Are you thinking to attempt your AWS-Solution-Architect-Associate exam and worried about your preparation? Now you should be relaxed because you can prepare from AWS-Solution-Architect-Associate dumps. This smart study guide has been carved by well-qualified experts who guarantee for your success at the first attempt. Now you are not away from your success if you buy AWS-Solution-Architect-Associate questions and answers right now. To clear your mind about the quality of this concise study book you can download free demo questions and answers.
Easy And Guaranteed AWS-Solution-Architect-Associate Exam Success - Realexamdumps.com
Amazon AWS-Solution-Architect-Associate Dumps AWS Certified Solutions Architect - Associate (2019 New update) SAA-C01 For More Info: https://www.realexamdumps.com/amazon/aws-solution-architect-associate-practice-test.html Question: 1 A solution architect is designing an application that will encrypt all data in an Amazon Redshift cluster. Which action will encrypt the data at rest? A. Place the Redshift KMS Default Cluster in a private subnet B. Use the AWS KMS Default Customer master key C. Encrypt the Amazon EBS volumes D. Encrypt the data using SSL/TLS Answer: B Reference: https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-db-encryption.html Question: 2 A Solution Architect is designing a solution with AWS Lambda where different environments require different database passwords. What should the Architect do to accomplish this in a secure and scalable way? A. Create a Lambda function for each individual environment B. Use Amazon DynamoDB to store environment variables C. Use encrypted AWS Lambda environment variables D. Implement a dedicated Lambda function for distributing environment variables Answer: C Question: 3 A company hosts a two-tier application that consists of a publicly accessible web server that communicates with a private database. Only HTTPS port 443 traffic to the web server must be allowed from the internet. Which of the following options will achieve these requirements? (Select Two.) A. Security group rule that allows inbound internet traffic for port 443 B. Security group rule that drives all inbound internet traffic expect port 443 C. Network ACL rule that allows port 443 inbound and all ports outbound for internet traffic D. Security group rule that allows internet traffic for port 443 in both inbound and outbound E. Network ACL rule that allows port 443 for both inbound and outbound for all Internet traffic Answer: A, E Question: 4 A company’s website receives 50.000 requests each second, and the company wants 10 use multiple applications to analyze the navigation patterns of the users on their website so that the experience can Be personalized. What can a Solutions Architect use to collect page clicks for the website and process them sequentially for each user? A. Amazon Kinesis Stream B. Amazon SQS standard queue C. Amazon SQS FIFO queue D. AWS CloudTrail trail Answer: A Question: 5 A Solutions Architect is designing a solution that can monitor memory and disk space utilization of all Amazon EC2 instances running Amazon Linux and Windows. Which solution meets this requirement? A. Default Amazon CloudWatch metrics B. Custom Amazon CloudWatch metrics C. Amazon inspector resource monitoring D. Detailed monitoring of Amazon EC2 instances Answer: A Question: 6 A news organization plans to migrate their 20 TB video archive to AWS. The files are rarely accessed, but when they are a request is made in advance and a 3- to 5-hour retrieval time frame is acceptable However, when there is a breaking news story, the editors require access to archived footage within minutes. Which storage solution meets the needs of this organization while providing the LOWEST cost of storage? A. Store the archive in Amazon S3 Reduced Redundancy Storage. B. Store the archive in Amazon Glacier and use standard retrieval for all content C. Store the archive in Amazon Glacier and pay the additional charge for expedited retrieval when needed D. Store the archive in Amazon S3 with a lifecycle policy to move this to S3 Infrequent Access after 30 days. Answer: A Question: 7 A Solutions Architect is designing a solution that includes a managed VPN connection. To monitor whether the VPN connection is up or down, the Architect should use: A. an external service to ping the VPN endpoint from outside the VPC B. AWS CloudTrail to monitor the endpoint C. the CloudWatch TunnelState Metric D. an AWS Lambda function that parses the VPN connection logs. Answer: C Question: 8 A Solutions Architect has a multi-layer application running in Amazon VPC. The application has an ELB Classic Load Balancer as the front end in a public subnet, and an Amazon EC2-based reverse proxy that performs content-based routing to two backend Amazon EC2 instances hosted in a private subnet. The Architect sees tremendous traffic growth and is concerned that the reverse proxy and current backend setup will be insufficient. Which actions should the Architect take to achieve a cost-effective solution that ensures the application automatically scales to meet traffic demand? (Select TWO) A. Replace the Amazon EC2 reverse proxy with an EL8 internal Classic Load Balancer B. Add Auto Scaling to the Amazon EC2 backend fleet C. Add Auto Scaling to the Amazon EC2 reverse proxy layer D. Use t2 burstable instance types for the backend fleet E. Replace both the frontend and reverse proxy layers with an ELB Application Load Balancer Answer: B, C Question: 9 A Solution Architect is designing a new social media application. The application must provide a secure method for uploading profile photos. Each user should be able to upload a profile photo into a shared storage location for one week after their profile is created. Which approach will meet all of these requirements? A. Use Amazon Kinesis with AWS CloudTrail for auditing the specific times when profile photos are uploaded. B. Use Amazon EBS volumes with IAM policies restricting user access to specific time periods C. Use Amazon S3 with the default private access policy and generate pre-signed URLs each time a new site profile is created D. Use Amazon CloudFront with AWS CloudTrail for auditing the specific times when profile photos are uploaded. Answer: C Question: 10 A Solutions Architect is designing an application that requires having six Amazon EC2 instances running at all times. The application will be deployed in the sa-east-1 region, which has three Availability Zones: sa-east-la, sa-east-1b, and sa-east-1c. Which action will provide 100 percent fault tolerance and the LOWEST cost in the event that one Availability Zone in the region becomes unavailable? A. Deploy six Amazon EC2 instances in sa-east-1a, six Amazon EC2 instances in sa-east-1b, and six Amazon EC2 instances in sa-east-lc. B. Deploy six Amazon EC2 instances in sa-east-1a, four Amazon EC2 instances in sa-east-lb, and two Amazon EC2 instances in sa-east-1c. C. Deploy three Amazon EC2 instances in sa-east-1a, three Amazon EC2 instances in sa-east-1b, and three Amazon EC2 instances in sa-east-1c. D. Deploy two Amazon EC2 instances in sa-east-1a, two Amazon EC2 instances in sa-east-1b, and two Amazon EC2 instances in sa-east-1c. Answer: C Question: 11 A company has a popular multi-player mobile game hosted in its on-premises datacenter. The current infrastructure can no longer keep up with demand end the company is considering a move to the cloud. Which solution should a Solutions Architect recommend as me MOST scalable and cost- effective solution to meet these needs? A. Amazon EC2 and an Application Load Balancer B. Amazon S3 and Amazon CloudFront C. Amazon EC2 and Amazon Elastic Transcoder D. AWS Lambda and Amazon API Gateway Answer: D Question: 12 To meet compliance standards, a company must have encrypted archival data storage. Data will be accessed infrequently, with lead times when in advance of when archived data must be recovered. The company requires that the storage be secure, durable and provided at the lowest price per 1TB of data stored. What type of stooge should be used? A. Amazon S3 B. Amazon EBS C. Amazon Glacier D. Amazon EFS Answer: C Question: 13 A Solutions Architect notices slower response times from an application. The CloudWatch metrics on the MySQL RDS indicate Read IOPS are high and fluctuate significantly when the database is under load. How should the database environment be re-designed to resolve the IOPS fluctuation? A. Change the RDS instance type to get more RAM. B. Change the storage type to Provisioned IOPS. C. Scale the web server tier horizontally. D. Split the DB layer into separate RDS instances. Answer: B Question: 14 A Solutions Architect is designing an architecture for a mobile gaming application. The application is expected to be very popular. The Architect needs to prevent the Amazon ROS MySQL database from becoming a bottleneck due to frequently accessed queries. Which service or feature should the Architect add to prevent a bottleneck? A. Multi-AZ feature on the RDS MySQL Database B. ELB Classic Load Balancer in front of the web application tier. C. Amazon SQS in front of RDS MySQL Database D. Amazon ElastiCache in front of the RDS MySQL Database. Answer: D Question: 15 A company runs a legacy application with a single-tier architecture on an Amazon EC2 Instance. Disk I/O is low, with occasional small spikes during business hours. The company requires the instance to be stopped from 8 PM to 8 AM daily. Which storage option is MOST appropriate for this workload? A. Amazon EC2 instance storage B. Amazon EBS General Purpose SSD (gp2) storage C. Amazon S3 D. Amazon EBS Provision IOPS SSD (io1) storage Answer: B Question: 16 A Solutions Architect is designing the storage layer for a production relational database. The database will run on Amazon EC2. The database is accessed by an application that performs intensive reads and writes, so the database requires the LOWEST random I/O latency. Which data storage method fulfills the above requirements? A. Store data m a filesystem backed by Amazon Elastic File System (EFS) B. Store data in Amazon S3 and use a third-party solution to expose Amazon S3 as a filesystem to the database server C. Store data in Amazon DynamoDB and emulate relational database semantics D. Stripe data across multiple Amazon EBS volumes using RAID 0 Answer: D Question: 17 A Solutions Architect is designing a stateful web application that will run for one year (24/7) and then be decommissioned. Load on this platform will be constant, using a number of r4.8xlarge instances. Key drivers for this system include high availability is not required. What is the MOST cost-effective way to purchase compute for this platform? A. Scheduled Reserved instances B. Convertible Reserved Instances C. Standard Reserved instances D. Spot Instances Answer: C Question: 18 A workload consists of downloading an image from an Amazon S3 bucket, processing the image, and moving it to another Amazon S3 bucket. An Amazon EC2 instance runs a scheduled task every hour to perform the operation. How should a Solutions Architect redesign the process so that it is highly available? A. Charge the Amazon EC2 instance to compute optimized B. Launch a second Amazon EC2 instance to monitor the health of the first C. Trigger a Lambda function when a new object is uploaded D. Initially copy the images to an attached Amazon EBS volume. Answer: C Question: 19 A Solutions Architect must select the storage type tor a big data application that requires very high sequential I/O. The data must persist if the instance is stopped. Which of the following storage types will provide the best fit at the LOWEST cost for the application? A. An Amazon EC2 instance store local SSD volume B. An Amazon EBS provisioned IOPS SSD volume C. An Amazon EBS throughput optimized HDD volume D. An Amazon EBS general purpose SSD volume Answer: C Question: 20 A company needs to quickly ensure that all files created in an Amazon S3 bucket in us-east-1 are also available in another bucket in ap-southeast-2. Which option represents the SIMPLEST way to implement this design? A. Add an S3 lifecycle rule to move any new files from the bucket in us-east-1 to the bucket in ap- southeast-2. B. Create a Lambda function to be triggered for every new file in us-east-1 that copies the file to the bucket in ap-southeast-2 C. Use SNS to notify the bucket in ap-southeast-2 to create a file whenever a file is cheated in the bucket in us-east-1. D. Enable versioning and configure cross-region replication from the bucket in us-east-1 to the bucket in ap-southeast-2. Answer: A Question: 21 An internet-facing multi-tier web application must be highly available. An ELB Classic Load Balancer is deployed in front of the web tier. Amazon EC2 instances at the web application tier are deployed evenly across two Availably Zones. The database is deployed using RDS Multi-AZ. A NAT instance is launched for Amazon EC2 instances and database resources to access the Internet. These instances are not assigned with public IP addresses. Which component poses a potential single point of failure in this architecture? A. Amazon EC2 B. NAT instance C. ELB Classic Load Balancer D. Amazon RDS Answer: C Question: 22 A Solutions Architect is designing a microservice to process records from Amazon Kinesis Streams. The metadata must be stored « Amazon DynamoDB. The microservice most be capable of concurrently processing 10.000 records daily as they arrive in the Kinesis stream. The MOST scalable way to design the microservice is: A. As an AWS Lambda function B. As a process on an Amazon EC2 instance. C. As a Docker container running on Amazon ECS D. As a Docker container on an EC2 instance Answer: C Question: 23 An online company wants to conduct real-time sentiment analysis about its products from its social media channels using SQL. Which of the following solutions has the LOWEST cost and operational burden? A. Set up a streaming data ingestion application on Amazon EC2 and connect it to a Hadoop cluster for data processing. Send the output to Amazon S3 and use Amazon Athena to analyze the data. B. Configure the input stream using Amazon Kinesis Data Streams Use Amazon Kinesis Data Analytics to write SQL queries against the stream. C. Configure the input stream using Amazon Kinesis Data Streams. Use Amazon Kinesis Data Firehose to send data to an Amazon Redshift cluster, and then query directly against Amazon Redshift. D. Set up a streaming data ingestion application on Amazon EC2 and send the output to Amazon S3 using Kinesis Data Firehose. Use Athena to analyze the data Answer: C Question: 24 An on-premises workload consists of a single server with an Apache instance end a MySQL database. The Solutions Architect plans to migrate on-premises database to MySQL on Amazon RDS using multiple Availability Zones. What solution ensures that the remaining workload win be highly available? A. Provision the workload in an Auto Scaling group, with a minimum of two servers Use an Amazon Route 53 DNS-weighted routing policy to direct traffic to healthy servers. B. Provision the workload in an Auto Scaling group across Availability Zones, with a minimum of two Amazon EC2 instances Use an Application Load Balancer in front of an Auto Scaling group C. Provision at least two EC2 instances across two separate regions Use an Application Load Balancer to direct traffic between the instances D. Provision the workload in an Auto Scaling group across Availability Zones, with a minimum of two servers Use a Route 53 DNS simple routing policy to direct traffic to healthy servers Answer: B Question: 25 A company is evaluating Amazon S3 as a data storage solution for their daily analyst reports. The company has implemented stringent requirements concerning the security of the data at test Specifically, the CISO asked for the use of envelope encryption with separate permissions for the use of an envelope key, automated rotation of the encryption keys, and visibility into when an encryption key was used and by whom. Which steps should a Solutions Architect take to satisfy the security requirements requested by the CISO? A. Create an Amazon S3 bucket to store the reports and use Server-Side Encryption with Customer- Provided Keys (SSE-C) B. Create an Amazon S3 bucket to store the reports and use Server-Side Encryption with Amazon S3Managed Keys (SSE-S3) C. Create an Amazon S3 bucket to store the reports and use Server-Side Encryption with AWS KMS- Managed Keys (SSE-KMS) D. Create an Amazon S3 bucket to store the reports and use Amazon S3 versioning with Server- Side Encryption with Amazon S3-Managed Keys (SSE-S3) Answer: C Question: 26 A bank is writing new software that is heavily dependent upon database transactions for write consistency. The application will also occasionally generate reports on data m the database, and will do joins across multiple tables. The database must automatically scale as the amount of data grows. Which AWS service should be used to run the database? A. Amazon S3 B. Amazon Aurora C. Amazon DynamoDB D. Amazon Redshift Answer: C Question: 27 A company is launching a static website using the zone apex (mycompany.com). The company wants to use Amazon Route 53 for DNS. Which steps should the company perform to implement a scalable and cost-effective solution? (Select TWO) A. Host the website on an Amazon EC2 instance with ELB and Auto Scaling, and map a Route S3 abas record to the ELB endpoint B. Host the website using AWS Elastic Beanstalk, and map a Route 53 alias record to the Beanstalk stack. C. Host the website on an Amazon EC2 instance, and map a Route 53 alias record to the public IP address of the Amazon EC2 instance. D. Serve the website from an Amazon S3 bucket and map a Route 53 alias record to the website endpoint E. Create a Route 53 hosted zone, and set the NS records of the domain to use Route 53 name servers. Answer: A, D Question: 28 A company is developing several critical long-running applications hosted on Docker. How should a Solutions Architect design a solution to meet the scalability and orchestration requirements on AWS? A. Use Amazon ECS and Service Auto Scaling. B. Use Spot Instances for orchestration and for scaling containers on existing Amazon EC2 Instances. C. Use AWS OpsWorks to launch containers in new Amazon EC2 instances. D. Use Auto scaling groups to launch containers on existing Amazon EC2 instances. Answer: A Question: 29 A media company asked a Solutions Architect to design a highty available storage solution to serve as a centralized document store for their Amazon EC2 instances. The storage solution needs to be POSIX- compliant scale dynamically and be able to serve up to 100 concurrent EC2 instances. Which solution meets these requirements? A. Create an Amazon S3 bucket and store all of the documents in this bucket. B. Create an Amazon EBS volume and allow multiple users to mount that volume to their EC2 instance(s) C. Use Amazon Glacier to store all of the documents D. Create an Amazon Elastic File System (Amazon EFS) to store and share the documents. Answer: D Question: 30 A Solutions Architect is designing a microservices-based application using Amazon ECS. The application includes a WebSocket component, and the traffic needs to be distributed between microservices based on the URL. Which service should the Architect choose to distribute me workload? A. ELB Classic Load Balancer B. Amazon Route 53 DNS C. ELB Application Load Balancer D. Amazon CloudFront Answer: C
Comments