every 5 minutes to your backend. The backend takes care of authenticating the user and writing the data points into an Amazon DynamoDB table. Every morning, you scan the table to extract and aggregate last night's data on a per user basis, and store the results in Amazon S3. Users are notified via Amazon SNS mobile push notifications that new data is available, which is parsed and visualized by the mobile app.
Currently you have around 100k users who are mostly based out of North America.
You have been tasked to optimize the architecture of the backend system to lower cost.
What would you recommend? (Choose two.)
Explanation:
Reference: https://d0.awsstatic.com/whitepapers/performance-at-scale-with-amazon-elasticache.pdf
Question 523
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
Which of the following does Amazon DynamoDB perform?
Explanation:
Amazon DynamoDB allows atomic increment and decrement operations on scalar values.
Reference: http://aws.amazon.com/dynamodb/faqs/
Question 524
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
What happens when Dedicated instances are launched into a VPC?
Explanation:
If you launch an instance into a VPC that has an instance tenancy of dedicated, your instance is automatically a Dedicated instance, regardless of the tenancy of the instance.
Reference: http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/dedicated-instance.html
Question 525
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A company is deploying a third-party firewall appliance solution from AWS Marketplace to monitor and protect traffic that leaves the company’s AWS environments. The company wants to deploy this appliance into a shared services VPC and route all outbound internet-bound traffic through the appliances.
A solutions architect needs to recommend a deployment method that prioritizes reliability and minimizes failover time between firewall appliances within a single AWS Region. The company has set up routing from the shared services VPC to other VPCs.
Which steps should the solutions architect recommend to meet these requirements? (Choose three.)
Question 526
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A large global financial services company has multiple business units. The company wants to allow Developers to try new services, but there are multiple compliance requirements for different workloads. The Security team is concerned about the access strategy for on-premises and AWS implementations. They would like to enforce governance for AWS services used by business teams for regulatory workloads, including Payment Card Industry (PCI) requirements. Which solution will address the Security team’s concerns and allow the Developers to try new services?
Explanation:
Reference:
https://docs.aws.amazon.com/organizations/latest/userguide/orgs_introduction.html
Question 527
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
When I/O performance is more important than fault tolerance, which of the following configurations should be used?
Explanation:
When I/O performance is more important than fault tolerance, the RAID 0 configuration must be used; for example, as in a heavily used database (where data replication is already set up separately).
Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/raid-config.html
Question 528
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
A company asks a solution architect to optimize the cost of a solution. The solution handles requests from multiple customers. The solution includes a multi-tier architecture that uses Amazon API Gateway, AWS Lambda, AWS Fargate, Amazon Simple Queue Service (Amazon SQS), and Amazon EC2.
In the current setup, requests go through API Gateway to Lambda and either start a container in Fargate or push a message to an SQS queue. An EC2 Fleet provides EC2 instances that serve as workers for the SQS queue. The EC2 Fleet scales based on the number of items in the SQS queue.
Which combination of steps should the solutions architect recommend to reduce cost the MOST? (Choose three.)
Explanation:
Reference: https://aws.amazon.com/ec2/pricing/reserved-instances/
Question 529
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
You're trying to delete an SSL certificate from the IAM certificate store, and you're getting the message "Certificate: is being used by CloudFront." Which of the following statements is probably the reason why you are getting this error?
Explanation:
CloudFront is a web service that speeds up distribution of your static and dynamic web content, for example, .html, .css,.php, and image files, to end users. Every CloudFront web distribution must be associated either with the default CloudFront certificate or with a custom SSL certificate. Before you can delete an SSL certificate, you need to either rotate SSL certificates (replace the current custom SSL certificate with another custom SSL certificate) or revert from using a custom SSL certificate to using the default CloudFront certificate.
Reference: http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Troubleshooting.html
Question 530
![Export Export](https://examgecko.com/assets/images/icon-download-24.png)
Which of the following is the final step that should be completed to start using AWS Direct Connect?
Explanation:
You can get started using AWS Direct Connect by completing the following steps. Step 1: Sign Up for Amazon Web Services Step 2: Submit AWS Direct Connect Connection Request Step 3: Complete the Cross Connect (optional) Step 4:
Configure Redundant Connections with AWS Direct Connect Step 5: Create a Virtual Interface Step 6: Download Router Configuration Step 7: Verify Your Virtual Interface
Reference: http://docs.aws.amazon.com/directconnect/latest/UserGuide/getstarted.html#connected
Question