Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

EXAM SAA-C02 > saa-c02-part-07 > Flashcards

saa-c02-part-07 Flashcards

1
Q

A company running an on-premises application is migrating the application to AWS to increase its elasticity and availability. The current architecture uses a Microsoft SQL Server database with heavy read activity. The company wants to explore alternate database options and migrate database engines, if needed. Every 4 hours, the development team does a full copy of the production database to populate a test database. During this period, users experience latency.

What should a solutions architect recommend as replacement database?

  1. Use Amazon Aurora with Multi-AZ Aurora Replicas and restore from mysqldump for the test database.
  2. Use Amazon Aurora with Multi-AZ Aurora Replicas and restore snapshots from Amazon RDS for the test database.
  3. Use Amazon RDS for MySQL with a Multi-AZ deployment and read replicas, and use the standby instance for the test database.
  4. Use Amazon RDS for SQL Server with a Multi-AZ deployment and read replicas, and restore snapshots from RDS for the test database.
A
  1. Use Amazon RDS for SQL Server with a Multi-AZ deployment and read replicas, and restore snapshots from RDS for the test database.

SQL Server only migrates to SQL Server, too much work otherwise

Aurora supports only MySQL and PostgreSQL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A company has enabled AWS CloudTrail logs to deliver log files to an Amazon S3 bucket for each of its developer accounts. The company has created a central AWS account for streamlining management and audit reviews. An internal auditor needs to access the CloudTrail logs, yet access needs to be restricted for all developer account users. The solution must be secure and optimized.

How should a solutions architect meet these requirements?

  1. Configure an AWS Lambda function in each developer account to copy the log files to the central account. Create an IAM role in the central account for the auditor. Attach an IAM policy providing read-only permissions to the bucket.
  2. Configure CloudTrail from each developer account to deliver the log files to an S3 bucket in the central account. Create an IAM user in the central account for the auditor. Attach an IAM policy providing full permissions to the bucket.
  3. Configure CloudTrail from each developer account to deliver the log files to an S3 bucket in the central account. Create an IAM role in the central account for the auditor. Attach an IAM policy providing read-only permissions to the bucket.
  4. Configure an AWS Lambda function in the central account to copy the log files from the S3 bucket in each developer account. Create an IAM user in the central account for the auditor. Attach an IAM policy providing full permissions to the bucket.
A
  1. Configure CloudTrail from each developer account to deliver the log files to an S3 bucket in the central account. Create an IAM role in the central account for the auditor. Attach an IAM policy providing read-only permissions to the bucket.

Anything with permissions look for answer with “role

optimized = dont create duplicate logs = 1 S3 bucket = 3

2 = full permissions = wrong

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A company has several business systems that require access to data stored in a file share. The business systems will access the file share using the Server Message Block (SMB) protocol. The file share solution should be accessible from both of the company’s legacy on-premises environments and with AWS.

Which services meet the business requirements? (Choose two.)

  1. Amazon Elastic Block Store (Amazon EBS)
  2. Amazon Elastic File System (Amazon EFS)
  3. Amazon FSx for Windows
  4. Amazon S3
  5. AWS Storage Gateway file gateway
A
  1. Amazon FSx for WindowsAmazon S3
  2. AWS Storage Gateway file gateway

SMB = FSx for Windows

on-premises = Storage Gateway

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A company is using Amazon EC2 to run its big data analytics workloads. These variable workloads run each night, and it is critical they finish by the start of business the following day. A solutions architect has been tasked with designing the MOST cost-effective solution.

Which solution will accomplish this?

  1. Spot Fleet
  2. Spot Instances
  3. Reserved Instances
  4. On-Demand Instances
A
  1. Spot Fleet

Spot Fleet = Spot Fleet is a collection, or fleet, of Spot Instances that will recover if terminated

Spot Fleet = target capacity

Spot Fleet = cost-effective

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet.html

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

A company has a Microsoft Windows-based application that must be migrated to AWS. This application requires the use of a shared Windows file system attached to multiple Amazon EC2 Windows instances.

What should a solutions architect do to accomplish this?

  1. Configure a volume using Amazon Elastic File System (Amazon EFS). Mount the EFS volume to each Windows instance.
  2. Configure AWS Storage Gateway in Volume Gateway mode. Mount the volume to each Windows instance.
  3. Configure Amazon FSx for Windows File Server. Mount the Amazon FSx volume to each Windows instance.
  4. Configure an Amazon Elastic Block Store (Amazon EBS) volume with the required size. Attach each EC2 instance to the volume. Mount the file system within the volume to each Windows instance.
A
  1. Configure Amazon FSx for Windows File Server. Mount the Amazon FSx volume to each Windows instance.

Windows file system = FSx

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A company has created an isolated backup of its environment in another Region. The application is running in warm standby mode and is fronted by an Application Load Balancer (ALB). The current failover process is manual and requires updating a DNS alias record to point to the secondary ALB in another Region.

What should a solutions architect do to automate the failover process?

  1. Enable an ALB health check
  2. Enable an Amazon Route 53 health check.
  3. Crate an CNAME record on Amazon Route 53 pointing to the ALB endpoint.
  4. Create conditional forwarding rules on Amazon Route 53 pointing to an internal BIND DNS server.
A
  1. Enable an Amazon Route 53 health check.

automate the failover process = health check

another Region = Route 53 needed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A company has a mobile chat application with a data store based in Amazon DynamoDB. Users would like new messages to be read with as little latency as possible. A solutions architect needs to design an optimal solution that requires minimal application changes.

Which method should the solutions architect select?

  1. Configure Amazon DynamoDB Accelerator (DAX) for the new messages table. Update the code to use the DAX endpoint.
  2. Add DynamoDB read replicas to handle the increased read load. Update the application to point to the read endpoint for the read replicas.
  3. Double the number of read capacity units for the new messages table in DynamoDB. Continue to use the existing DynamoDB endpoint.
  4. Add an Amazon ElastiCache for Redis cache to the application stack. Update the application to point to the Redis cache endpoint instead of DynamoDB.
A
  1. Configure Amazon DynamoDB Accelerator (DAX) for the new messages table. Update the code to use the DAX endpoint.

Reduce latency + DynamoDB = DAX

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A company is creating an architecture for a mobile app that requires minimal latency for its users. The company’s architecture consists of Amazon EC2 instances behind an Application Load Balancer running in an Auto Scaling group. The EC2 instances connect to Amazon RDS. Application beta testing showed there was a slowdown when reading the data. However, the metrics indicate that the EC2 instances do not cross any CPU utilization thresholds.

How can this issue be addressed?

  1. Reduce the threshold for CPU utilization in the Auto Scaling group.
  2. Replace the Application Load Balancer with a Network Load Balancer.
  3. Add read replicas for the RDS instances and direct read traffic to the replica.
  4. Add Multi-AZ support to the RDS instances and direct read traffic to the new EC2 instance.
A
  1. Add read replicas for the RDS instances and direct read traffic to the replica.

reading the data = read replicas

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

A company has implemented one of its microservices on AWS Lambda that accesses an Amazon DynamoDB table named Books. A solutions architect is designing an IAM policy to be attached to the Lambda function’s IAM role, giving it access to put, update, and delete items in the Books table. The IAM policy must prevent function from performing any other actions on the Books table or any other

Which IAM policy would fulfill these needs and provide the LEAST privileged access?

A

table named Books = answer with table/Books in policy

put, update, and delete = answer with put+update+delete in policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A company hosts its website on Amazon S3. The website serves petabytes of outbound traffic monthly, which accounts for most of the company’s AWS costs.

What should a solutions architect do to reduce costs?

  1. Configure Amazon CloudFront with the existing website as the origin.
  2. Move the website to Amazon EC2 with Amazon Elastic Block Store (Amazon EBS) volumes for storage.
  3. Use AWS Global Accelerator and specify the existing website as the endpoint.
  4. Rearchitect the website to run on a combination of Amazon API Gateway and AWS Lambda.
A
  1. Configure Amazon CloudFront with the existing website as the origin.

reduce costs + S3 = edge caching = CloudFront

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A company runs a website on Amazon EC2 instances behind an ELB Application Load Balancer. Amazon Route 53 is used for the DNS. The company wants to set up a backup website with a message including a phone number and email address that users can reach if the primary website is down.

How should the company deploy this solution?

  1. Use Amazon S3 website hosting for the backup website and Route 53 failover routing policy.
  2. Use Amazon S3 website hosting for the backup website and Route 53 latency routing policy.
  3. Deploy the application in another AWS Region and use ELB health checks for failover routing.
  4. Deploy the application in another AWS Region and use server-side redirection on the primary website.
A
  1. Use Amazon S3 website hosting for the backup website and Route 53 failover routing policy.

backup + primary website is down = failover routing policy

message including a phone number and email address = static information = S3

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A media company is evaluating the possibility of moving its systems to the AWS Cloud. The company needs at least 10 TB of storage with the maximum possible I/O performance for video processing, 300 TB of very durable storage for storing media content, and 900 TB of storage to meet requirements for archival media that is not in use anymore.

Which set of services should a solutions architect recommend to meet these requirements?

  1. Amazon Elastic Block Store (Amazon EBS) for maximum performance, Amazon S3 for durable data storage, and Amazon S3 Glacier for archival storage
  2. Amazon Elastic Block Store (Amazon EBS) for maximum performance, Amazon Elastic File System (Amazon EFS) for durable data storage, and Amazon S3 Glacier for archival storage
  3. Amazon EC2 instance store for maximum performance, Amazon Elastic File System (Amazon EFS) for durable data storage, and Amazon S3 for archival storage
  4. Amazon EC2 instance store for maximum performance, Amazon S3 for durable data storage, and Amazon S3 Glacier for archival storage
A
  1. Amazon EC2 instance store for maximum performance, Amazon Elastic File System (Amazon EFS) for durable data storage, and Amazon S3 for archival storage

instance store =maximum performance

archival media = S3 Glacier

durable = Amazon EFS is designed to provide 99.999999999% (11 9’s) of durability over a given year

https://aws.amazon.com/efs/faq/

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A company uses Amazon S3 as its object storage solution. The company has thousands of S3 buckets it uses to store data. Some of the S3 buckets have data that is accessed less frequently than others. A solutions architect found that lifecycle policies are not consistently implemented or are implemented partially, resulting in data being stored in high-cost storage.

Which solution will lower costs without compromising the availability of objects?

  1. Use S3 ACLs.
  2. Use Amazon Elastic Block Store (Amazon EBS) automated snapshots.
  3. Use S3 Intelligent-Tiering storage.
  4. Use S3 One Zone-Infrequent Access (S3 One Zone-IA).
A
  1. Use S3 Intelligent-Tiering storage.

not consistently = Intelligent-Tiering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

An application is running on Amazon EC2 instances. Sensitive information required for the application is stored in an Amazon S3 bucket. The bucket needs to be protected from internet access while only allowing services within the VPC access to the bucket.

Which combination of actions should solutions archived take to accomplish this? (Choose two.)

  1. Create a VPC endpoint for Amazon S3.
  2. Enable server access logging on the bucket.
  3. Apply a bucket policy to restrict access to the S3 endpoint.
  4. Add an S3 ACL to the bucket that has sensitive information.
  5. Restrict users using the IAM policy to use the specific bucket.
A
  1. Create a VPC endpoint for Amazon S3.
  2. Apply a bucket policy to restrict access to the S3 endpoint.

S3 + allowing services within the VPC = endpoint

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A web application runs on Amazon EC2 instances behind an Application Load Balancer. The application allows users to create custom reports of historical weather data. Generating a report can take up to 5 minutes. These long-running requests use many of the available incoming connections, making the system unresponsive to other users.

How can a solutions architect make the system more responsive?

  1. Use Amazon SQS with AWS Lambda to generate reports.
  2. Increase the idle timeout on the Application Load Balancer to 5 minutes.
  3. Update the client-side application code to increase its request timeout to 5 minutes.
  4. Publish the reports to Amazon S3 and use Amazon CloudFront for downloading to the user.
A
  1. Use Amazon SQS with AWS Lambda to generate reports.

long-running requests = decoupling needed = SQS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

A solutions architect must create a highly available bastion host architecture. The solution needs to be resilient within a single AWS Region and should require only minimal effort to maintain.

What should the solutions architect do to meet these requirements?

  1. Create a Network Load Balancer backed by an Auto Scaling group with a UDP listener.
  2. Create a Network Load Balancer backed by a Spot Fleet with instances in a partition placement group.
  3. Create a Network Load Balancer backed by the existing servers in different Availability Zones as the target.
  4. Create a Network Load Balancer backed by an Auto Scaling group with instances in multiple Availability Zones as the target.
A
  1. Create a Network Load Balancer backed by an Auto Scaling group with instances in multiple Availability Zones as the target.

highly available = multi-AZ

bastion host architecture = ASG between 2 AZ

https://docs.aws.amazon.com/quickstart/latest/linux-bastion/architecture.html

https://d1.awsstatic.com/partner-network/QuickStart/datasheets/linux-bastion-architecture.584765ff724625db9ab0d91a8ccb1c2eb7e15a5b.png

17
Q

A three-tier web application processes orders from customers. The web tier consists of Amazon EC2 instances behind an Application Load Balancer, a middle tier of three EC2 instances decoupled from the web tier using Amazon SQS, and an Amazon DynamoDB backend. At peak times, customers who submit orders using the site have to wait much longer than normal to receive confirmations due to lengthy processing times. A solutions architect needs to reduce these processing times.

Which action will be MOST effective in accomplishing this?

  1. Replace the SQS queue with Amazon Kinesis Data Firehose.
  2. Use Amazon ElastiCache for Redis in front of the DynamoDB backend tier.
  3. Add an Amazon CloudFront distribution to cache the responses for the web tier.
  4. Use Amazon EC2 Auto Scaling to scale out the middle tier instances based on the SQS queue depth.
A
  1. Use Amazon EC2 Auto Scaling to scale out the middle tier instances based on the SQS queue depth.

processing time = EC2 middle tier

18
Q

A company relies on an application that needs at least 4 Amazon EC2 instances during regular traffic and must scale up to 12 EC2 instances during peak loads. The application is critical to the business and must be highly available.

Which solution will meet these requirements?

  1. Deploy the EC2 instances in an Auto Scaling group. Set the minimum to 4 and the maximum to 12, with 2 in Availability Zone A and 2 in Availability Zone B.
  2. Deploy the EC2 instances in an Auto Scaling group. Set the minimum to 4 and the maximum to 12, with all 4 in Availability Zone A.
  3. Deploy the EC2 instances in an Auto Scaling group. Set the minimum to 8 and the maximum to 12, with 4 in Availability Zone A and 4 in Availability Zone B.
  4. Deploy the EC2 instances in an Auto Scaling group. Set the minimum to 8 and the maximum to 12, with all 8 in Availability Zone A.
A
  1. Deploy the EC2 instances in an Auto Scaling group. Set the minimum to 8 and the maximum to 12, with 4 in Availability Zone A and 4 in Availability Zone B.

HA 4 min = 8 running between 2 AZ

19
Q

A solutions architect must design a solution for a persistent database that is being migrated from on-premises to AWS. The database requires 64,000 IOPS according to the database administrator. If possible, the database administrator wants to use a single Amazon Elastic Block Store (Amazon EBS) volume to host the database instance.

Which solution effectively meets the database administrator’s criteria?

  1. Use an instance from the I3 I/O optimized family and leverage local ephemeral storage to achieve the IOPS requirement.
  2. Create a Nitro-based Amazon EC2 instance with an Amazon Elastic Block Store (Amazon EBS) Provisioned IOPS SSD (io1) volume attached. Configure the volume to have 64,000 IOPS.
  3. Create and map an Amazon Elastic File System (Amazon EFS) volume to the database instance and use the volume to achieve the required IOPS for the database.
  4. Provision two volumes and assign 32,000 IOPS to each. Create a logical volume at the operating system level that aggregates both volumes to achieve the IOPS requirements.
A
  1. Create a Nitro-based Amazon EC2 instance with an Amazon Elastic Block Store (Amazon EBS) Provisioned IOPS SSD (io1) volume attached. Configure the volume to have 64,000 IOPS.

64,000 IOPS = io1

20
Q

A solutions architect is designing an architecture for a new application that requires low network latency and high network throughput between Amazon EC2 instances.

Which component should be included in the architectural design?

  1. An Auto Scaling group with Spot Instance types.
  2. A placement group using a cluster placement strategy.
  3. A placement group using a partition placement strategy.
  4. An Auto Scaling group with On-Demand instance types.
A
  1. A placement group using a cluster placement strategy.

low latency + EC2 = Cluster placement group

EXAM SAA-C02 (18 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions