What should a solutions architect do to optimize utilization MOST oosl-elfectively?
A.Enable auto scaling on the original Aurora Database
B.Convert the original Aurora Database to Aurora parallel query
C.Convert the original Aurora Database to Aurora global database
D.Convert the original Aurora Database to Aurora Aurora serverless
A company's website handles millions of requests each day. and the number of requests continues to increase. A solutions architect needs to improve the response time of the web application. The solutions architect determines that the application needs to decrease latency. When retrieving product details from the Amazon DynamoDB table?
A.Set up a DynamoOB Accelerator (DAX) cluster.
Route all read requests through DAX.
B.Set up Amazon ElasliCache (or Redis between the DynamoOB table and the web application.
Route all read requests through Redis.
C.Set up Amazon ElasliCache for Memcached between the DynamoOB table and the web application.
Route all read requests through Memcached.
D.Set up Amazon DynamoOB Streams on the table, and have AWS Lambda read from the table and populate Amazon ElastiCache.
Route all read requests through ElasliCache.
A company needs to retain application log files for a critical application for 10years. The application team regularly accesses logs from the past month for troubleshooting, but logs older than 1 month are rarely accessed. The application generates more than 10 TB of logs per month. Which storage option meets these requirements MOST cost-effectively?
A.Store the logs in Amazon S3.
Use AWS Backup to move logs more than 1 month old to S3 Glacier Deep Archive
B.Store the logs in Amazon S3.
Use S3 Lifecycle policies to move logs more than 1 month old to S3 Glacier Deep Archive.
C.Store the logs in Amazon CloudWatch Logs.
Use AWS Backup to move logs more than 1 month old to S3 Glacier Deep Archive.
D.Store the logs in Amazon CloudWatch Logs.
Use Amazon S3 Lifecycle policies to move logs more than 1 month old to S3 Glacier Deep Archive.
A gaming company is using Amazon DynamoDB to run a high-score leaderboard and record the game progress for users. The company is launching a new game that is expected to be active for years.
The database activity at launch cannot be predicted; but it is expected to stabilize after 4 weeks. Currently, the company is using on-demand capacity mode for processing reads and writes on all DynamoDB tables.
What is the MOST cost-effective way for the company to control the DynamoDB capacity during the new game launch?
A.Use on-demand mode and purchase DynamoDB reserved capacity for the first 4 weeks of the game launch
B.Use provisioned capacity mode, and purchase DynamoDB reserved capacity for the first 4 weeks of the game launch
C.Use provisioned capacity mode for the game launch, switch back to on-demand mode after 4 weeks, and then purchase DynamoDB reserved capacity
D.Use on-demand mode for the game launch, switch to provisioned capacity mode after 4 weeks and then purchase DynamoDB reserved capacity
A solutions architect is reviewing the cost of a company's scheduled nightly maintenance. The solutions architect notices that three Amazon EC2 instances are being run to perform nine scripted tasks that take less than 5 minutes each to complete. The scripts are all written in Python. Which action should the company take to optimize costs of the nightly maintenance?
A.Consolidate the scripts from the three EC2 instances to run on one EC2 instance.
B.Convert the scripts to AWS Lambda functions and schedule them with Amazon EventBridge (Amazon CloudWatch Events).
C.Purchase a Compute Savings Plan for the running EC2 instances.
D.Create a Spot Fleet to replace the running EC2 instances for executing the scripts.
A company runs an online media site, hosted on-premises. An employee posted a product review that contained videos and pictures. The review went viral and the company needs to handle the resulting spike in website traffic.
What action would provide an immediate solution?
A.Redesign the website to use Amazon API Gateway, and use AWS Lambda to deliver content
B.Add server instances using Amazon EC2 and use Amazon Route 53 with a failover routing policy
C.Serve the images and videos using an Amazon CloudFront distribution created using the news site as the origin
D.Use Amazon ElasbCache for Redis for caching and reducing the load requests from the origin
A solutions architect is designing an elastic application that will have between 10 and 50 Amazon EC2 concurrent instances running depending on the load.
Each instance must mount storage that will read and write to the same 50 GB folder.
Which storage type meets the requirements?
B.Amazon Elastic File System (Amazon EFS)
C.Amazon Amazon Elastic Block Store (Amazon EBS) volumes
D.Amazon EC2 instance store
A company is using Amazon RDS for MySQL. The company disaster recovery requirements state that a near real time replica of the database must be maintained on premises.
The company wants the data to be encrypted in transit/
Which solution meets these requirements?
A.Use AWS Database Migration Service (AWS DMS) and AWS Direct Connect to migrate the data from AWS to on premises.
B.Use MySQL replication to replicate from AWS to on premises over an IPsec VPN on top of an AWS Direct Connect Connection.
C.Use AWS Data Pipeline to replicate from AWS to on premises over an IPsec VPN on top of an AWS Direct Connect Connection.
D.Use the Amazon RDS Multi-Az Feature. Choose on premises as the failover availability zone over an IPsec vpn on top of an AWS Direct Connect Connection
A company stops a cluster of Amazon EC2 instances over a weekend.
The costs decrease, but they do not drop to zero.
Which resources could still be generating costs?
A.Elastic IP address
B.Data transfer out
C.Regional data transfers
D.Amazon Elastic Block Store (Amazon EBS) volumes
E.AWS Auto Scaling
A city has deployed a web application running on AmazonEC2 instances behind an Application Load Balancer (ALB).
The Application's users have reported sporadic performance, which appears to be related to DDoS attacks originating from random IP addresses.
The City needs a solution that requires minimal configuration changes and provides an audit trail for the DDoS source.
Which solution meets these requirements?
A.Enable an AWS WAF web ACL on the ALB and configure rules to block traffic from unknown sources.
B.Subscribe to Amazon inspector.
Engage the AWS DDoS Resource Team (DRT) to integrate migrating controls into the service.
C.Subscribe to AWS shield advanced.
Engage the AWS DDoS Response team (DRT) to integrate migrating controls into the service.
D.Create an Amazon CloudFront distribution for the application and set the ALB as the origin.
Enable an AWS WAF web ACL on the distribution and configure rules to block traffic from unknown sources.
A solutions architect is designing a new workload in which an AWS Lambda function will access an Amazon DynamoDB table.
What is the MOST secure means of granting the Lambda function access to the DynamoDB labia?
A.Create an IAM role with the necessary permissions to access the DynamoDB table.
Assign the role to the Lambda function.
B.Create a DynamoDB user name and password and give them to the developer to use in the Lambda function.
C.Create an IAM user, and create access and secret keys for the user.
Give the user the necessary permissions to access the DynarnoOB table.
Have the developer use these keys to access the resources.
D.Create an IAM role allowing access from AWS Lambda.
Assign the role to the DynamoDB table
A company expects its user base to increase five times over one year. Its application is hosted in one region and uses an Amazon RDS for MySQL database, an Application Load Balance Amazon Elastic Container Service (Amazon ECS) to host the website and its microservices. Which design changes should a solutions architect recommend to support the expected growth? (Select TWO.)
A.Move static files from Amazon ECS to Amazon S3
B.Use an Amazon Route 53 geolocation routing policy.
C.Scale the environment based on real-time AWS CloudTrail logs.
D.Create a dedicated Elastic Load Balancer for each microservice.
E.Create RDS lead replicas and change the application to use these replicas.
A company wants to run a static website served through Amazon CloudFront.
What is an advantage of storing the website content in an Amazon S3 bucket instead of an Amazon Elastic Block Store (Amazon EBS) volume?
A.S3 buckets are replicated globally, allowing for large scalability.
EBS volumes are replicated only within an AWS Region.
B.S3 is an origin for CloudFront.
EBS volumes would need EC2 instances behind an Elastic Load Balancing load balancer to be an origin
C.S3 buckets can be encrypted, allowing for secure storage of the web files.
EBS volumes cannot be encrypted.
D.S3 buckets support object-level read throttling, preventing abuse.
EBS volumes do not provide object-level throttling.
A company has an application running on Amazon EC2 On-Demand Instances. The application does not scale, and the Instances run In one AWS Region. The company wants the flexibility to change the operating system from Windows to AWS Linux in the future. The company needs to reduce the cost of the instances without creating additional operational overhead or changes to the application.
What should the company purchase lo meet these requirements MOST cost-effectively?
A.Dedicated Hosts for the Instance type being used
B.A Compute Savings Plan for the instance type being used
C.An EC2 Instance Savings Plan (or the instance type being used
D.Convertible Reserved Instances tor the instance type being used
A company has a Windows-based application that must be migrated to AWS.
The application requires the use of a shared Windows file system attached to multiple Amazon EC2 Windows instances that are deployed across Availability Zones.
What should a solution architect do to meet this requirement?
A.Configure AWS Storage gateway in volume gateway mode.
Mount the volume to each Windows instance.
B.Configure Amazon FSx for Windows File Server.
Mount the Amazon FSx file system to each Windows instance.
C.Configure a file system by using Amazon Elastic File System (Amazon EFS).
Mount the EFS file system to each Windows instance.
D.Configure an Amazon Elastic Block Store (Amazon EBS) volume with the required size.
Attach each instance to the volume.
Mount the file system within the volume to each Windows instance.
A company has an application running as a service in Amazon Elastic Container Service (Amazon EC2) using the Amazon launch type.
The application code makes AWS API calls to publish messages to Amazon Simple Queue Service (Amazon SQS).
What is the MOST secure method of giving the application permission to publish messages to Amazon SQS?
A.Use AWS identity and Access Management (IAM) to grant SQS permissions to the role used by the launch configuration for the Auto Scaling group of the ECS cluster.
B.Create a new IAM user with SQS permissions.
The update the task definition to declare the access key ID and secret access key as environment variables.
C.Create a new IAM role with SQS permissions.
The update the task definition to use this role for the task role setting.
D.Update the security group used by the ECS cluster to allow access to Amazon SQS
53 latency -based routing to route requests to its UDP-based application tor users around the world the application is hosted on redundant servers in the company's on-premises data centers in the United States Asia, and Europe The company's compliance requirements state that the application must be hosted on premises. The company wants to improve the performance and availability of the application.
What should a solutions architect do to meet these requirements?
A.Configure throe Network Load Balancers (NLBs) in the three AWS Regions to address the on-premises endpoints.
Create an accelerator by using AWS Global Accelerator, and register the NLBs as its endpoints.
Provide access to the application by using a CNAML that points to the accelerator DNS.
B.Configure three Application Load Balancers (ALGs) in the three AWS Regions to wireless the on-premises endpoints.
Create an accelerator by using AWS Global Accelerator, and register the ALBs as its endpoints.
Provide access to the application by using a CNAK1L that points to the accelerator UNS
C.Configure three Network Load Balancers (NLOs) in the three AWS Regions to address the on-prernises endpoints in Route 53.
Create latency-based record that points to the three NLBs. and use it as an origin for an Amazon CloudFront distribution.
Provide access to the application by using a CNAML that points to the CloudFront DNS.
D.Configure three Application Load Balancers (ALBs) in the three AWS Regions to address the on premises endpoint. in Route 53.
Create a latency based record that points to the three ALUs and use it as an origin for an Amazon CloudFront distribution.
Provide access to the application by using a CNAMF that points to the CloudFront DNS.
A company wants to launch a new application using Amazon Route 53, an Application Load Balancer (ALB), and an Amazon EC2 Auto Scaling group. The company is preparing to perform user experience testing and has a limited budget for this phase of the project. Although the company plans to do a load test in the future, it wants to prevent users from load testing at this time because it wants to limit unnecessary EC2 automatic scaling.
What should a solutions architect do to minimize costs of the user experience testing?
A.Configure AWS Shield's client request threshold to 100 connections per client.
B.Deploy AWS WAF on the ALB with a rate-based rule configured to limit the number of requests each client can make.
C.Configure the ALB with an advanced request routing policy to throttle the client connections being sent to the Auto Scaling group.
D.Deploy Amazon Simple Queue Service (Amazon SQS) between the ALB and Auto Scaling group to queue client requests and change the Auto Scaling group maximum size to one.
An application launched on Amazon EC2 instances needs to publish personally identifiable information (PH) about customers using Amazon Simple Notification Service (Amazon SNS).
The application is launched in private subnets within an Amazon VPC.
What is the MOST secure way to allow the application to access service endpoints in the same AWS Region?
A.Use an internet gateway
B.Use AWS PrivateLink
C.Use a NAT gateway.
D.Use a proxy instance
A company fails an AWS security review conducted by a third party.
The review finds that some of the company's methods to access the Amazon EMR API are not secure.
Developers are using AWS Cloud9, and access keys are connecting to the Amazon EMR API through the public internet.
Which combination of steps should the company take to MOST improve its security? (Select TWO)
A.Set up a VPC peering connection to the Amazon EMR API
B.Set up VPC endpoints to connect to the Amazon EMR API
C.Set up a NAT gateway to connect to the Amazon EMR API.
D.Set up IAM roles to be used to connect to the Amazon EMR API
E.Set up each developer with AWS Secrets Manager to store access keys
A company is rolling out a new web service, but is unsure how many customers the service will attract.
However, the company is unwilling to accept any downtime.
What could a solutions architect recommend to the company to keep?
2021 Latest Braindump2go SAA-C02 PDF and SAA-C02 VCE Dumps Free Share: