Exams > Amazon > AWS Certified Solutions Architect - Associate SAA-C02
AWS Certified Solutions Architect - Associate SAA-C02
Page 31 out of 83 pages Questions 301-310 out of 822 questions
Question#301

An application allows users at a company's headquarters to access product data. The product data is stored in an Amazon RDS MySQL DB instance. The operations team has isolated an application performance slowdown and wants to separate read traffic from write traffic. A solutions architect needs to optimize the application's performance quickly.
What should the solutions architect recommend?

  • A. Change the existing database to a Multi-AZ deployment. Serve the read requests from the primary Availability Zone.
  • B. Change the existing database to a Multi-AZ deployment. Serve the read requests from the secondary Availability Zone.
  • C. Create read replicas for the database. Configure the read replicas with half of the compute and storage resources as the source database.
  • D. Create read replicas for the database. Configure the read replicas with the same compute and storage resources as the source database.
Discover Answer Hide Answer

D

Question#302

A company is using Amazon DynamoDB with provisioned throughput for the database tier of its ecommerce website. During flash sales, customers experience periods of time when the database cannot handle the high number of transactions taking place. This causes the company to lose transactions. During normal periods, the database performs appropriately.
Which solution solves the performance problem the company faces?

  • A. Switch DynamoDB to on-demand mode during flash sales.
  • B. Implement DynamoDB Accelerator for fast in memory performance.
  • C. Use Amazon Kinesis to queue transactions for processing to DynamoDB.
  • D. Use Amazon Simple Queue Service (Amazon SQS) to queue transactions to DynamoDB.
Discover Answer Hide Answer

A

Question#303

A company is reviewing a recent migration of a three-tier application to a VPC. The security team discovers that the principle of least privilege is not being applied to Amazon EC2 security group ingress and egress rules between the application tiers.
What should a solutions architect do to correct this issue?

  • A. Create security group rules using the instance ID as the source or destination.
  • B. Create security group rules using the security group ID as the source or destination.
  • C. Create security group rules using the VPC CIDR blocks as the source or destination.
  • D. Create security group rules using the subnet CIDR blocks as the source or destination.
Discover Answer Hide Answer

B

Question#304

A company requires that all versions of objects in its Amazon S3 bucket be retained. Current object versions will be frequently accessed during the first 30 days, after which they will be rarely accessed and must be retrievable within 5 minutes. Previous object versions need to be kept forever, will be rarely accessed, and can be retrieved within 1 week. All storage solutions must be highly available and highly durable.
What should a solutions architect recommend to meet these requirements in the MOST cost-effective manner?

  • A. Create an S3 lifecycle policy for the bucket that moves current object versions from S3 Standard storage to S3 Glacier after 30 days and moves previous object versions to S3 Glacier after 1 day.
  • B. Create an S3 lifecycle policy for the bucket that moves current object versions from S3 Standard storage to S3 Glacier after 30 days and moves previous object versions to S3 Glacier Deep Archive after 1 day.
  • C. Create an S3 lifecycle policy for the bucket that moves current object versions from S3 Standard storage to S3 Standard-infrequent Access (S3 Standard-IA) after 30 days and moves previous object versions to S3 Glacier Deep Archive after 1 day.
  • D. Create an S3 lifecycle policy for the bucket that moves current object versions from S3 Standard storage to S3 One Zone-Infrequent Access (S3 One Zone-IA) after 30 days and moves previous object versions to S3 Glacier Deep Archive after 1 day.
Discover Answer Hide Answer

B

Question#305

A development team is collaborating with another company to create an integrated product. The other company needs to access an Amazon Simple Queue
Service (Amazon SQS) queue that is contained in the development team's account. The other company wants to poll the queue without giving up its own account permissions to do so.
How should a solutions architect provide access to the SQS queue?

  • A. Create an instance profile that provides the other company access to the SQS queue.
  • B. Create an IAM policy that provides the other company access to the SQS queue.
  • C. Create an SQS access policy that provides the other company access to the SQS queue.
  • D. Create an Amazon Simple Notification Service (Amazon SNS) access policy that provides the other company access to the SQS queue.
Discover Answer Hide Answer

C

Question#306

A company is developing a video conversion application hosted on AWS. The application will be available in two tiers: a free tier and a paid tier. Users in the paid tier will have their videos converted first, and then the tree tier users will have their videos converted.
Which solution meets these requirements and is MOST cost-effective?

  • A. One FIFO queue for the paid tier and one standard queue for the free tier.
  • B. A single FIFO Amazon Simple Queue Service (Amazon SQS) queue for all file types.
  • C. A single standard Amazon Simple Queue Service (Amazon SQS) queue for all file types.
  • D. Two standard Amazon Simple Queue Service (Amazon SQS) queues with one for the paid tier and one for the free tier.
Discover Answer Hide Answer

D

Question#307

An administrator of a large company wants to monitor for and prevent any cryptocurrency-related attacks on the company's AWS accounts.
Which AWS service can the administrator use to protect the company against attacks?

  • A. Amazon Cognito
  • B. Amazon GuardDuty
  • C. Amazon Inspector
  • D. Amazon Macie
Discover Answer Hide Answer

C

Question#308

A company has applications hosted on Amazon EC2 instances with IPv6 addresses. The applications must initiate communications with other external applications using the internet. However, the company's security policy states that any external service cannot initiate a connection to the EC2 instances. What should a solutions architect recommend to resolve this issue?

  • A. Create a NAT gateway and make it the destination of the subnet's route table.
  • B. Create an internet gateway and make it the destination of the subnet's route table.
  • C. Create a virtual private gateway and make it the destination of the subnet's route table.
  • D. Create an egress-only internet gateway and make it the destination of the subnet's route table.
Discover Answer Hide Answer

D

Question#309

A company provides an online service for posting video content and transcoding it for use by any mobile platform. The application architecture uses Amazon
Elastic File System (Amazon EFS) Standard to collect and store the videos so that multiple Amazon EC2 Linux instances can access the video content for processing. As the popularity of the service has grown over time, the storage costs have become too expensive.
Which storage solution is MOST cost-effective?

  • A. Use AWS Storage Gateway for files to store and process the video content.
  • B. Use AWS Storage Gateway for volumes to store and process the video content.
  • C. Use Amazon Elastic File System (Amazon EFS) for storing the video content. Once processing is complete, transfer the files to Amazon Elastic Block Store (Amazon EBS).
  • D. Use Amazon S3 for storing the video content. Move the files temporarily over to an Amazon ElasticBlock Store (Amazon EBS) volume attached to the server for processing.
Discover Answer Hide Answer

A

Question#310

A company wants to host its web application on AWS using multiple Amazon EC2 instances across different AWS Regions. Since the application content will be specific to each geographic region, the client requests need to be routed to the server that hosts the content for that clients Region.
What should a solutions architect do to accomplish this?

  • A. Configure Amazon Route 53 with a latency routing policy.
  • B. Configure Amazon Route 53 with a weighted routing policy.
  • C. Configure Amazon Route 53 with a geolocation routing policy.
  • D. Configure Amazon Route 53 with a multivalue answer routing policy
Discover Answer Hide Answer

C

chevron rightPrevious Nextchevron right