AWS Architecture 1

1. A mobile application serves scientific articles from individual files in an Amazon S3 bucket. Articles older than 30 days are rarely read. Articles older than 60 days no longer need to be available through the application, but the application owner would like to keep them for historical purposes. Which cost-effective solution BEST meets these requirements?

2. A company is using an Amazon S3 bucket located in us-west-2 to serve videos to their customers. Their customers are located all around the world and the videos are requested a lot during peak hours. Customers in Europe complain about experiencing slow downloaded speeds, and during peak hours, customers in all locations report experiencing HTTP 500 errors. What can a Solutions Architect do to address these issues?

Place an elastic load balancer in front of the Amazon S3 bucket to distribute the load during peak hours.

Cache the web content with Amazon CloudFront and use all Edge locations for content delivery.

3. A website experiences unpredictable traffic. During peak traffic times, the database is unable to keep up with the write request. Which AWS service will help decouple the web application from the database?

Amazon SQS

Amazon EFS

Amazon S3

AWS Lambda

4. A Solutions Architect is designing an architecture for a mobile gaming application. The application is expected to be very popular. The Architect needs to prevent the Amazon RDS MySQL database from becoming a bottleneck due to frequently accessed queries. Which service or feature should the Architect add to prevent a bottleneck?

Multi-AZ feature on the RDS MySQL Database

ELB Classic Load Balancer in front of the web application tier

Amazon SQS in front of RDS MySQL Database

Amazon ElastiCache in front of the RDS MySQL Database

5. A Solutions Architect needs to design a solution that will enable a security team to detect, review, and perform root cause analysis of security incidents that occur in a cloud environment. The Architect must provide a centralized view of all API events for current and future AWS regions. How should the Architect accomplish this task?

Enable AWS CloudTrail logging in each individual region. Repeat this for all future regions.

Enable Amazon CloudWatch logs for all AWS services across all regions and aggregate them in a single Amazon S3 bucket.

Enable AWS Trusted Advisor security checks and report all security incidents for all regions.

6. A Solution Architect is designing a three-tier web application. The Architect wants to restrict access to the database tier to accept traffic from the application servers only. However, these application servers are in an Auto Scaling group and may vary in quantity. How should the Architect configure the database servers to meet the requirements?

Configure the database security group to allow database traffic from the application server IP addresses.

Configure the database security group to allow database traffic from the application server security group.

Configure the database subnet network ACL to deny all inbound non-database traffic from the application-tier subnet.

Configure the database subnet network ACL to allow inbound database traffic from the application-tier subnet.

7. A Solutions Architect is designing an application on AWS that uses persistent block storage. Data must be encrypted at rest. Which solution meets the requirement?

Enable SSL on Amazon EC2 instances.

Encrypt Amazon EBS volumes on Amazon EC2 instances.

Enable server-side encryption on Amazon S3.

Encrypt Amazon EC2 Instance Storage.

8. A Solutions Architect is designing a log-processing solution that requires storage that supports up to 500 MB/s throughput. The data is sequentially accessed by an Amazon EC2 instance. Which Amazon storage type satisfies these requirements?

EBS Provisioned IOPS SSD (io1)

EBS General Purpose SSD (gp2)

EBS Throughput Optimized HDD (st1)

EBS Cold HDD (sc1)

9. A web application experiences high compute costs due to serving a high amount of static web content. How should the web server architecture be designed to be the MOST cost-efficient?

Create an Auto Scaling group to scale out based on average CPU usage.

Create an Amazon CloudFront distribution to pull static content from an Amazon S3 bucket.

Leverage Reserved Instances to add additional capacity at a significantly lower price.

Create a multi-region deployment using an Amazon Route 53 geolocation routing policy.

10. A Solutions Architect is designing a new social media application. The application must provide a secure method for uploading profile photos. Each user should be able to upload a profile photo into a shared storage location for one week after their profile is created. Which approach will meet all of these requirements?

Use Amazon Kinesis with AWS CloudTrail for auditing the specific times when profile photos are uploaded.

Use Amazon EBS volumes with IAM policies restricting user access to specific time periods.

Use Amazon CloudFront with AWS CloudTrail for auditing the specific times when profile photos are uploaded.

11. An Internet-facing multi-tier web application must be highly available. An ELB Classic Load Balancer is deployed in front of the web tier. Amazon EC2 instances at the web application tier are deployed evenly across two Availability Zones. The database is deployed using RDS Multi-AZ. A NAT instance is launched for Amazon EC2 instances and database resources to access the Internet. These instances are not assigned with public IP addresses. Which component poses a potential single point of failure in this architecture?

Amazon EC2

NAT instance

ELB Classic Load Balancer

Amazon RDS

12. A call center application consists of a three-tier application using Auto Scaling groups to automatically scale resources as needed. Users report that every morning at 9:00 AM the system becomes very slow for about 15 minutes. A Solution Architect determines that a large percentage of the call center staff starts work at 9:00 AM, so Auto Scaling does not have enough time to scale out to meet demand. How can the Architect fix the problem?

Change the Auto Scaling group's scale out event to scale based on network utilization.

Create an Auto Scaling scheduled action to scale out the necessary resources at 8:30 AM every morning.

Use Reserved Instances to ensure the system has reserved the right amount of capacity for the scale-up events.

13. A Solutions Architect is designing a solution that includes a managed VPN connection. To monitor whether the VPN connection is up or down, the Architect should use:

An external service to ping the VPN endpoint from outside the VPC.

AWS CloudTrail to monitor the endpoint.

The CloudWatch TunnelState Metric.

An AWS Lambda function that parses the VPN connection logs.

14. A company is evaluating Amazon S3 as a data storage solution for their daily analyst reports. The company has implemented stringent requirements concerning the security of the data at rest. Specifically, the CISO asked for the use of envelope encryption with separate permissions for the use of an envelope key, automated rotation of the encryption keys, and visibility into when an encryption key was used and by whom. Which steps should a Solutions Architect take to satisfy the security requirements requested by the CISO?

Create an Amazon S3 bucket to store the reports and use Server-Side Encryption with Customer-Provided Keys (SSE-C).

Create an Amazon S3 bucket to store the reports and use Server-Side Encryption with Amazon S3-Managed Keys (SSE-S3).

Create an Amazon S3 bucket to store the reports and use Server-Side Encryption with AWS KMS-Managed Keys (SSE-KMS).

15. An application relies on messages being sent and received in order. The volume will never exceed more than 300 transactions each second. Which service should be used?

Amazon SQS

Amazon SNS

Amazon ECS

AWS STS

16. An organization is currently hosting a large amount of frequently accessed data consisting of key-value pairs and semi-structured documents in their data center. They are planning to move this data to AWS. Which of one of the following services MOST effectively meets their needs?

Amazon Redshift

Amazon RDS

Amazon DynamoDB

Amazon Aurora

17. A Solutions Architect plans to migrate NAT instances to NAT gateway. The Architect has NAT instances with scripts to manage high availability. What is the MOST efficient method to achieve similar high availability with NAT gateway?

Remove source/destination check on NAT instances.

Launch a NAT gateway in each Availability Zone.

Use a mix of NAT instances and NAT gateway.

Add an ELB Application Load Balancer in front of NAT gateway.

18. A Solutions Architect needs to build a resilient data warehouse using Amazon Redshift. The Architect needs to rebuild the Redshift cluster in another region. Which approach can the Architect take to address this requirement?

Modify the Redshift cluster and configure cross-region snapshots to the other region.

Modify the Redshift cluster and configure the backup and specify the Amazon S3 bucket in the other region.

Modify the Redshift cluster to use AWS Snowball in export mode with data delivered to the other region.

19. A Solutions Architect is designing the architecture for a new three-tier web-based e-commerce site that must be available 24/7. Requests are expected to range from 100 to 10,000 each minute. Usage can vary depending on time of day, holidays, and promotions. The design should be able to handle these volumes, with the ability to handle higher volumes if necessary. How should the Architect design the architecture to ensure the web tier is cost-optimized and can handle the expected traffic? (Select two.)

Launch Amazon EC2 instances in an Auto Scaling group behind an ELB.

Store all static files in a multi-AZ Amazon Aurora database.

Create an CloudFront distribution pointing to static content in Amazon S3.

Use Amazon Route 53 to route traffic to the correct region.

Use Amazon S3 multi-part uploads to improve upload times.

Submit

20. A news organization plans to migrate their 20 TB video archive to AWS. The files are rarely accessed, but when they are, a request is made in advance and a 3 to 5-hour retrieval time frame is acceptable. However, when there is a breaking news story, the editors require access to archived footage within minutes. Which storage solution meets the needs of this organization while providing the LOWEST cost of storage?

Store the archive in Amazon S3 Reduced Redundancy Storage.

Store the archive in Amazon Glacier and use standard retrieval for all content.

Store the archive in Amazon Glacier and pay the additional charge for expedited retrieval when needed.

Store the archive in Amazon S3 with a lifecycle policy to move this to S3 Infrequent Access after 30 days.

21. A Solutions Architect is helping a customer migrate an application to AWS. The application is composed of a fleet of Linux servers that currently use a shared file system to read and write data. One of the goals of moving this application to AWS is to increase the reliability of the storage tier. What solution would increase reliability while minimizing the operational overhead of managing this infrastructure?

Create an EBS volume and mount it to all the servers.

Create an EFS file system and mount it to all the servers.

Create an S3 bucket that can be accessed through an S3 VPC Endpoint.

Create two EC2 instances in separate Availability Zones that act as file servers.

22. A company plans to use AWS for all new batch processing workloads. The company's developers use Docker containers for the new batch processing. The system design must accommodate critical and non-critical batch processing workloads 24/7. How should a Solutions Architect design this architecture in a cost-efficient manner?

Purchase Reserved Instances to run all containers. Use Auto Scaling groups to schedule jobs.

Host a container management service on Spot Instances. Use Reserved Instances to run Docker containers.

Use Amazon ECS orchestration and Auto Scaling groups: one with Reserve Instances, one with Spot Instances.

Use Amazon ECS to manage container orchestration. Purchase Reserved Instances to run all batch workloads at the same time.

23. A manufacturing company captures data from machines running at customer sites. Currently, thousands of machines send data every 5 minutes, and this is expected to grow to hundreds of thousands of machines in the near future. The data is logged with the intent to be analyzed in the future as needed. What is the SIMPLEST method to store this streaming data at scale?

Create an Amazon Kinesis Firehouse delivery stream to store the data in Amazon S3.

Create an Auto Scaling group of Amazon EC2 servers behind ELBs to write the data into Amazon RDS.

Create an Amazon SQS queue, and have the machines write to the queue.

Create an Amazon EC2 server farm behind an ELB to store the data in Amazon EBS Cold HDD volumes.

24. A Solutions Architect is designing an application that will encrypt all data in an Amazon Redshift cluster. Which action will encrypt the data at rest?

Place the Redshift cluster in a private subnet.

Use the AWS KMS Default Customer master key.

Encrypt the Amazon EBS volumes.

Encrypt the data using SSL/TLS.

25. A company is launching a marketing campaign on their website tomorrow and expects a significant increase in traffic. The website is designed as a multi-tiered web architecture, and the increase in traffic could potentially overwhelm the current design. What should a Solutions Architect do to minimize the effects from a potential failure in one or more of the tiers?

Migrate the database to Amazon RDS.

Set up DNS failover to a statistic website.

Use Auto Scaling to keep up with the demand.

Use both a SQL and a NoSQL database in the design.

26. A Solutions Architect is designing a database solution that must support a high rate of random disk reads and writes. It must provide consistent performance, and requires long-term persistence. Which storage solution BEST meets these requirements?

An Amazon EBS Provisioned IOPS volume

An Amazon EBS General Purpose volume

An Amazon EBS Magnetic volume

An Amazon EC2 Instance Store

27. A Solutions Architect is designing a new application that needs to access data in a different AWS account located within the same region. The data must not be accessed over the Internet. Which solution will meet these requirements with the LOWEST cost?

Add rules to the security groups in each account.

Establish a VPC Peering connection between accounts.

Configure Direct Connect in each account.

Add a NAT Gateway to the data account.

28. A Solutions Architect is designing a mobile application that will capture receipt images to track expenses. The Architect wants to store the images on Amazon S3. However, uploading images through the web server will create too much traffic. What is the MOST efficient method to store images from a mobile application on Amazon S3?

Upload directly to S3 using a pre-signed URL.

Upload to a second bucket, and have a Lambda event copy the image to the primary bucket.

Expand the web server fleet with Spot Instances to provide the resources to handle the images.

29. A company requires that the source, destination, and protocol of all IP packets be recorded when traversing a private subnet. What is the MOST secure and reliable method of accomplishing this goal.

Create VPC flow logs on the subnet.

Enable source destination check on private Amazon EC2 instances.

Enable AWS CloudTrail logging and specify an Amazon S3 bucket for storing log files.

Create an Amazon CloudWatch log to capture packet information.

30. A Solution Architect is designing an application that uses Amazon EBS volumes. The volumes must be backed up to a different region. How should the Architect meet this requirement?

Create EBS snapshots directly from one region to another.

Move the data to an Amazon S3 bucket and enable cross-region replication.

Create EBS snapshots and then copy them to the desired region.

Use a script to copy data from the current Amazon EBS volume to the destination Amazon EBS volume.

31. A Solutions Architect is designing network architecture for an application that has compliance requirements. The application will be hosted on Amazon EC2 instances in a private subnet and will be using Amazon S3 for storing data. The compliance requirements mandate that the data cannot traverse the public Internet. What is the MOST secure way to satisfy this requirement?

Use a NAT Instance.

Use a NAT Gateway.

Use a VPC endpoint.

Use a Virtual Private Gateway.

32. A Solution Architect is designing a disaster recovery solution for a 5 TB Amazon Redshift cluster. The recovery site must be at least 500 miles (805 kilometers) from the live site. How should the Architect meet these requirements?

Use AWS CloudFormation to deploy the cluster in a second region.

Take a snapshot of the cluster and copy it to another Availability Zone.

Modify the Redshift cluster to span two regions.

Enable cross-region snapshots to a different region.

33. A Solutions Architect is designing a web application. The web and application tiers need to access the Internet, but they cannot be accessed from the Internet. Which of the following steps is required?

Launch a NAT gateway in the public subnet and add a route to it from the private subnet.

Launch Amazon EC2 instances in the public subnet and change the security group to allow outbound traffic on port 80.

Launch a NAT gateway in the private subnet and deploy a NAT instance in the private subnet.

34. A company has a Node.js application running on Amazon EC2 that currently retrieves data for customers from a DynamoDB table. The company is seeing many repeat queries for the same items, and the number of queries is continuing to increase as the application gains popularity. What solution will reduce the number of read capacity units (RCUs) required while minimizing the amount of refactoring that must be done to the application?

Use Amazon ElastiCache to provide a caching layer

Use a Lambda function to make concurrent requests for caching

Use Amazon DynamoDB Accelerator (DAX) to provide a caching layer

Obtain Reserved Capacity for Amazon DynamoDB to manage the increased number of queries

35. A company is launching an application that it expects to be very popular. The company needs a database that can scale with the rest of the application. The schema will change frequently. The application cannot afford any downtime for database changes. Which AWS service allows the company to achieve these objectives?

Amazon Redshift

Amazon DynamoDB

Amazon RDS MySQL

Amazon Aurora

36. A social networking portal experiences latency and throughput issues due to an increased number of users. Application servers use very large datasets from an Amazon RDS database, which creates a performance bottleneck on the database. Which AWS service should be used to improve performance?

Auto Scaling

Amazon SQS

Amazon ElastiCache

ELB Application Load Balancer

37. An application requires block storage for file updates. The data is 500 GB and must continuously sustain 100 MiB/s of aggregate read/write operations. Which storage option is appropriate for this application?

Amazon S3

Amazon EFS

Amazon EBS

Amazon Glacier

38. A Solutions Architect is designing a solution for a media company that will stream large amounts of data from an Amazon EC2 instance. The data streams are typically large and sequential, and must be able to support up to 500 MB/s. Which storage type will meet the performance requirements of this application?

EBS Provisioned IOPS SSD

EBS General Purpose SSD

EBS Cold HDD

EBS Throughput Optimized HDD

39. A company plans to migrate a website to AWS to use a serverless architecture. The website contains both static and dynamic content and is accessed by users across the world. The website should maintain sessions for returning users to improve the user experience. Which service should a Solutions Architect use for a cost-efficient solution with the LOWEST latency?

Amazon S3, AWS Lambda, Amazon API Gateway, and Amazon DynamoDB

Amazon CloudFront, AWS Lambda, API Gateway, and Amazon RDS

Amazon CloudFront, Elastic Load Balancing, Amazon EC2, and Amazon RDS

Amazon S3, Amazon CloudFront, AWS Lambda, Amazon API Gateway, and Amazon DynamoDB.

40. A bank is writing new software that is heavily dependent upon the database transactions for write consistency. The application will also occasionally generate reports on data in the database, and will do joins across multiple tables. The database must automatically scale as the amount of data grows. Which AWS service should be used to run the database?

Amazon S3

Amazon Aurora

Amazon DynamoDB

Amazon Redshift

41. A customer has written an application that uses Amazon S3 exclusively as a data store. The application works well until the customer increases the rate at which the application is updating information. The customer now reports that outdated data occasionally appears when the application accesses objects in Amazon S3. What could be the problem, given that the application logic is otherwise correct?

The application is reading parts of objects from Amazon S3 using a range header.

The application is reading objects from Amazon S3 using parallel object requests.

The application is updating records by writing new objects with unique keys.

The application is updating records by overwriting existing objects with the same keys.

42. An application stack includes an Elastic Load Balancer in a public subnet, a fleet of Amazon EC2 instances in an Auto Scaling group, and an Amazon RDS MySQL cluster. Users connect to the application from the Internet. The application servers and database must be secure. How should a Solutions Architect perform this task?

Create a private subnet for the Amazon EC2 instances and a public subnet for the Amazon RDS cluster.

Create a private subnet for the Amazon EC2 instances and a private subnet for the Amazon RDS cluster.

Create a public subnet for the Amazon EC2 instances and a private subnet for the Amazon RDS cluster.

Create a public subnet for the Amazon EC2 instances and a public subnet for the Amazon RDS cluster.

43. A Solutions Architect is designing solution with AWS Lambda where different environments require different database passwords. What should the Architect do to accomplish this in a secure and scalable way?

Create a Lambda function for each individual environment.

Use Amazon DynamoDB to store environmental variables.

Use encrypted AWS Lambda environmental variables.

Implement a dedicated Lambda function for distributing variables.

44. An e-commerce application is hosted in AWS. The last time a new product was launched, the application experienced a performance issue due to an enormous spike in traffic. Management decided that capacity must be doubled the week after the product is launched. Which is the MOST efficient way for management to ensure that capacity requirements are met?

Add a Step Scaling policy.

Add a Dynamic Scaling policy.

Add a Scheduled Scaling action.

Add Amazon EC2 Spot Instances.

45. A customer owns a simple API for their website that receives about 1,000 requests each day and has an average response time of 50 ms. It is currently hosted on one c4.large instance. Which changes to the architecture will provide high availability at the LOWEST cost?

Recreate the API using Amazon API Gateway and use AWS Lambda as the service backend.

Recreate the API using Amazon API Gateway and integrate the new API with the existing backend service.

46. A customer has a production application that frequently overwrites and deletes data, the application requires the most up-to-date version of the data every time it is requested. Which storage should a Solutions Architect recommend to bet accommodate this use case?

Amazon S3

Amazon RDS

Amazon RedShift

AWS Storage Gateway

47. Developers are creating a new online transaction processing (OLTP) application for a small database that is very read-write intensive. A single table in the database is updated continuously throughout the day, and the developers want to ensure that the database performance is consistent. Which Amazon EBS storage option will achieve the MOST consistent performance to help maintain application performance?

Provisioned IOPS SSD

General Purpose SSD

Cold HDD

Throughput Optimized HDD

48. A web application runs on 10 EC2 instances launched from a single customer Amazon Machine Image (AMI). The EC2 instances are behind an Internet Application Load Balancer. Amazon Route 53 provides DNS for the application. How should a Solutions Architect automate recovery when a web server instance stops replying to request?

Launch the instances in an Auto Scaling group with an Elastic Load Balancing health check.

Launch instances in multiple Availability Zones and set the load balancer to Multi-AZ.

Add CloudWatch alarm actions for each instance to restart if the Status Check (Any) fails.

Add Route 53 records for each instance with an instance health check.

49. A company has asked a Solutions Architect to ensure that data is protected during data transfer to and from Amazon S3. Use of which service will protect the data in transit?

AWS KMS

HTTPS

SFTP

FTPS

50. A company has an application that accesses a MySQL database installed on a single EC2 instance. The instance recently experienced a fault and brought down the entire application for several hours. The company wants to address the issue but is concerned about spending too much time modifying application code or managing the legacy application. What should the Solutions Architect recommend to remove this single point of failure with the FEWEST changes to the application code and the LEAST amount of administrative effort?

Implement a caching layer by using Amazon ElastiCache to store query results of frequently accessed information.

Deploy a second EC2 instance with MySQL installed, and configure replication between this instance and the existing MySQL instance.

Migrate the database to an RDS MySQL Multi-AZ DB instance, and point the application servers to the new RDS instance.

51. A company's development team plans to create an Amazon S3 bucket that contains millions of images. The team wants to maximize the read performance of Amazon S3. Which naming scheme should the company use?

Add a date as the prefix.

Add a sequential id as the suffix.

Add a hexadecimal hash as the suffix.

Add a hexadecimal hash as the prefix.

52. A Solutions Architect is designing a solution to store a large quantity of event data in Amazon S3. The Architect anticipates that the workload will consistently exceed 100 requests each second. What should the Architect do in Amazon S3 to optimize performance?

Randomize a key name prefix.

Store the event data in separate buckets.

Randomize the key name suffix.

Use Amazon S3 Transfer Acceleration.

53. A popular e-commerce application runs on AWS. The application encounters performance issues. The database is unable to handle the amount of queries and load during peak times. The database is running on the RDS Aurora engine on the largest instance size available. What should an administrator do to improve performance?

Convert the database to Amazon Redshift.

Create a CloudFront distribution.

Convert the database to use EBS Provisioned IOPS.

Create one or more read replicas.

54. A customer is looking for a storage archival solution for 1,000 TB of data. The customer requires that the solution be durable and data be available within a few hours of requesting it, but not exceeding a day. The solution should be as cost-effective as possible. To meet security compliance policies, data must be encrypted at rest. The customer expects they will need to fetch the data two times in a year. Which storage solution should a Solutions Architect recommend to meet these requirements?

Copy data to Amazon S3 buckets by using server-side encryption. Move data to Amazon S3 to reduce redundancy storage (RRS).

Copy data to encrypted Amazon EBS volumes, then store data into Amazon S3.

Copy each object into a separate Amazon Glacier vault, and let Amazon Glacier take care of encryption.

55. A legacy application needs to interact with local storage using iSCSI. A team needs to design a reliable storage solution to provision all new storage on AWS. Which storage solution meets the legacy application requirements?

AWS Snowball storage for the legacy application until the application can be re-architected.

AWS Storage Gateway in cached mode for the legacy application storage to write data to Amazon S3.

AWS Storage Gateway in stored mode for the legacy application storage to write data to Amazon S3.

An Amazon S3 volume mounted on the legacy application server locally using the File Gateway service.

56. A Lambda function must execute a query against an Amazon RDS database in a private subnet. Which steps are required to allow the Lambda function to access the Amazon RDS database? (Select two.)

Create a VPC Endpoint for Amazon RDS.

Create the Lambda function within the Amazon RDS VPC.

Change the ingress rules of Lambda security group, allowing the Amazon RDS security group.

Change the ingress rules of the Amazon RDS security group, allowing the Lambda security group.

Add an Internet Gateway (IGW) to the VPC, route the private subnet to the IGW.

Submit

57. A Solutions Architect is designing a photo application on AWS. Every time a user uploads a photo to Amazon S3, the Architect must insert a new item to a DynamoDB table. Which AWS-managed service is the BEST fit to insert the item?

Lambda@Edge

AWS Lambda

Amazon API Gateway

Amazon EC2 instances

58. A credit card processing application, hosted on an on-premises server, needs to communicate directly with a database hosted on an Amazon EC2 instance running in a private subnet of a VPC. Compliance requirements state that end-to-end communication should be encrypted. Which solution will ensure that this requirement is met?

Use HTTPS for traffic over VPC peering between the VPC and the on-premises datacenter.

Use HTTPS for traffic over the Internet between the on-premises server and the Amazon EC2 instance.

Use HTTPS for traffic over a VPN connection between the VPC and the on-premises datacenter.

Use HTTPS for traffic over gateway VPC endpoints that have been configured for the Amazon EC2 instance.

59. A team is launching a marketing campaign and the peak database read activity in Amazon Aurora for MySQL is expected to increase. A Solutions Architect decides to add two Read Replicas to the cluster. How should the Solutions Architect ensure that the connections for read activities are load balanced?

Reader endpoint for Amazon Aurora

Cluster endpoint for Amazon Aurora

Primary DB instance endpoint for Amazon Aurora

Replica DB instances endpoint for Aurora

60. A company has a legacy application using a proprietary file system and plans to migrate the application to AWS. Which storage service should the company use?

Amazon DynamoDB

Amazon S3

Amazon EBS

Amazon EFS

61. A legacy application running in premises requires a Solutions Architect to be able to open a firewall to allow access to several Amazon S3 buckets. The Architect has a VPN connection to AWS in place. How should the Architect meet this requirement?

Create an IAM role that allows access from the corporate network to Amazon S3.

Configure a proxy on Amazon EC2 and use an Amazon S3 VPC endpoint.

Use Amazon API Gateway to do IP whitelisting.

Configure IP whitelisting on the customer's gateway

62. A user is testing a new service that receives location updates from 3,600 rental cars every hour. Which service will collect data and automatically scale to accommodate production workload?

Amazon EC2

Amazon Kinesis Firehose

Amazon EBS

Amazon API Gateway

63. A Solution Architect is designing a two-tier application for maximum security, with a web tier running on EC2 instances and the data stored in an RDS DB instance. The web tier should accept user access only through HTTPS connections (port 443) from the Internet, and the data must be encrypted in transit to and from the database. What combination of steps will MOST securely meet the stated requirements? (Choose two.)

Create a security group for the web tier instances that allows inbound traffic only over port 443.

Enforce Transparent Data Encryption (TDE) on the RDS database.

Create a network ACL that allows inbound traffic only over port 443.

Configure the web servers to communicate with RDS by using SSL, and issue certificates to the web tier EC2 instances.

Create a customer master key in AWS KMS and apply it to encrypt the RDS instance.

Submit

64. A Solutions Architect has a multi-layer application running in Amazon VPC. The application has an ELB Classic Load Balancer as the front end in a public subnet, and an Amazon EC2-based reverse proxy that performs content-based routing to two backend Amazon EC2 instances hosted in a private subnet. The Architect sees tremendous traffic growth and is concerned that the reverse proxy and current backend set up will be insufficient. Which actions should the Architect take to achieve a cost-effective solution that ensures the application automatically scales to meet traffic demand? (Select two.)

Replace the Amazon EC2 reverse proxy with an ELB internal Classic Load Balancer.

Add Auto Scaling to the Amazon EC2 backend fleet.

Add Auto Scaling to the Amazon EC2 reverse proxy layer.

Use t2 burstable instance types for the backend fleet.

Replace both the frontend and reverse proxy layers with an ELB Application Load Balancer.

Submit

65. A company is launching a static website using the zone apex (mycompany.com). The company wants to use Amazon Route 53 for DNS. Which steps should the company perform to implement a scalable and cost-effective solution? (Choose two.)

Host the website using AWS Elastic Beanstalk, and map a Route 53 alias record to the Beanstalk stack.

Serve the website from an Amazon S3 bucket, and map a Route 53 alias record to the website endpoint.

Create a Route 53 hosted zone, and set the NS records of the domain to use Route 53 name servers.

Submit

AWS Architecture 1

2.

What first name or nickname would you like us to use?

3. A website experiences unpredictable traffic. During peak traffic times, the database is unable to keep up with the write request. Which AWS service will help decouple the web application from the database?

7. A Solutions Architect is designing an application on AWS that uses persistent block storage. Data must be encrypted at rest. Which solution meets the requirement?

8. A Solutions Architect is designing a log-processing solution that requires storage that supports up to 500 MB/s throughput. The data is sequentially accessed by an Amazon EC2 instance. Which Amazon storage type satisfies these requirements?

9. A web application experiences high compute costs due to serving a high amount of static web content. How should the web server architecture be designed to be the MOST cost-efficient?

13. A Solutions Architect is designing a solution that includes a managed VPN connection. To monitor whether the VPN connection is up or down, the Architect should use:

15. An application relies on messages being sent and received in order. The volume will never exceed more than 300 transactions each second. Which service should be used?

16. An organization is currently hosting a large amount of frequently accessed data consisting of key-value pairs and semi-structured documents in their data center. They are planning to move this data to AWS. Which of one of the following services MOST effectively meets their needs?

17. A Solutions Architect plans to migrate NAT instances to NAT gateway. The Architect has NAT instances with scripts to manage high availability. What is the MOST efficient method to achieve similar high availability with NAT gateway?

18. A Solutions Architect needs to build a resilient data warehouse using Amazon Redshift. The Architect needs to rebuild the Redshift cluster in another region. Which approach can the Architect take to address this requirement?

24. A Solutions Architect is designing an application that will encrypt all data in an Amazon Redshift cluster. Which action will encrypt the data at rest?

26. A Solutions Architect is designing a database solution that must support a high rate of random disk reads and writes. It must provide consistent performance, and requires long-term persistence. Which storage solution BEST meets these requirements?

27. A Solutions Architect is designing a new application that needs to access data in a different AWS account located within the same region. The data must not be accessed over the Internet. Which solution will meet these requirements with the LOWEST cost?

29. A company requires that the source, destination, and protocol of all IP packets be recorded when traversing a private subnet. What is the MOST secure and reliable method of accomplishing this goal.

30. A Solution Architect is designing an application that uses Amazon EBS volumes. The volumes must be backed up to a different region. How should the Architect meet this requirement?

32. A Solution Architect is designing a disaster recovery solution for a 5 TB Amazon Redshift cluster. The recovery site must be at least 500 miles (805 kilometers) from the live site. How should the Architect meet these requirements?

33. A Solutions Architect is designing a web application. The web and application tiers need to access the Internet, but they cannot be accessed from the Internet. Which of the following steps is required?

36. A social networking portal experiences latency and throughput issues due to an increased number of users. Application servers use very large datasets from an Amazon RDS database, which creates a performance bottleneck on the database. Which AWS service should be used to improve performance?

37. An application requires block storage for file updates. The data is 500 GB and must continuously sustain 100 MiB/s of aggregate read/write operations. Which storage option is appropriate for this application?

43. A Solutions Architect is designing solution with AWS Lambda where different environments require different database passwords. What should the Architect do to accomplish this in a secure and scalable way?

45. A customer owns a simple API for their website that receives about 1,000 requests each day and has an average response time of 50 ms. It is currently hosted on one c4.large instance. Which changes to the architecture will provide high availability at the LOWEST cost?

46. A customer has a production application that frequently overwrites and deletes data, the application requires the most up-to-date version of the data every time it is requested. Which storage should a Solutions Architect recommend to bet accommodate this use case?

49. A company has asked a Solutions Architect to ensure that data is protected during data transfer to and from Amazon S3. Use of which service will protect the data in transit?

51. A company's development team plans to create an Amazon S3 bucket that contains millions of images. The team wants to maximize the read performance of Amazon S3. Which naming scheme should the company use?

52. A Solutions Architect is designing a solution to store a large quantity of event data in Amazon S3. The Architect anticipates that the workload will consistently exceed 100 requests each second. What should the Architect do in Amazon S3 to optimize performance?

55. A legacy application needs to interact with local storage using iSCSI. A team needs to design a reliable storage solution to provision all new storage on AWS. Which storage solution meets the legacy application requirements?

56. A Lambda function must execute a query against an Amazon RDS database in a private subnet. Which steps are required to allow the Lambda function to access the Amazon RDS database? (Select two.)

57. A Solutions Architect is designing a photo application on AWS. Every time a user uploads a photo to Amazon S3, the Architect must insert a new item to a DynamoDB table. Which AWS-managed service is the BEST fit to insert the item?

60. A company has a legacy application using a proprietary file system and plans to migrate the application to AWS. Which storage service should the company use?

61. A legacy application running in premises requires a Solutions Architect to be able to open a firewall to allow access to several Amazon S3 buckets. The Architect has a VPN connection to AWS in place. How should the Architect meet this requirement?

62. A user is testing a new service that receives location updates from 3,600 rental cars every hour. Which service will collect data and automatically scale to accommodate production workload?

65. A company is launching a static website using the zone apex (mycompany.com). The company wants to use Amazon Route 53 for DNS. Which steps should the company perform to implement a scalable and cost-effective solution? (Choose two.)