fAWS Certified Solutions Architect Practice Tests SAA-C01 Exam  «««  click here 1000+ Questions

2019-AWS-SAA-C01练习题 1-50

Q1. An Internet-facing multi-tier web application must be highly available. An ELB Classic Load Balancer is deployed in front of the web tier. Amazon EC2 instances at the web application tier are deployed evenly across two Availability Zones. The database is deployed using RDS Multi- AZ. A NAT instance is launched for Amazon EC2 instances and database resources to access the Internet. These instances are not assigned with public IP addresses. Which component poses a potential single point of failure in this architecture?




  1. Amazon EC2
  2. NAT instance
  3. ELB Classic Load Balancer
  4. Amazon RDS

 

Answer: C

Q2. A call center application consists of a three-tier application using Auto Scaling groups to automatically scale resources as needed. Users report that every morning at 9:00 AM the system becomes very slow for about 15 minutes. A Solution Architect determines that a large percentage of the call center staff starts work at 9:00 AM, so Auto Scaling does not have enough time to scale out to meet demand.

 

How can the Architect fix the problem?

 

  1. Change the Auto Scaling group’s scale out event to scale based on network utilization.
  2. Create an Auto Scaling scheduled action to scale out the necessary resources at 8:30 AM every morning.
  3. Use Reserved Instances to ensure the system has reserved the right amount of capacity for the scale-up events.
  4. Permanently keep a steady state of instances that is needed at 9:00 AM to guarantee available resources, but leverage Spot Instances.

 

Answer: A

 

Q3. An e-commerce application is hosted in AWS. The last time a new product was launched, the application experienced a performance issue due to an enormous spike in traffic. Management decided that capacity must be doubled the week after the product is launched.

 

Which is the MOST efficient way for management to ensure that capacity requirements are met?

 

  1. Add a Step Scaling policy.
  2. Add a Dynamic Scaling policy.
  3. Add a Scheduled Scaling action.
  4. Add Amazon EC2 Spot Instances.

 

Answer: B

 

Q4. A customer owns a simple API for their website that receives about 1,000 requests each day and has an average response time of 50 ms. It is currently hosted on one c4.large instance. Which changes to the architecture will provide high availability at the LOWEST cost?

 

  1. Create an Auto Scaling group with a minimum of one instance and a maximum of two instances, then use an Application Load Balancer to balance the traffic.
  2. Recreate the API using Amazon API Gateway and use AWS Lambda as the service backend.
  3. Create an Auto Scaling group with a maximum of two instances, then use an Application Load Balancer to balance the traffic.
  4. Recreate the API using Amazon API Gateway and integrate the new API with the existing backend service.

 

Answer: A

Q5. A Solution Architect is designing an application that uses Amazon EBS volumes. The volumes must be backed up to a different region.

How should the Architect meet this requirement?

 

  1. Create EBS snapshots directly from one region to another.
  2. Move the data to an Amazon S3 bucket and enable cross-region replication.
  3. Create EBS snapshots and then copy them to the desired region.
  4. Use a script to copy data from the current Amazon EBS volume to the destination Amazon EBS volume.

 

Answer: C

 

Q6. A company is using an Amazon S3 bucket located in us-west-2 to serve videos to their customers. Their customers are located all around the world and the videos are requested a lot during peak hours. Customers in Europe complain about experiencing slow downloaded speeds, and during peak hours, customers in all locations report experiencing HTTP 500 errors. What can a Solutions Architect do to address these issues?

 

  1. Place an elastic load balancer in front of the Amazon S3 bucket to distribute the load during peak hours.
  2. Cache the web content with Amazon CloudFront and use all Edge locations for content delivery.
  3. Replicate the bucket in eu-west-1 and use an Amazon Route 53 failover routing policy to determine which bucket it should serve the request to.
  4. Use an Amazon Route 53 weighted routing policy for the CloudFront domain name to distribute the GET request between CloudFront and the Amazon S3 bucket directly.

 

Answer: D




Q7. A Solutions Architect is designing a solution that includes a managed VPN connection. To monitor whether the VPN connection is up or down, the Architect should use:

 

  1. an external service to ping the VPN endpoint from outside the VPC.
  2. AWS CloudTrail to monitor the endpoint.
  3. the CloudWatch TunnelState Metric.
  4. an AWS Lambda function that parses the VPN connection logs.

 

Answer: C

 

Explanation:

https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/monitoring-cloudwatch-vpn.html

Q8. A social networking portal experiences latency and throughput issues due to an increased number of users. Application servers use very large datasets from an Amazon RDS database, which creates a performance bottleneck on the database.

 

Which AWS service should be used to improve performance?

 

  1. Auto Scaling
  2. Amazon SQS
  3. Amazon ElastiCache
  4. ELB Application Load Balancer

 

Answer: C

 

Q9. A Solutions Architect is designing network architecture for an application that has compliance requirements. The application will be hosted on Amazon EC2 instances in a private subnet and will be using Amazon S3 for storing data. The compliance requirements mandate that the data cannot traverse the public Internet.

 

What is the MOST secure way to satisfy this requirement?

 

  1. Use a NAT Instance.
  2. Use a NAT Gateway.
  3. Use a VPC endpoint.
  4. Use a Virtual Private Gateway.

 

Answer: C

 

Explanation:

https://aws.amazon.com/blogs/aws/new-vpc-endpoint-for-amazon-s3/

Q10. A Solutions Architect is designing a photo application on AWS. Every time a user uploads a photo to Amazon S3, the Architect must insert a new item to a DynamoDB table.

 

Which AWS-managed service is the BEST fit to insert the item?

 

  1. Lambda@Edge
  2. AWS Lambda
  3. Amazon API Gateway
  4. Amazon EC2 instances

 

Answer: B

 

Explanation:

https://aws.amazon.com/blogs/machine-learning/build-your-own-face-recognition-service-using- amazon-rekognition/

Q11. An application relies on messages being sent and received in order. The volume will never exceed more than 300 transactions each second.

Which service should be used?

 

  1. Amazon SQS
  2. Amazon SNS
  3. Amazon ECS
  4. AWS STS

 

Answer: A

 

Q12. A Solutions Architect is designing an application on AWS that uses persistent block storage. Data must be encrypted at rest.

 

Which solution meets the requirement?

 

  1. Enable SSL on Amazon EC2 instances.
  2. Encrypt Amazon EBS volumes on Amazon EC2 instances.
  3. Enable server-side encryption on Amazon S3.
  4. Encrypt Amazon EC2 Instance Storage.




Answer: B

 

Explanation:

https://aws.amazon.com/blogs/aws/protect-your-data-with-new-ebs-encryption/

Q13. A company is launching a static website using the zone apex (mycompany.com). The company wants to use Amazon Route 53 for DNS.

Which steps should the company perform to implement a scalable and cost-effective solution? (Choose two.)

 

  1. Host the website on an Amazon EC2 instance with ELB and Auto Scaling, and map a Route 53 alias record to the ELB endpoint.
  2. Host the website using AWS Elastic Beanstalk, and map a Route 53 alias record to the Beanstalk stack.
  3. Host the website on an Amazon EC2 instance, and map a Route 53 alias record to the public IP address of the Amazon EC2 instance.
  4. Serve the website from an Amazon S3 bucket, and map a Route 53 alias record to the website endpoint.
  5. Create a Route 53 hosted zone, and set the NS records of the domain to use Route 53 name servers.

 

Answer: DE

 

Q14. A manufacturing company captures data from machines running at customer sites. Currently, thousands of machines send data every 5 minutes, and this is expected to grow to hundreds of thousands of machines in the near future. The data is logged with the intent to be analyzed in the future as needed. What is the SIMPLEST method to store this streaming data at scale?

 




A.Create an Amazon Kinesis Firehouse delivery stream to store the data in Amazon S3.

B. Create an Auto Scaling group of Amazon EC2 servers behind ELBs to write the data into Amazon RDS.

C. Create an Amazon SQS queue, and have the machines write to the queue.

D. Create an Amazon EC2 server farm behind an ELB to store the data in Amazon EBS Cold HDD volumes.

 

Answer: B

Answer: A

Explanation: !!!!!What is the simplest method to store this streaming data at scale?

Amazon Kinesis Data Firehose is the easiest way to reliably load streaming data into data lakes, data stores and analytics tools. It can capture, transform, and load streaming data into Amazon S3, Amazon Redshift, Amazon Elasticsearch Service, and Splunk, enabling near real-time analytics with existing business intelligence tools and dashboards you’re already using today. It is a fully managed service that automatically scales to match the throughput of your data and requires no ongoing administration. It can also batch, compress, transform, and encrypt the data before loading it, minimizing the amount of storage used at the destination and increasing security.

https://aws.amazon.com/kinesis/data-firehose/?nc1=h_ls

 

Q15. A bank is writing new software that is heavily dependent upon the database transactions for write consistency. The application will also occasionally generate reports on data in the database, and will do joins across multiple tables. The database must automatically scale as the amount of data grows.

Which AWS service should be used to run the database?

 

  1. Amazon S3
  2. Amazon Aurora
  3. Amazon DynamoDB
  4. Amazon Redshift

 

Answer: B





Q16. A Solutions Architect is designing a new application that needs to access data in a different AWS account located within the same region. The data must not be accessed over the Internet. Which solution will meet these requirements with the LOWEST cost?

 

  1. Add rules to the security groups in each account.
  2. Establish a VPC Peering connection between accounts.
  3. Configure Direct Connect in each account.
  4. Add a NAT Gateway to the data account.

 

Answer: B

 

Q17. A Solutions Architect is designing a mobile application that will capture receipt images to track expenses. The Architect wants to store the images on Amazon S3. However, uploading images through the web server will create too much traffic. What is the MOST efficient method to store images from a mobile application on Amazon S3?

 

  1. Upload directly to S3 using a pre-signed URL.
  2. Upload to a second bucket, and have a Lambda event copy the image to the primary bucket.
  3. Upload to a separate Auto Scaling group of servers behind an ELB Classic Load Balancer, and have them write to the Amazon S3 bucket.
  4. Expand the web server fleet with Spot Instances to provide the resources to handle the images.

 

Answer: C

 

Q18. A company requires that the source, destination, and protocol of all IP packets be recorded when traversing a private subnet.

What is the MOST secure and reliable method of accomplishing this goal.

 

  1. Create VPC flow logs on the subnet.
  2. Enable source destination check on private Amazon EC2 instances.
  3. Enable AWS CloudTrail logging and specify an Amazon S3 bucket for storing log files.
  4. Create an Amazon CloudWatch log to capture packet information.

 

Answer: A

 

Q19. A Solutions Architect has a multi-layer application running in Amazon VPC. The application has an ELB Classic Load Balancer as the front end in a public subnet, and an Amazon EC2-based reverse proxy that performs content-based routing to two backend Amazon EC2 instances hosted in a private subnet. The Architect sees tremendous traffic growth and is concerned that the reverse proxy and current backend set up will be insufficient. Which actions should the Architect take to achieve a cost-effective solution that ensures the application automatically scales to meet traffic demand? (Select two.)

 

  1. Replace the Amazon EC2 reverse proxy with an ELB internal Classic Load Balancer.
  2. Add Auto Scaling to the Amazon EC2 backend fleet.
  3. Add Auto Scaling to the Amazon EC2 reverse proxy layer.
  4. Use t2 burstable instance types for the backend fleet.
  5. Replace both the frontend and reverse proxy layers with an ELB Application Load Balancer.

 

Answer: AB

 

Q20. A company is launching a marketing campaign on their website tomorrow and expects a significant increase in traffic. The website is designed as a multi-tiered web architecture, and the increase in traffic could potentially overwhelm the current design. What should a Solutions Architect do to minimize the effects from a potential failure in one or more of the tiers?

 

  1. Migrate the database to Amazon RDS.
  2. Set up DNS failover to a statistic website.
  3. Use Auto Scaling to keep up with the demand.
  4. Use both a SQL and a NoSQL database in the design.

 

Answer: C

 

Q21. A web application experiences high compute costs due to serving a high amount of static web content. How should the web server architecture be designed to be the MOST cost-efficient?

 

  1. Create an Auto Scaling group to scale out based on average CPU usage.
  2. Create an Amazon CloudFront distribution to pull static content from an Amazon S3 bucket.
  3. Leverage Reserved Instances to add additional capacity at a significantly lower price.
  4. Create a multi-region deployment using an Amazon Route 53 geolocation routing policy.

 

Answer: B

 

Q22. A Solutions Architect plans to migrate NAT instances to NAT gateway. The Architect has NAT instances with scripts to manage high availability.

What is the MOST efficient method to achieve similar high availability with NAT gateway?

 

  1. Remove source/destination check on NAT instances.
  2. Launch a NAT gateway in each Availability Zone.
  3. Use a mix of NAT instances and NAT gateway.
  4. Add an ELB Application Load Balancer in front of NAT gateway.

 

Answer: B

 

Q23. A Solutions Architect is designing a solution to store a large quantity of event data in Amazon S3. The Architect anticipates that the workload will consistently exceed 100 requests each second. What should the Architect do in Amazon S3 to optimize performance?

 

  1. Randomize a key name prefix.
  2. Store the event data in separate buckets.
  3. Randomize the key name suffix.
  4. Use Amazon S3 Transfer Acceleration.

 

Answer: A

 

Explanation:

https://docs.aws.amazon.com/AmazonS3/latest/dev/request-rate-perf-considerations.html

Q24. A news organization plans to migrate their 20 TB video archive to AWS. The files are rarely accessed, but when they are, a request is made in advance and a 3 to 5-hour retrieval time frame is acceptable. However, when there is a breaking news story, the editors require access to archived footage within minutes.

Which storage solution meets the needs of this organization while providing the LOWEST cost of storage?

 

  1. Store the archive in Amazon S3 Reduced Redundancy Storage.
  2. Store the archive in Amazon Glacier and use standard retrieval for all content.
  3. Store the archive in Amazon Glacier and pay the additional charge for expedited retrieval when needed.
  4. Store the archive in Amazon S3 with a lifecycle policy to move this to S3 Infrequent Access after 30 days.

 

Answer: C

 

Q25. A Solutions Architect is building a multi-tier website. The web servers will be in a public subnet, and the database servers will be in a private subnet. Only the web servers can be accessed from the Internet. The database servers must have Internet access for software updates.

Which solution meets the requirements?

 

  1. Assign Elastic IP addresses to the database instances.
  2. Allow Internet traffic on the private subnet through the network ACL.
  3. Use a NAT Gateway.
  4. Use an egress-only Internet Gateway.

 

Answer: C

 

Q26. A Solutions Architect is designing a Lambda function that calls an API to list all running Amazon RDS instances.

How should the request be authorized?

 

  1. Create an IAM access and secret key, and store it in the Lambda function.
  2. Create an IAM role to the Lambda function with permissions to list all Amazon RDS instances.
  3. Create an IAM role to Amazon RDS with permissions to list all Amazon RDS instances.
  4. Create an IAM access and secret key, and store it in an encrypted RDS database.

 

Answer: B

 

Explanation:

https://docs.aws.amazon.com/zh_cn/lambda/latest/dg/lambda-permissions.html

Q27. A Solutions Architect is building an application on AWS that will require 20,000 IOPS on a particular volume to support a media event. Once the event ends, the IOPS need is no longer required. The marketing team asks the Architect to build the platform to optimize storage without incurring downtime.

 

How should the Architect design the platform to meet these requirements?

 

  1. Change the Amazon EC2 instant types.
  2. Change the EBS volume type to Provisioned IOPS.
  3. Stop the Amazon EC2 instance and provision IOPS for the EBS volume.
  4. Enable an API Gateway to change the endpoints for the Amazon EC2 instances.

 

Answer: B

 

Q28. A Solutions Architect is building a new feature using a Lambda to create metadata when a user uploads a picture to Amazon S3. All metadata must be indexed.

 

Which AWS service should the Architect use to store this metadata?

 

  1. Amazon S3
  2. Amazon DynamoDB
  3. Amazon Kinesis
  4. Amazon EFC

 

Answer: B

 

Q29. An interactive, dynamic website runs on Amazon EC2 instances in a single subnet behind an ELB Classic Load Balancer.

Which design changes will make the site more highly available?

 

  1. Move some Amazon EC2 instances to a subnet in a different way.
  2. Move the website to Amazon S3.
  3. Change the ELB to an Application Load Balancer.
  4. Move some Amazon EC2 instances to a subnet in the same Availability Zone.

 

Answer: A




Q30. A Solutions Architect is designing a web application that is running on an Amazon EC2 instance. The application stores data in DynamoDB. The Architect needs to secure access to the DynamoDB table. What combination of steps does AWS recommend to achieve secure authorization? (Select two.)

 

  1. Store an access key on the Amazon EC2 instance with rights to the Dynamo DB table.
  2. Attach an IAM user to the Amazon EC2 instance.
  3. Create an IAM role with permissions to write to the DynamoDB table.
  4. Attach an IAM role to the Amazon EC2 instance.
  5. Attach an IAM policy to the Amazon EC2 instance.

 

Answer: AC

 

Q31. A Solutions Architect is about to deploy an API on multiple EC2 instances in an Auto Scaling group behind an ELB. The support team has the following operational requirements:

 

  1. They get an alert when the requests per second go over 50,000
  2. They get an alert when latency goes over 5 seconds
  3. They can validate how many times a day users call the API requesting highly-sensitive data

 

Which combination of steps does the Architect need to take to satisfy these operational requirements? (Select two.)

 

  1. Ensure that CloudTrail is enabled.
  2. Create a custom CloudWatch metric to monitor the API for data access.
  3. Configure CloudWatch alarms for any metrics the support team requires.
  4. Ensure that detailed monitoring for the EC2 instances is enabled.
  5. Create an application to export and save CloudWatch metrics for longer term trending analysis.

 

Answer: BD

 

Q32. A media company asked a Solutions Architect to design a highly available storage solution to serve as a centralized document store for their Amazon EC2 instances. The storage solution needs to be POSIX-compliant, scale dynamically, and be able to serve up to 100 concurrent EC2 instances.

 

Which solution meets these requirements?

 

  1. Create an Amazon S3 bucket and store all of the documents in this bucket.
  2. Create an Amazon EBS volume and allow multiple users to mount that volume to their EC2 instance (s).
  3. Use Amazon Glacier to store all of the documents.
  4. Create an Amazon Elastic File System (Amazon EFS) to store and share the documents.

 

Answer: D

 

Explanation:

https://aws.amazon.com/efs/enterprise-applications/

Q33. A Solution Architect has a two-tier application with a single Amazon EC2 instance web server and Amazon RDS MySQL Multi-AZ DB instances. The Architect is re-architecting the application for high availability by adding instances in a second Availability Zone.

 

Which additional services will improve the availability of the application? (Choose two.)

 

  1. Auto Scaling group
  2. AWS CloudTrail
  3. ELB Classic Load Balancer
  4. Amazon DynamoDB
  5. Amazon ElastiCache

 

Answer: AE

 

Q34. A company is migrating its data center to AWS. As part of this migration, there is a three-tier web application that has strict data-at-rest encryption requirements. The customer deploys this application on Amazon EC2 using Amazon EBS, and now must provide encryption at-rest.

 

How can this requirement be met without changing the application?

 

  1. Use AWS Key Management Service and move the encrypted data to Amazon S3.
  2. Use an application-specific encryption API with AWS server-side encryption.
  3. Use encrypted EBS storage volumes with AWS-managed keys.
  4. Use third-party tools to encrypt the EBS data volumes with Key Management Service Bring Your Own Keys.

 

Answer: C
Q35. A Solutions Architect is developing software on AWS that requires access to multiple AWS services, including an Amazon EC2 instance. This is a security sensitive application, and AWS credentials such as Access Key ID and Secret Access Key need to be protected and cannot be exposed anywhere in the system.

 

What security measure would satisfy these requirements?

 

  1. Store the AWS Access Key ID/Secret Access Key combination in software comments.
  2. Assign an IAM user to the Amazon EC2 instance.
  3. Assign an IAM role to the Amazon EC2 instance.
  4. Enable multi-factor authentication for the AWS root account.

 

Answer: B

 

Explanation:

https://aws.amazon.com/premiumsupport/knowledge-center/potential-account-compromise/

Q36. An AWS workload in a VPC is running a legacy database on an Amazon EC2 instance. Data is stored on a 200GB Amazon EBS (gp2) volume. At peak load times, logs show excessive wait time.

 

What solution should be implemented to improve database performance using persistent storage?

 

  1. Migrate the data on the Amazon EBS volume to an SSD-backed volume.
  2. Change the EC2 instance type to one with EC2 instance store volumes.
  3. Migrate the data on the EBS volume to provisioned IOPS SSD (io1).
  4. Change the EC2 instance type to one with burstable performance.

 

Answer: D

 

Explanation:

https://docs.aws.amazon.com/aws-technical-content/latest/oracle-database-aws-best-practices/ architecting-for-security-and-performance.html

Q37. A company’s website receives 50,000 requests each second, and the company wants to use multiple applications to analyze the navigation patterns of the users on their website so that the experience can be personalized.

 

What can a Solutions Architect use to collect page clicks for the website and process them sequentially for each user?

 

  1. Amazon Kinesis Stream
  2. Amazon SQS standard queue
  3. Amazon SQS FIFO queue
  4. AWS CloudTrail trail

 

Answer: A

 

Explanation:

https://aws.amazon.com/blogs/aws/amazon-kinesis-real-time-processing-of-streamed-data/

Q38. A company wants to migrate a highly transactional database to AWS. Requirements state that the database has more than 6 TB of data and will grow exponentially.

 

Which solution should a Solutions Architect recommend?

 

  1. Amazon Aurora
  2. Amazon Redshift
  3. Amazon DynamoDB
  4. Amazon RDS MySQL

 

Answer: A

 

Explanation:

https://aws.amazon.com/dms/



Q39. A company hosts a two-tier application that consists of a publicly accessible web server that communicates with a private database. Only HTTPS port 443 traffic to the web server must be allowed from the Internet.

 

Which of the following options will achieve these requirements? (Choose two.)

 

1,Security group rule that allows inbound Internet traffic for port 443.

2,Security group rule that denies all inbound Internet traffic except port 443.

3,Network ACL rule that allows port 443 inbound and all ports outbound for Internet traffic.

4,Security group rule that allows Internet traffic for port 443 in both inbound and outbound.

5,Network ACL rule that allows port 443 for both inbound and outbound for all Internet traffic.

 

Answer: AE

 

Q40. A Solutions Architect is designing an Amazon VPC. Applications in the VPC must have private connectivity to Amazon DynamoDB in the same AWS Region.

 

The design should route DynamoDB traffic through:

 

  1. VPC peering connection.
  2. NAT gateway
  3. VPC endpoint
  4. AWS Direct Connect

 

Answer: C

 

Explanation:

https://aws.amazon.com/blogs/database/how-to-configure-a-private-network-environment-for- amazon-dynamodb-using-vpc-endpoints/

Q41. A Solutions Architect is architecting a workload that requires a performant object-based storage system that must be shared with multiple Amazon EC2 instances.

 

Which AWS service meets this requirement?

 

  1. Amazon EFS
  2. Amazon S3
  3. Amazon EBS
  4. Amazon ElastiCache

 

Answer: A

 

Explanation:

https://aws.amazon.com/efs/

Q42. A Solutions Architect is developing a solution for sharing files in an organization. The solution must allow multiple users to access the storage service at once from different virtual machines and scale automatically. It must also support file-level locking.

 

Which storage service meets the requirements of this use case?

 

  1. Amazon S3
  2. Amazon EFS
  3. Amazon EBS
  4. Cached Volumes

 

Answer: B





Q43. A company runs a legacy application with a single-tier architecture on an Amazon EC2 instance. Disk I/O is low, with occasional small spikes during business hours. The company requires the instance to be stopped from 8 PM to 8 AM daily.

 

Which storage option is MOST appropriate for this workload?

 

  1. Amazon EC2 instance storage
  2. Amazon EBS General Purpose SSD (gp2) storage
  3. Amazon S3
  4. Amazon EBS Provision IOPS SSD (io1) storage

 

Answer: C

 

Q44. As part of securing an API layer built on Amazon API gateway, a Solutions Architect has to authorize users who are currently authenticated by an existing identity provider. The users must be denied access for a period of one hour after three unsuccessful attempts.

 

How can the Solutions Architect meet these requirements?

 

  1. Use AWS IAM authorization and add least-privileged permissions to each respective IAM role.
  2. Use an API Gateway custom authorizer to invoke an AWS Lambda function to validate each user’s identity.
  3. Use Amazon Cognito user pools to provide built-in user management.
  4. Use Amazon Cognito user pools to integrate with external identity providers.

 

Answer: D

 

Explanation:

https://aws.amazon.com/th/cognito/faqs/?nc1=h_ls

Q45. An organization runs an online media site, hosted on-premises. An employee posted a product review that contained videos and pictures. The review went viral and the organization needs to handle the resulting spike in website traffic.

 

What action would provide an immediate solution?

 

  1. Redesign the website to use Amazon API Gateway, and use AWS Lambda to deliver content.
  2. Add server instances using Amazon EC2 and use Amazon Route 53 with a failover routing policy.
  3. Serve the images and videos via an Amazon CloudFront distribution created using the news site as the origin.
  4. Use Amazon ElasticCache for Redis for caching and reducing the load requests from the origin.

 

Answer: C

 

Q46. A client notices that their engineers often make mistakes when creating Amazon SQS queues for their backend system.

 

Which action should a Solutions Architect recommend to improve this process?

 

  1. Use the AWS CLI to create queues using AWS IAM Access Keys.
  2. Write a script to create the Amazon SQS queue using AWS Lambda.
  3. Use AWS Elastic Beanstalk to automatically create the Amazon SQS queues.
  4. Use AWS CloudFormation Templates to manage the Amazon SQS queue creation.

 

Answer: D

 

Explanation:

https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-create- queue.html#create-queue-cloudformation

Q47. A development team is building an application with front-end and backend application tiers. Each tier consists of Amazon EC2 instances behind an ELB Classic Load Balancer. The instances run in Auto Scaling groups across multiple Availability Zones. The network team has allocated the 10.0.0.0/24 address space for this application. Only the front-end load balancer should be exposed to the Internet. There are concerns about the limited size of the address space and the ability of each tier to scale.

 

What should the VPC subnet design be in each Availability Zone?

 

  1. One public subnet for the load balancer tier, one public subnet for the front-end tier, and one private subnet for the backend tier.
  2. One shared public subnet for all tiers of the application.
  3. One public subnet for the load balancer tier and one shared private subnet for the application tiers.
  4. One shared private subnet for all tiers of the application.

 

Answer: A



Q48. A Solutions Architect must select the storage type for a big data application that requires very high sequential I/O. The data must persist if the instance is stopped.

 

Which of the following storage types will provide the best fit at the LOWEST cost for the application?

 

  1. An Amazon EC2 instance store local SSD volume.
  2. An Amazon EBS provisioned IOPS SSD volume.
  3. An Amazon EBS throughput optimized HDD volume.
  4. An Amazon EBS general purpose SSD volume.

 

Answer: C

 

Q49. Two Auto Scaling applications, Application A and Application B, currently run within a shared set of subnets. A Solutions Architect wants to make sure that Application A can make requests to Application B, but Application B should be denied from making requests to Application A.

 

Which is the SIMPLEST solution to achieve this policy?

 

  1. Using security groups that the security groups of the other application
  2. Using security groups that the application server’s IP addresses
  3. Using Network Access Control Lists to allow/deny traffic based on application IP addresses
  4. Migrating the applications to separate subnets from each other

 

Answer: A

 

Q50. Legacy applications currently send messages through a single Amazon EC2 instance, which then routes the messages to the appropriate destinations. The Amazon EC2 instance is a bottleneck and single point of failure, so the company would like to address these issues.

 

Which services could address this architectural use case? (Choose two.)

 

  1. Amazon SNS
  2. AWS STS
  3. Amazon SQS
  4. Amazon Route 53
  5. AWS Glue

 

Answer: AC

1 个评论

  1. Q14.What is the simplest method to store this streaming data at scale?
    Answer: A
    Explanation:Amazon Kinesis Data Firehose is the easiest way to reliably load streaming data into data lakes, data stores and analytics tools.

发表评论

电子邮件地址不会被公开。