Skip to Content

AWS Certified Solutions Architect – Associate SAA-C02 Exam Questions and Answers – Page 8

The latest AWS Certified Solutions Architect – Associate SAA-C02 certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the AWS Certified Solutions Architect – Associate SAA-C02 exam and earn AWS Certified Solutions Architect – Associate SAA-C02 certification.

AWS Certified Solutions Architect - Associate SAA-C02 Exam Questions and Answers

Exam Question 721

A company must migrate 20 TB of data from a data center to the AWS Cloud within 30 days. The company’s network bandwidth is limited to 15 Mbps and cannot exceed 70% utilization. What should a solutions architect do to meet these requirements?

A. Use AWS Snowball.
B. Use AWS DataSync.
C. Use a secure VPN connection.
D. Use Amazon S3 Transfer Acceleration.

Correct Answer:
A. Use AWS Snowball.

Exam Question 722

A company has several business systems that require access to data stored in a file share. the business systems will access the file share using the Server Message Block (SMB) protocol. The file share solution should be accessible from both of the company’s legacy on-premises environment and with AWS.

Which services mod the business requirements? (Select TWO)

A. Amazon EBS
B. Amazon EFS
C. Amazon FSx for Windows
D. Amazon S3
E. AWS Storage Gateway file gateway

Correct Answer:
C. Amazon FSx for Windows
E. AWS Storage Gateway file gateway

Answer Description:

Keyword: SMB + On-premises

Condition: File accessible from both on-premises and AWS

Amazon FSx for Windows File Server

Amazon FSx for Windows File Server provides fully managed, highly reliable, and scalable file storage that is accessible over the industry-standard Server Message Block (SMB) protocol. It is built on Windows Server, delivering a wide range of administrative features such as user quotas, end-user file restore, and Microsoft Active Directory (AD) integration. It offers single-AZ and multi-AZ deployment options, fully managed backups, and encryption of data at rest and in transit. You can optimize cost and performance for your workload needs with SSD and HDD storage options; and you can scale storage and change the throughput performance of your file system at any time. Amazon FSx file storage is accessible from Windows, Linux, and macOS compute instances and devices running on AWS or on-premises.

How FSx for Windows File Server works

AWS Storage Gateway

AWS Storage Gateway is a hybrid cloud storage service that gives you on-premises access to virtually unlimited cloud storage. Customers use Storage Gateway to simplify storage management and reduce costs for key hybrid cloud storage use cases. These include moving backups to the cloud, using on-premises file shares backed by cloud storage, and providing low latency access to data in AWS for on-premises applications.

To support these use cases, Storage Gateway offers three different types of gateways – File Gateway, Tape Gateway, and Volume Gateway – that seamlessly connect on-premises applications to cloud storage, caching data locally for low-latency access. Your applications connect to the service through a virtual machine or gateway hardware appliance using standard storage protocols, such as NFS, SMB, and iSCSI. The gateway connects to AWS storage services, such as Amazon S3, Amazon S3 Glacier, Amazon S3 Glacier Deep Archive, Amazon EBS, and AWS Backup, providing storage for files, volumes, snapshots, and virtual tapes in AWS. The service includes a highly-optimized and efficient data transfer mechanism, with bandwidth management and automated network resilience.

How Storage Gateway works

The table below shows the different gateways available and the interfaces and use cases:

CORRECT: “Amazon FSx for Windows” is the correct answer. CORRECT: “Amazon Storage File Gateway” is the correct answer.

INCORRECT: “Amazon EBS” is incorrect as unsupported NFS/SMB. INCORRECT: “Amazon EFS” is incorrect as unsupported NFS/SMB. INCORRECT: “Amazon S3” is incorrect as unsupported NFS/SMB.

References:

Exam Question 723

A company has a Microsoft Windows-based application that must be migrated to AWS. This application requires the use of a shared Windows file system attached to multiple Amazon EC2 Windows instances.

What should a solution architect do to accomplish this?

A. Configure a volume using Amazon EFS Mount the EPS volume to each Windows Instance
B. Configure AWS Storage Gateway in Volume Gateway mode Mount the volume to each Windows instance
C. Configure Amazon FSx for Windows File Server Mount the Amazon FSx volume to each Windows Instance
D. Configure an Amazon EBS volume with the required size Attach each EC2 instance to the volume Mount the file system within the volume to each Windows instance

Correct Answer:
C. Configure Amazon FSx for Windows File Server Mount the Amazon FSx volume to each Windows Instance

Exam Question 724

Application developers have noticed that a production application is very slow when business reporting users run large production reports against the Amazon RDS instance backing the application. the CPU and memory utilization metrics for the RDS instanced not exceed 60% while the reporting queries are running. The business reporting users must be able to generate reports without affecting the applications performance.

Which action will accomplish this?

A. Increase the size of the RDS instance
B. Create a read replica and connect the application to it.
C. Enable multiple Availability Zones on the RDS instance
D. Create a read replication and connect the business reports to it.

Correct Answer:
D. Create a read replication and connect the business reports to it.

Exam Question 725

A company has created a VPC with multiple private subnets in multiple Availability Zones (AZs) and one public subnet in one of the AZs. The public subnet is used to launch a NAT gateway. There are instance in the private subnet that use a NAT gateway to connect to the internet. In case is used of an AZ failure, the company wants to ensure that the instance are not all experiencing internet connectivity issues and that there is a backup plan ready.

Which solution should a solutions architect recommend that is MOST highly available?

A. Create a new public subnet with a NAT gateway in the same AZ Distribute the traffic between the two NAT gateways
B. Create an Amazon EC2 NAT instance in a now public subnet Distribute the traffic between the NAT gateway and the NAT instance
C. Create public subnets In each f\Z and launch a NAT gateway in each subnet Configure the traffic from the private subnets In each A2 to the respective NAT gateway
D. Create an Amazon EC2 NAT instance in the same public subnet Replace the NAT gateway with the NAT instance and associate the instance with an Auto Scaling group with an appropriate scaling policy.

Correct Answer:
C. Create public subnets In each f\Z and launch a NAT gateway in each subnet Configure the traffic from the private subnets In each A2 to the respective NAT gateway

Exam Question 726

A company is using a VPC peering strategy to connect its VPCs in a single Region to allow for cross- communication. A recent increase in account creations and VPCs has made it difficult to maintain the VPC peering strategy, and the company expects to grow to hundreds of VPCs.

There are also new requests to create site-to-site VPNs with some of the VPCs. A solutions architect has been tasked with creating a centrally networking setup for multiple accounts, VPNS, and VPNs.

Which networking solution meets these requirements?

A. Configure shared VPCs and VPNs and share with each other
B. Configure a hub-and-spoke and route all traffic through VPC peering.
C. Configure an AWS Direct Connect between all VPCs and VPNs.
D. Configure a transit gateway with AWS Transit Gateway and connected all VPCs and VPNs.

Correct Answer:
D. Configure a transit gateway with AWS Transit Gateway and connected all VPCs and VPNs.

Exam Question 727

A solution architect must migrate a Windows internet information Services (IIS) web application to AWS. The application currently relies on a file share hosted in the user’s on-premises network-attached storage (NAS). The solution architected has proposed migrating the IIS web servers.

Which replacement to the on-promises filo share is MOST resilient and durable?

A. Migrate the file Share to Amazon RDS.
B. Migrate the tile Share to AWS Storage Gateway
C. Migrate the file Share to Amazon FSx dor Windows File Server.
D. Migrate the tile share to Amazon Elastic File System (Amazon EFS)

Correct Answer:
C. Migrate the file Share to Amazon FSx dor Windows File Server.

References:

Exam Question 728

A solution architect is performing a security review of a recently migrated workload. The workload is a web application that consists of Amazon EC2 instances in an Auto Scaling group behind an Application Load balancer. The solution architect must improve the security posture and minimize the impact of a DDoS attack on resources.

Which solution is MOST effective?

A. Configure an AWS WAF ACL with rate-based rules Create an Amazon CloudFront distribution that points to the Application Load Balancer. Enable the EAF ACL on the CloudFront distribution
B. Create a custom AWS Lambda function that adds identified attacks into a common vulnerability pool to capture a potential DDoS attack. use the identified information to modify a network ACL to block access.
C. Enable VPC Flow Logs and store them in Amazon S3. Create a custom AWS Lambda functions that parse the logs looking for a DDoS attack. Modify a network ACL to block identified source IP addresses.
D. Enable Amazon GuardDuty and, configure findings written 10 Amazon GloudWatch Create an event with Cloud Watch Events for DDoS alerts that triggers Amazon Simple Notification Service (Amazon SNS) Have Amazon SNS invoke a custom AWS Lambda function that parses the logs looking for a DDoS attack Modify a network ACL to block identified source IP addresses

Correct Answer:
A. Configure an AWS WAF ACL with rate-based rules Create an Amazon CloudFront distribution that points to the Application Load Balancer. Enable the EAF ACL on the CloudFront distribution

Exam Question 729

A company needs to share an Amazon S3 bucket with an external vendor. The bucket owner must be able to access all objects.

Which action should be taken to share the S3 bucket?

A. Update the bucket to be a Requester Pays bucket
B. Update the bucket to enable cross-origin resource sharing (CPORS)
C. Create a bucket policy to require users to grant bucket-owner-full when uploading objects
D. Create an IAM policy to require users to grant bucket-owner-full control when uploading objects.

Correct Answer:
C. Create a bucket policy to require users to grant bucket-owner-full when uploading objects

Exam Question 730

A company’s website provides users with downloadable historical performance reports. The website needs a solution that will scale to meet the company’s website demands globally. The solution should be cost effective, limit the? provisioning of Into and provide the fastest possible response time.

Which combination should a solutions architect recommend to meet these requirements?

A. Amazon CloudFront and Amazon S3
B. AWS Lambda and Amazon Dynamo
C. Application Load Balancer with Amazon EC2 Auto Scaling
D. Amazon Route 53 with internal Application Load Balances

Correct Answer:
A. Amazon CloudFront and Amazon S3

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.