Exams > Amazon > AWS Certified Solutions Architect - Associate SAA-C02
AWS Certified Solutions Architect - Associate SAA-C02
Page 21 out of 83 pages Questions 201-210 out of 822 questions
Question#201

Management has decided to deploy all AWS VPCs with IPv6 enabled. After some time, a solutions architect tries to launch a new instance and receives an error stating that there is not enough IP address space available in the subnet.
What should the solutions architect do to fix this?

  • A. Check to make sure that only IPv6 was used during the VPC creation.
  • B. Create a new IPv4 subnet with a larger range, and then launch the instance.
  • C. Create a new IPv6-only subnet with a large range, and then launch the instance.
  • D. Disable the IPv4 subnet and migrate all instances to IPv6 only. Once that is complete, launch the instance.
Discover Answer Hide Answer

C

Question#202

A company has a build server that is in an Auto Scaling group and often has multiple Linux instances running. The build server requires consistent and mountable shared NFS storage for jobs and configurations.
Which storage option should a solutions architect recommend?

  • A. Amazon S3
  • B. Amazon FSx
  • C. Amazon Elastic Block Store (Amazon EBS)
  • D. Amazon Elastic File System (Amazon EFS)
Discover Answer Hide Answer

D
Reference:
https://aws.amazon.com/efs/

Question#203

A company has an image processing workload running on Amazon Elastic Container Service (Amazon ECS) in two private subnets. Each private subnet uses a
NAT instance for internet access. All images are stored in Amazon S3 buckets. The company is concerned about the data transfer costs between Amazon ECS and Amazon S3.
What should a solutions architect do to reduce costs?

  • A. Configure a NAT gateway to replace the NAT instances.
  • B. Configure a gateway endpoint for traffic destined to Amazon S3.
  • C. Configure an interface endpoint for traffic destined to Amazon S3.
  • D. Configure Amazon CloudFront for the S3 bucket storing the images.
Discover Answer Hide Answer

C

Question#204

The financial application at a company stores monthly reports in an Amazon S3 bucket. The vice president of finance has mandated that all access to these reports be logged and that any modifications to the log files be detected.
Which actions can a solutions architect take to meet these requirements?

  • A. Use S3 server access logging on the bucket that houses the reports with the read and write data events and log file validation options enabled.
  • B. Use S3 server access logging on the bucket that houses the reports with the read and write management events and log file validation options enabled.
  • C. Use AWS CloudTrail to create a new trail. Configure the trail to log read and write data events on the S3 bucket that houses the reports. Log these events to a new bucket, and enable log file validation.
  • D. Use AWS CloudTrail to create a new trail. Configure the trail to log read and write management events on the S3 bucket that houses the reports. Log these events to a new bucket, and enable log file validation.
Discover Answer Hide Answer

C
Reference:
https://docs.aws.amazon.com/AmazonS3/latest/user-guide/enable-cloudtrail-events.html

Question#205

A company has an on-premises volume backup solution that has reached its end of life. The company wants to use AWS as part of a new backup solution and wants to maintain local access to all the data while it is backed up on AWS. The company wants to ensure that the data backed up on AWS is automatically and securely transferred.
Which solution meets these requirements?

  • A. Use AWS Snowball to migrate data out of the on-premises solution to Amazon S3. Configure on-premises systems to mount the Snowball S3 endpoint to provide local access to the data.
  • B. Use AWS Snowball Edge to migrate data out of the on-premises solution to Amazon S3. Use the Snowball Edge file interface to provide on-premises systems with local access to the data.
  • C. Use AWS Storage Gateway and configure a cached volume gateway. Run the Storage Gateway software appliance on premises and configure a percentage of data to cache locally. Mount the gateway storage volumes to provide local access to the data.
  • D. Use AWS Storage Gateway and configure a stored volume gateway. Run the Storage Gateway software appliance on premises and map the gateway storage volumes to on-premises storage. Mount the gateway storage volumes to provide local access to the data.
Discover Answer Hide Answer

D

Question#206

A company is using a third-party vendor to manage its marketplace analytics. The vendor needs limited programmatic access to resources in the company's account. All the needed policies have been created to grant appropriate access.
Which additional component will provide the vendor with the MOST secure access to the account?

  • A. Create an IAM user.
  • B. Implement a service control policy (SCP)
  • C. Use a cross-account role with an external ID.
  • D. Configure a single sign-on (SSO) identity provider.
Discover Answer Hide Answer

B
Reference:
https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps.html#data-from-iam

Question#207

A company is developing an ecommerce application that will consist of a load-balanced front end, a container-based application, and a relational database. A solutions architect needs to create a highly available solution that operates with as little manual intervention as possible.
Which solutions meet these requirements? (Choose two.)

  • A. Create an Amazon RDS DB instance in Multi-AZ mode.
  • B. Create an Amazon RDS DB instance and one or more replicas in another Availability Zone.
  • C. Create an Amazon EC2 instance-based Docker cluster to handle the dynamic application load.
  • D. Create an Amazon Elastic Container Service (Amazon ECS) cluster with a Fargate launch type to handle the dynamic application load.
  • E. Create an Amazon Elastic Container Service (Amazon ECS) cluster with an Amazon EC2 launch type to handle the dynamic application load.
Discover Answer Hide Answer

AD
Reference:
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_ReadRepl.html

Question#208

A company has an ecommerce application that stores data in an on-premises SQL database. The company has decided to migrate this database to AWS.
However, as part of the migration, the company wants to find a way to attain sub-millisecond responses to common read requests.
A solutions architect knows that the increase in speed is paramount and that a small percentage of stale data returned in the database reads is acceptable.
What should the solutions architect recommend?

  • A. Build Amazon RDS read replicas.
  • B. Build the database as a larger instance type.
  • C. Build a database cache using Amazon ElastiCache.
  • D. Build a database cache using Amazon Elasticsearch Service (Amazon ES).
Discover Answer Hide Answer

A
Reference:
https://aws.amazon.com/redis/

Question#209

A company has an application that ingests incoming messages. These messages are then quickly consumed by dozens of other applications and microservices.
The number of messages varies drastically and sometimes spikes as high as 100,000 each second. The company wants to decouple the solution and increase scalability.
Which solution meets these requirements?

  • A. Persist the messages to Amazon Kinesis Data Analytics. All the applications will read and process the messages.
  • B. Deploy the application on Amazon EC2 instances in an Auto Scaling group, which scales the number of EC2 instances based on CPU metrics.
  • C. Write the messages to Amazon Kinesis Data Streams with a single shard. All applications will read from the stream and process the messages.
  • D. Publish the messages to an Amazon Simple Notification Service (Amazon SNS) topic with one or more Amazon Simple Queue Service (Amazon SQS) subscriptions. All applications then process the messages from the queues.
Discover Answer Hide Answer

A
Reference:
https://aws.amazon.com/kinesis/data-streams/faqs/

Question#210

A solutions architect is designing the cloud architecture for a company that needs to host hundreds of machine learning models for its users. During startup, the models need to load up to 10 GB of data from Amazon S3 into memory, but they do not need disk access. Most of the models are used sporadically, but the users expect all of them to be highly available and accessible with low latency.
Which solution meets the requirements and is MOST cost-effective?

  • A. Deploy models as AWS Lambda functions behind an Amazon API Gateway for each model.
  • B. Deploy models as Amazon Elastic Container Service (Amazon ECS) services behind an Application Load Balancer for each model.
  • C. Deploy models as AWS Lambda functions behind a single Amazon API Gateway with path-based routing where one path corresponds to each model.
  • D. Deploy models as Amazon Elastic Container Service (Amazon ECS) services behind a single Application Load Balancer with path-based routing where one path corresponds to each model.
Discover Answer Hide Answer

C

chevron rightPrevious Nextchevron right