AWS Certified Solutions Architect - Professional SAP-C02 Exam Questions and Answers - 8 - Page 5 of 10

The latest AWS Certified Solutions Architect – Professional SAP-C02 certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the AWS Certified Solutions Architect – Professional SAP-C02 exam and earn AWS Certified Solutions Architect – Professional SAP-C02 certification.

Question 741

Exam Question

Your company policies require encryption of sensitive data at rest. You are considering the possible options for protecting data while storing it at rest on an EBS data volume, attached to an EC2 instance.

Which of these options would allow you to encrypt your data at rest? (Choose 3)

A. Do nothing as EBS volumes are encrypted by default

B. Encrypt data using native data encryption drivers at the file system level

C. Implement third party volume encryption tools

D. Encrypt data inside your applications before storing it on EBS

E. Implement SSL/TLS for all services running on the server

Correct Answer

B. Encrypt data using native data encryption drivers at the file system level

C. Implement third party volume encryption tools

D. Encrypt data inside your applications before storing it on EBS

Explanation

You can encrypt the data at rest by either using a native data encryption, using a third party encrypting tool, or just encrypt the data before storing on the volume.

Question 742

Exam Question

A life sciences company is using a combination of open source tools to manage data analysis work ows and Docker containers running on servers in its on-premises data center to process genomics data. Sequencing data is generated and stored on a local storage area network (SAN), and then the data is processed. The research and development teams are running into capacity issues and have decided to re-architect their genomics analysis platform on AWS to scale based on workload demands and reduce the turnaround time from weeks to days.

The company has a high-speed AWS Direct Connect connection. Sequencers will generate around 200 GB of data for each genome, and individual jobs can take several hours to process the data with ideal compute capacity. The end result will be stored in Amazon S3. The company is expecting 10-15 job requests each day.

Which solution meets these requirements?

A. Use regularly scheduled AWS Snowball Edge devices to transfer the sequencing data into AWS. When AWS receives the Snowball Edge device and the data is loaded into Amazon S3, use S3 events to trigger an AWS Lambda function to process the data.

B. Use AWS Data Pipeline to transfer the sequencing data to Amazon S3. Use S3 events to trigger an Amazon EC2 Auto Scaling group to launch custom-AMI EC2 instances running the Docker containers to process the data.

C. Use AWS DataSync to transfer the sequencing data to Amazon S3. Use S3 events to trigger an AWS Lambda function that starts an AWS Step Functions work ow. Store the Docker images in Amazon Elastic Container Registry (Amazon ECR) and trigger AWS Batch to run the container and process the sequencing data.

D. Use an AWS Storage Gateway le gateway to transfer the sequencing data to Amazon S3. Use S3 events to trigger an AWS Batch job that executes on Amazon EC2 instances running the Docker containers to process the data.

Correct Answer

Question 743

Exam Question

A company needs to store and process image data that will be uploaded from mobile devices using a custom mobile app. Usage peaks between 8 AM and 5 PM on weekdays, with thousands of uploads per minute. The app is rarely used at any other time A user is notified when image processing is complete.

When combination of actions should a solutions architect take to ensure image processing can scale to handle the load? (Select THREE )

A. Invoke an S3 Batch Operations job to perform image processing when a message is available in the queue

B. Invoke an AWS Lambda function to perform image processing when a message is available in the queue

C. Send a push notification to the mobile app by using Amazon Simple Notification Service (Amazon SNS) when processing is complete

D. Upload files from the mobile software directly to Amazon S3. Use S3 event notifications to create a message in an Amazon MQ queue.

E. Send a push notification to the mobile app by using Amazon Simple Email Service (Amazon SES) when processing is complete.

F. Upload files from the mobile software directly to Amazon S3 Use S3 event notifications to create a message in an Amazon Simple Queue Service (Amazon SQS) standard queue.

Correct Answer

A. Invoke an S3 Batch Operations job to perform image processing when a message is available in the queue

C. Send a push notification to the mobile app by using Amazon Simple Notification Service (Amazon SNS) when processing is complete

D. Upload files from the mobile software directly to Amazon S3. Use S3 event notifications to create a message in an Amazon MQ queue.

Question 744

Exam Question

A company runs a content management application on a single Windows Amazon EC2 instance in a development environment. The application reads and writes static content to a 2 TB Amazon Elastic Block Store (Amazon EBS) volume that is attached to the instance as the root device. The company plans to deploy this application in production as a highly available and fault-tolerant solution that runs on at least three EC2 instances across multiple Availability Zones.

A solutions architect must design a solution that joins all the instances that run the application to an Active Directory domain. The solution also must implement Windows ACLs to control access to le contents. The application always must maintain exactly the same content on all running instances at any given point in time.

Which solution will meet these requirements with the LEAST management overhead?

A. Create an Amazon Elastic File System (Amazon EFS) le share. Create an Auto Scaling group that extends across three Availability Zones and maintains a minimum size of three instances. Implement a user data script to install the application, join the instance to the AD domain, and mount the EFS le share.

B. Create a new AMI from the current EC2 Instance that is running. Create an Amazon FSx for Lustre le system. Create an Auto Scaling group that extends across three Availability Zones and maintains a minimum size of three instances. Implement a user data script to join the instance to the AD domain and mount the FSx for Lustre le system.

C. Create an Amazon FSx for Windows File Server le system. Create an Auto Scaling group that extends across three Availability Zones and maintains a minimum size of three instances. Implement a user data script to install the application and mount the FSx for Windows File Server le system. Perform a seamless domain join to join the instance to the AD domain.

D. Create a new AMI from the current EC2 instance that is running. Create an Amazon Elastic File System (Amazon EFS) le system. Create an Auto Scaling group that extends across three Availability Zones and maintains a minimum size of three Instances. Perform a seamless domain join to join the instance to the AD domain.

Correct Answer

Question 745

Exam Question

A read only news reporting site with a combined web and application tier and a database tier that receives large and unpredictable traffic demands must be able to respond to these traffic fluctuations automatically. What AWS services should be used meet these requirements?

A. Stateless instances for the web and application tier synchronized using ElastiCache Memcached in an autoscaling group monitored with CloudWatch, and multi-AZ RDS

B. Stateful instances for the web and application tier in an autoscaling group monitored with CloudWatch, and multi-AZ RDS

C. Stateful instances for the web and application tier in an autoscaling group monitored with CloudWatch, and RDS with read replicas

D. Stateless instances for the web and application tier synchronized using ElastiCache Memcached in an autoscaling group monitored with CloudWatch, and RDS with read replicas

Correct Answer

D. Stateless instances for the web and application tier synchronized using ElastiCache Memcached in an autoscaling group monitored with CloudWatch, and RDS with read replicas

Explanation

“A readonly reporting site” – so stateless and read-replicas can be used to scale. Multi-AZ will not provide the scaling requirements.

Question 746

Exam Question

A software as a service (SaaS) based company provides a case management solution to customers A3 part of the solution. The company uses a standalone Simple Mail Transfer Protocol (SMTP) server to send email messages from an application. The application also stores an email template for acknowledgement email messages that populate customer data before the application sends the email message to the customer.

The company plans to migrate this messaging functionality to the AWS Cloud and needs to minimize operational overhead.

Which solution will meet these requirements MOST cost-effectively?

A. Set up an SMTP server on Amazon EC2 instances by using an AMI from the AWS Marketplace. Store the email template in an Amazon S3 bucket. Create an AWS Lambda function to retrieve the template from the S3 bucket and to merge the customer data from the application with the template. Use an SDK in the Lambda function to send the email message.

B. Set up Amazon Simple Email Service (Amazon SES) to send email messages. Store the email template in an Amazon S3 bucket. Create an AWS Lambda function to retrieve the template from the S3 bucket and to merge the customer data from the application with the template. Use an SDK in the Lambda function to send the email message.

C. Set up an SMTP server on Amazon EC2 instances by using an AMI from the AWS Marketplace. Store the email template in Amazon Simple Email Service (Amazon SES) with parameters for the customer data. Create an AWS Lambda function to call the SES template and to pass customer data to replace the parameters. Use the AWS Marketplace SMTP server to send the email message.

D. Set up Amazon Simple Email Service (Amazon SES) to send email messages. Store the email template on Amazon SES with parameters for the customer data. Create an AWS Lambda function to call the SendTemplatedEmail API operation and to pass customer data to replace the parameters and the email destination.

Correct Answer

Explanation

This solution would meet the company’s requirements most cost-effectively because it uses Amazon SES to send email messages, which is a fully managed service that eliminates the need to set up and maintain an SMTP server. The email template is stored in an Amazon S3 bucket, which is a cost-effective object storage service that is highly durable and available. An AWS Lambda function can be used to retrieve the template from the S3 bucket and to merge the customer data from the application with the template. The Lambda function can also use an SDK to send the email message. This approach eliminates the need for EC2 instances and it’s more cost-effective than other options.

You can refer to the Amazon SES documentation for more information on how to use this service: https://aws.amazon.com/ses/ Amazon SES is a cost-effective and scalable email service that allows you to send transactional and marketing emails. Additionally, you can use SES to send templated email, which can be stored in the S3 bucket and retrieve by Lambda function, which will reduce the operational overhead. You can also use SNS for triggering the Lambda function when a new email need to be sent.

Question 747

Exam Question

A European online newspaper service hosts its public-facing WordPress site in collocated data center in London. The current WordPress infrastructure consists of a load balancer, two web servers, and one MySQL database server. A solutions architect is tasked with designing a solution with the following requirements:

Improve the websites performance.
Make the web tier scalable and stateless.
Improve the database server performance for read-heavy loads.
Reduce latency for users across Europe and the US
Design the new architecture with a goal of 99.9% availability.

Which solution meets these requirements while optimizing operational efficiency?

A. Use an Application Load Balancer (ALB) in front of an Auto Scaling group of WordPress Amazon EC2 instances in one AWS Region and three Availability Zones. Configure an Amazon cluster in front of a Multi-AZ Amazon Aurora MySQL DB cluster. Move the WordPress shared files to Amazon EPS. Configure Amazon CloudFront with (he ALB as the origin, and select a price class that includes the US and Europe.

B. Use an Application Load Balancer (ALB) In front of an Auto Scaling group of WordPress Amazon EC2 Instances in one AWS Region and three Availability Zones. Configure an Amazon DocumentDB table in front of a Multi-AZ Amazon Aurora MySQL DB duster. Move the WordPress shared files to Amazon EFS Configure Amazon CloudFront with the ALB as the origin, and a price class that includes all global locations.

C. Use an Application Load Balancer (ALB) in front of an Auto Scaling group of WordPress Amazon EC2 instances m two AWS Regions and two Availability Zones in each Region Configure an Amazon ElastiCache cluster in front of a global Amazon Aurora MySQL database. Move the WordPress shared files to Amazon EFS. Configure Amazon CloudFront with the ALB as the origin and select a price class that includes the US and Europe. Configure EFS cross-Region replication.

D. Use an Application Load Balancer (ALB) in front of an Auto Scaling group of WordPress Amazon EC2 instances in two AWS Regions and three Availability Zones in each Region Configure an Amazon ElastiCache duster in front of a global Amazon Aurora MySQL database. Move the WordPress shared files to Amazon FSx with cross-Region synchronization. Configure Amazon CloudFront with the ALB as the origin and a price class mat includes the US and Europe.

Correct Answer

Question 748

Exam Question

A company is processing videos in the AWS Cloud by Using Amazon EC2 instances in an Auto Scaling group. It takes 30 minutes to process a video Several EC2 instances scale in and out depending on the number of videos in an Amazon Simple Queue Service (Amazon SQS) queue.

The company has configured the SQS queue with a redrive policy that specifies a target dead-letter queue and a maxReceiveCount of 1. The company has set the visibility timeout for the SQS queue to 1 hour. The company has set up an Amazon CloudWatch alarm to notify the development team when there are messages in the dead-letter queue.

Several times during the day. the development team receives notification that messages are in the dead-letter queue and that videos have not been processed property. An investigation finds no errors m the application logs.

How can the company solve this problem?

A. Turn on termination protection tor the EC2 Instances

B. Update the visibility timeout for the SQS queue to 3 hours

C. Configure scale-in protection for the instances during processing

D. Update the redrive policy and set maxReceiveCount to 0.

Correct Answer

C. Configure scale-in protection for the instances during processing

Question 749

Exam Question

A company needs to optimize the cost of backups for Amazon Elastic File System (Amazon EFS). A solutions architect has already configured a backup plan in AWS Backup for the EFS backups. The backup plan contains a rule with a lifecycle configuration to transition EFS backups to cold storage after 7 days and to keep the backups for an additional 90 days.

After I month, the company reviews its EFS storage costs and notices an increase in the EFS backup costs. The EFS backup cold storage produces almost double the cost of the EFS warm backup storage.

What should the solutions architect do to optimize the cost?

A. Modify the backup rule’s lifecycle configuration to move the EFS backups to cold storage after 1 day. Set the backup retention period to 30 days.

B. Modify the backup rule’s lifecycle configuration to move the EFS backups to cold storage after 8 days. Set the backup retention period to 30 days.

C. Modify the backup rule’s lifecycle configuration to move the EFS backups to cold storage after 1 day. Set the backup retention period to 90 days.

D. Modify the backup rule’s lifecycle configuration to move the EFS backups to cold storage after 8 days. Set the backup retention period to 98 days.

Correct Answer

A. Modify the backup rule’s lifecycle configuration to move the EFS backups to cold storage after 1 day. Set the backup retention period to 30 days.

Explanation

The cost of EFS backup cold storage is $0.01 per GB-month, whereas the cost of EFS backup warm storage is $0.05 per GB-month1. Therefore, moving the backups to cold storage as soon as possible will reduce the storage cost. However, cold storage backups must be retained for a minimum of 90 days2, otherwise they incur a pro-rated charge equal to the storage charge for the remaining days1. Therefore, setting the backup retention period to 30 days will incur a penalty of 60 days of cold storage cost for each backup deleted. This penalty will still be lower than keeping the backups in warm storage for 7 days and then in cold storage for 83 days, which is the current configuration. Therefore, option A is the most cost-effective solution.

Question 750

Exam Question

A company has developed APIs that use Amazon API Gateway with Regional endpoints. The APIs call AWS Lambda functions that use API Gateway authentication mechanisms. After a design review, a solutions architect identi es a set of APIs that do not require public access.

The solutions architect must design a solution to make the set of APIs accessible only from a VPC. All APIs need to be called with an authenticated user

Which solution will meet these requirements with the LEAST amount of effort?

A. Create an internal Application Load Balancer (ALB). Create a target group. Select the Lambda function to call. Use the ALB DNS name to call the API from the VPC.

B. Remove the DNS entry that is associated with the API in API Gateway. Create a hosted zone in Amazon Route 53. Create a CNAME record in the hosted zone. Update the API in API Gateway with the CNAME record. Use the CNAME record to call the API from the VPC.

C. Update the API endpoint from Regional to private in API Gateway. Create an interface VPC endpoint in the VPCreate a resource policy, and attach it to the API. Use the VPC endpoint to call the API from the VP

D. Deploy the Lambda functions inside the VPC Provision an EC2 instance, and install an Apache server. From the Apache server, call the Lambda functions. Use the internal CNAME record of the EC2 instance to call the API from the VPC.