Documente Academic
Documente Profesional
Documente Cultură
Answer: B
New Question
A Solution Architect is designing a two-tier application for maximum security, with a web tier
running on EC2 instances and the data stored in an RDS DB instance. The web tier should
accept user access only through HTTPS connections (port 443) from the Internet, and the data
A. Create a security group for the web tier instances that allows inbound traffic only over port 443.
B. Enforce Transparent Data Encryption (TDE) on the RDS database.
C. Create a network ACL that allows inbound traffic only over port 443.
D. Configure the web servers to communicate with RDS by using SSL, and issue certificates to the
web tier EC2 instances.
E. Create a customer master key in AWS KMS and apply it to encrypt the RDS instance.
Answer: AD
New Question
A credit card processing application, hosted on an on-premises server, needs to communicate
directly with a database hosted on an Amazon EC2 instance running in a private subnet of a
VPC. Compliance requirements state that end-to-end communication should be encrypted.
Which solution will ensure that this requirement is met?
A. Use HTTPS for traffic over VPC peering between the VPC and the on-premises datacenter.
B. Use HTTPS for traffic over the Internet between the on-premises server and the Amazon EC2
instance.
C. Use HTTPS for traffic over a VPN connection between the VPC and the on-premises datacenter.
D. Use HTTPS for traffic over gateway VPC endpoints that have been configured for the Amazon
EC2 instance.
Answer: C
New Question
A company has asked a Solutions Architect to ensure that data is protected during data transfer
to and from Amazon S3.
Use of which service will protect the data in transit?
A. AWS KMS
B. HTTPS
C. SFTP
D. FTPS
Answer: B
Explanation:
https://aws.amazon.com/premiumsupport/knowledge-center/secure-s3-resources/
New Question
A Solutions Architect is trying to bring a data warehouse workload to an Amazon EC2 instance.
The data will reside in Amazon EBS volumes and full table scans will be executed frequently.
What type of Amazon EBS volume would be most suitable in this scenario?
Answer: A
Explanation:
https://aws.amazon.com/ebs/features/
New Question
A Solutions Architect has a three-tier web application that serves customers worldwide. Analysis
reveals that product images take more time to load than expected.
Which action will improve the image load time?
Answer: C
Explanation:
https://aws.amazon.com/getting-started/tutorials/deliver-content-faster/
New Question
A gaming application is heavily dependent on caching and uses Amazon ElastiCache for Redis.
The application performance was recently degraded due to failure of the cache node.
What should a Solutions Architect recommend to minimize performance degradation in the
future?
Answer: C
Explanation:
https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/WhatIs.html
New Question
A client has set up an Auto Scaling group associated with a load balancer. The client has noticed
that instances launched by the Auto Scaling group are reported unhealthy as the result of an
Elastic Load Balancing (ELB) health check, but these unhealthy instances are not being
terminated.
What can a Solutions Architect do to ensure that the instances marked unhealthy will be
terminated and replaced?
A. Increase the value for the health check interval set on the ELB load balancer.
B. Change the thresholds set on the Auto Scaling group health check.
Answer: C
New Question
A Solutions Architect must review an application deployed on EC2 instances that currently stores
multiple 5-GB files on attached instance store volumes. The company recently experienced a
significant data loss after stopping and starting their instances and wants to prevent the data loss
from happening again. The solution should minimize performance impact and the number of code
changes required.
What should the Solutions Architect recommend?
Answer: B
Explanation:
http://jayendrapatil.com/tag/i2/
New Question
An organization is deploying Amazon ElastiCache for Redis and requires password protection to
improve their data security posture.
Which solution should a Solutions Architect recommend?
A. Redis Auth
B. AWS Single Sign-On
C. IAM database authentication
D. VPC security group for Redis
Answer: A
Explanation:
https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/auth.html
New Question
A Solutions Architect is designing a solution to send Amazon CloudWatch Alarm notifications to a
group of users on a smartphone mobile application.
What are the key steps to this solution? (Choose two.)
A. Configure the CloudWatch Alarm to send the notification to an Amazon SNS topic whenever there
is an alarm.
B. Configure the CloudWatch Alarm to send the notification to a mobile phone number whenever
there is an alarm.
C. Configure the CloudWatch Alarm to send the notification to the email addresses whenever there
is an alarm.
Answer: AD
Explanation:
https://aws.amazon.com/sns/faqs/
New Question
A company uses Amazon S3 for storing a variety of files. A Solutions Architect needs to design a
feature that will allow users to instantly restore any deleted files within 30 days of deletion.
Which is the MOST cost-efficient solution?
A. Create lifecycle policies that move the objects to Amazon Glacier and delete them after 30 days.
B. Enable cross-region replication. Empty the replica bucket every 30 days using an AWS Lambda
function.
C. Enable versioning and create a lifecycle policy to remove expired versions after 30 days.
D. Enable versioning and MFA Delete. Using a Lambda function, remove MFA delete from objects
more than 30 days old.
Answer: C