4. When a developer calls the Amazon CloudWatch API, he receives HTTP 400: ThrottlingException errors
sporadically. When a call is not successful, no data is obtained.
Which best practice should be implemented first in order to remedy this issue?
A. Contact AWS Support for a limit increase.
B. Use the AWS CLI to get the metrics
C. Analyze the applications and remove the API call
D. Retry the call with exponential backoff
Answer: B
5. Your company has a set of resources hosted on the AWS(Amazon Web Service) Cloud. As a part of the new governing model, there is a requirement that all activity on AWS(Amazon Web Service) resources should be monitored. What is the most efficient way to have this implemented?
Options are:
A. Use VPC Flow Logs to monitor all activity in your VPC.
B. Use AWS(Amazon Web Service) Trusted Advisor to monitor all of your AWS(Amazon Web Service) resources.
C. Use AWS(Amazon Web Service) Inspector to inspect all of the resources in your account.
D. Use AWS(Amazon Web Service) CloudTrail to monitor all API activity.
Answer: D
6. A data-processing application runs on an i3 large EC2 instance with a single 100 GB EBS gp2 volume. The application stores temporary data in a small database (less than 30 GB) located on the EBS root volume. The application is struggling to process the data fast enough, and a Solutions Architect has determined that the I/O speed of the temporary database is the bottleneck.
What is the MOST cost-efficient way to improve the database response times?
A. Enable EBS optimization on the instance and keep the temporary files on the existing volume.
B. Move the temporary database onto instance storage.
C. Put the temporary database on a new 50-GB EBS io1 volume with a 3-K lOPS provision.
D. Put the temporary database on a new 50-GB EBS gp2 volume.
Answer: B
* 7. A media company asked a Solutions Architect to design a highly available storage solution to serve as a centralized document store for their Amazon EC2 instances. The storage solution needs to be POSIX-compliant, scale dynamically, and be able to serve up to 100 concurrent EC2 instances.
Which solution meets these requirements?
A. Create an Amazon S3 bucket and store all of the documents in this bucket.
B. Create an Amazon EBS volume and allow multiple users to mount that volume to their EC2
instance(s).
C. Use Amazon Glacier to store all of the documents.
D. Create an Amazon Elastic File System (Amazon EFS) to store and share the documents.
Answer: D
8. A company has 500 TB of data in an on-premises file share that needs to be moved to Amazon S3 Glacier. The migration must not saturate the company’s low-bandwidth internet connection, and the company must complete it within a few weeks. What is the MOST cost-effective solution?
A. Upload the files to Amazon S3 Glacier using the available bandwidth.
B. Use AWS Global Accelerator to accelerate upload and optimize usage of the available bandwidth.
C. Order 7 AWS Snowball appliances and select an S3 Glacier vault as the destination.
D. Order 7 AWS Snowball appliances and select an Amazon S3 bucket as the destination. Create a lifecycle policy to transition the S3 objects to Amazon S3 Glacier
Answer: D
9. A Solutions Architect is designing a stateful web application that will run for one year (24/7) and then be decommissioned. Load on this platform will be constant, using a number of r4.8 x large instances. Key drivers for this system include high availability, but elasticity is not required.
What is the MOST cost-effective way to purchase compute for this platform? Scheduled Reserved A. Instances
B. Convertible Reserved Instances
C. Standard Reserved Instances
D. Spot Instances
Answer: C
10. A web application requires a minimum of six Amazon Elastic Compute Cloud (EC2) instances running at all times. You are tasked to deploy the application to three availability zones in the EU Ireland region (eu-west-la, eu-west-Ib, and eu-west-Ic). It is required that the system is fault tolerant up to the loss of one Availability Zone.
Which of the following setup is the most cost-effective solution which also maintains the fault-tolerance of your system?
A. 6 instances in eu-west-la, 6 instances in eu-west-lb, and 6 instances in eu-west-Ic
B. 3 instances in eu-west-la, 3 instances in eu-west-lb, and 3 instances in eu-west-lc
C. 6 instances in eu-west-la, 6 instances in eu-west-lb, and no instances in eu-west-lc
D. 2 instances in eu-west-la, 2 instances in eu-west-lb, and 2 instances in eu-west-lc
Answer: B
11. On Amazon EC2, a business hosts an ecommerce application. The application is composed of a stateless web layer that needs a minimum of 10 instances and a maximum of 250 instances to run. 80% of the time, the program needs 50 instances.
Which solution should be adopted in order to keep expenses down?
A. Purchase Reserved Instances to cover 250 instances.
B. Purchase Reserved Instances to cover 80 instances. Use Spot Instances to cover the remaining instances.
C. Purchase On-Demand Instances to cover 40 instances. Use Spot Instances to cover the remaining instances.
D. Purchase Reserved Instances to cover 50 instances. Use On-Demand and Spot Instances to cover the remaining instance.
Answer: D
12. A solutions architect is designing a two-tier web application The application consists of a public-facing web tier hosted on Amazon EC2 in public subnets The database tier consists of Microsoft SQL Server running on Amazon EC2 in a private subnet Security is a high priority for the company How should security groups be configured in this situation? (Select TWO )
A. Configure the security group for the database tier to allow inbound traffic on ports 443 and 1433 from the security group for the web tier
B. Configure the security group for the web tier to allow inbound traffic on port 443 from 0 0 0 0/0
C. Configure the security group for the database tier to allow inbound traffic on port 1433 from the security group for the web tier
D. Configure the security group for the web tier to allow outbound traffic on port 443 from 00 0 0/0
E. Configure the security group for the database tier to allow outbound traffic on ports 443 and 1433 to the security group for the web tier
Answer: B & C
* 13. A company developed a set of APIs that are being served through the Amazon API Gateway. The API calls need to be authenticated based on OpenID identity providers such as Amazon or Facebook. The APIs should allow access based on a custom authorization model.
Which is the simplest and MOST secure design to use to build an authentication and authorization model for the APIs?
A. Use Amazon Cognito user pools and a custom authorizer to authenticate and authorize users based
on JSON Web Tokens.
B. Build a OpenID token broker with Amazon and Facebook. Users will authenticate with these identify providers and pass the JSON Web Token to the API to authenticate each API call.
C. Store user credentials in Amazon DynamoDB and have the application retrieve temporary credentials from AWS STS. Make API calls by passing user credentials to the APIs for authentication and authorization.
D. Use Amazon RDS to store user credentials and pass them to the APIs for authentications and
authorization.
Answer: A
* 14. When an enterprise migrates an application to the cloud as is, without making any modifications, what is this called?
Answer Choices
A. Rehost
B. Refactor
C. Rearchitect
D. Remove
Answer: A
15. A solutions architect is designing a high performance computing (HPC) workload on Amazon EC2. The EC2 instances need to communicate to each other frequently and require network performance with low latency and high throughput. Which EC2 configuration meets these requirements'?
A. Launch the EC2 instances in a cluster placement group in one Availability Zone
B. Launch the EC2 instances in a spread placement group in one Availability Zone
C. Launch the EC2 instances in an Auto Scaling group in two Regions and peer the VPCs
D. Launch the EC2 instances in an Auto Scaling group spanning multiple Availability Zones
Answer: A
* 16. A company's legacy application is currently relying on a single-instance Amazon RDS MySQL database without encryption. Due to new compliance requirements, all existing and new data in this database must be encrypted How should this be accomplished?
A. Take a snapshot of the RDS instance Create an encrypted copy of the snapshot Restore the RDS instance from the encrypted snapshot
B. Enable RDS Multi-AZ mode with encryption at rest enabled Perform a failover to the standby instance to delete the original instance
C. Create an RDS read replica with encryption at rest enabled Promote the read replica to master and switch the application over to the new master Delete the old RDS instance.
D. Create an Amazon S3 bucket with server-side encryption enabled Move all the data to Amazon S3 Delete the RDS instance
Answer: A
17. A company needs to ingest terabytes of data each hour from thousands of sources that are delivered almost continually throughout the day. The volume of messages generated varies over the course of the day. Messages must be delivered in real time for fraud detection and live operational dashboards. Which approach will meet these requirements?
A. Send the messages to an Amazon SQS queue, then process the messages by using a fleet of
Amazon EC2 instances
B. Use the Amazon S3 API to write messages to an S3 bucket, then process the messages by
using Amazon Redshift
C. Use AWS Data Pipeline to automate the movement and transformation of data
D. Use Amazon Kinesis Data Streams with Kinesis Client Library to ingest and deliver messages
Answer: D
Comments
Post a Comment