AWS Architecture 1
.
- 1.
A Solutions Architect is designing an application that will encrypt all data in an Amazon Redshift cluster. Which action will encrypt the data at rest?
- A.
Place the Redshift cluster in a private subnet.
- B.
Use the AWS KMS Default Customer master key.
- C.
Encrypt the Amazon EBS volumes.
- D.
Encrypt the data using SSL/TLS.
Correct Answer
B. Use the AWS KMS Default Customer master key. -
- 2.
A website experiences unpredictable traffic. During peak traffic times, the database is unable to keep up with the write request. Which AWS service will help decouple the web application from the database?
- A.
Amazon SQS
- B.
Amazon EFS
- C.
Amazon S3
- D.
AWS Lambda
Correct Answer
A. Amazon SQS -
- 3.
A legacy application needs to interact with local storage using iSCSI. A team needs to design a reliable storage solution to provision all new storage on AWS. Which storage solution meets the legacy application requirements?
- A.
AWS Snowball storage for the legacy application until the application can be re-architected.
- B.
AWS Storage Gateway in cached mode for the legacy application storage to write data to Amazon S3.
- C.
AWS Storage Gateway in stored mode for the legacy application storage to write data to Amazon S3.
- D.
An Amazon S3 volume mounted on the legacy application server locally using the File Gateway service.
Correct Answer
B. AWS Storage Gateway in cached mode for the legacy application storage to write data to Amazon S3. -
- 4.
A Solutions Architect is designing an architecture for a mobile gaming application. The application is expected to be very popular. The Architect needs to prevent the Amazon RDS MySQL database from becoming a bottleneck due to frequently accessed queries. Which service or feature should the Architect add to prevent a bottleneck?
- A.
Multi-AZ feature on the RDS MySQL Database
- B.
ELB Classic Load Balancer in front of the web application tier
- C.
Amazon SQS in front of RDS MySQL Database
- D.
Amazon ElastiCache in front of the RDS MySQL Database
Correct Answer
D. Amazon ElastiCache in front of the RDS MySQL Database -
- 5.
A company is launching an application that it expects to be very popular. The company needs a database that can scale with the rest of the application. The schema will change frequently. The application cannot afford any downtime for database changes. Which AWS service allows the company to achieve these objectives?
- A.
Amazon Redshift
- B.
Amazon DynamoDB
- C.
Amazon RDS MySQL
- D.
Amazon Aurora
Correct Answer
B. Amazon DynamoDB -
- 6.
A Solution Architect is designing a disaster recovery solution for a 5 TB Amazon Redshift cluster. The recovery site must be at least 500 miles (805 kilometers) from the live site. How should the Architect meet these requirements?
- A.
Use AWS CloudFormation to deploy the cluster in a second region.
- B.
Take a snapshot of the cluster and copy it to another Availability Zone.
- C.
Modify the Redshift cluster to span two regions.
- D.
Enable cross-region snapshots to a different region.
Correct Answer
D. Enable cross-region snapshots to a different region. -
- 7.
A customer has written an application that uses Amazon S3 exclusively as a data store. The application works well until the customer increases the rate at which the application is updating information. The customer now reports that outdated data occasionally appears when the application accesses objects in Amazon S3. What could be the problem, given that the application logic is otherwise correct?
- A.
The application is reading parts of objects from Amazon S3 using a range header.
- B.
The application is reading objects from Amazon S3 using parallel object requests.
- C.
The application is updating records by writing new objects with unique keys.
- D.
The application is updating records by overwriting existing objects with the same keys.
Correct Answer
D. The application is updating records by overwriting existing objects with the same keys. -
- 8.
A Solutions Architect is designing a new social media application. The application must provide a secure method for uploading profile photos. Each user should be able to upload a profile photo into a shared storage location for one week after their profile is created. Which approach will meet all of these requirements?
- A.
Use Amazon Kinesis with AWS CloudTrail for auditing the specific times when profile photos are uploaded.
- B.
Use Amazon EBS volumes with IAM policies restricting user access to specific time periods.
- C.
Use Amazon S3 with the default private access policy and generate pre-signed URLs each time a new site profile is created.
- D.
Use Amazon CloudFront with AWS CloudTrail for auditing the specific times when profile photos are uploaded.
Correct Answer
C. Use Amazon S3 with the default private access policy and generate pre-signed URLs each time a new site profile is created. -
- 9.
An application requires block storage for file updates. The data is 500 GB and must continuously sustain 100 MiB/s of aggregate read/write operations. Which storage option is appropriate for this application?
- A.
Amazon S3
- B.
Amazon EFS
- C.
Amazon EBS
- D.
Amazon Glacier
Correct Answer
C. Amazon EBS -
- 10.
A mobile application serves scientific articles from individual files in an Amazon S3 bucket. Articles older than 30 days are rarely read. Articles older than 60 days no longer need to be available through the application, but the application owner would like to keep them for historical purposes. Which cost-effective solution BEST meets these requirements?
- A.
Create a Lambda function to move files older than 30 days to Amazon EBS and move files older than 60 days to Amazon Glacier.
- B.
Create a Lambda function to move files older than 30 days to Amazon Glacier and move files older than 60 days to Amazon EBS.
- C.
Create lifecycle rules to move files older than 30 days to Amazon S3 Standard Infrequent Access and move files older than 60 days to Amazon Glacier.
- D.
Create lifecycle rules to move files older than 30 days to Amazon Glacier and move files older than 60 days to Amazon S3 Standard Infrequent Access.
Correct Answer
C. Create lifecycle rules to move files older than 30 days to Amazon S3 Standard Infrequent Access and move files older than 60 days to Amazon Glacier. -
- 11.
An organization is currently hosting a large amount of frequently accessed data consisting of key-value pairs and semi-structured documents in their data center. They are planning to move this data to AWS. Which of one of the following services MOST effectively meets their needs?
- A.
Amazon Redshift
- B.
Amazon RDS
- C.
Amazon DynamoDB
- D.
Amazon Aurora
Correct Answer
C. Amazon DynamoDB -
- 12.
A Lambda function must execute a query against an Amazon RDS database in a private subnet. Which steps are required to allow the Lambda function to access the Amazon RDS database? (Select two.)
- A.
Create a VPC Endpoint for Amazon RDS.
- B.
Create the Lambda function within the Amazon RDS VPC.
- C.
Change the ingress rules of Lambda security group, allowing the Amazon RDS security group.
- D.
Change the ingress rules of the Amazon RDS security group, allowing the Lambda security group.
- E.
Add an Internet Gateway (IGW) to the VPC, route the private subnet to the IGW.
Correct Answer(s)
B. Create the Lambda function within the Amazon RDS VPC.
D. Change the ingress rules of the Amazon RDS security group, allowing the Lambda security group. -
- 13.
A Solutions Architect needs to build a resilient data warehouse using Amazon Redshift. The Architect needs to rebuild the Redshift cluster in another region. Which approach can the Architect take to address this requirement?
- A.
Modify the Redshift cluster and configure cross-region snapshots to the other region.
- B.
Modify the Redshift cluster to take snapshots of the Amazon EBS volumes each day, sharing those snapshots with the other region.
- C.
Modify the Redshift cluster and configure the backup and specify the Amazon S3 bucket in the other region.
- D.
Modify the Redshift cluster to use AWS Snowball in export mode with data delivered to the other region.
Correct Answer
A. Modify the Redshift cluster and configure cross-region snapshots to the other region. -
- 14.
A popular e-commerce application runs on AWS. The application encounters performance issues. The database is unable to handle the amount of queries and load during peak times. The database is running on the RDS Aurora engine on the largest instance size available. What should an administrator do to improve performance?
- A.
Convert the database to Amazon Redshift.
- B.
Create a CloudFront distribution.
- C.
Convert the database to use EBS Provisioned IOPS.
- D.
Create one or more read replicas.
Correct Answer
D. Create one or more read replicas. -
- 15.
A Solutions Architect is designing the architecture for a new three-tier web-based e-commerce site that must be available 24/7. Requests are expected to range from 100 to 10,000 each minute. Usage can vary depending on time of day, holidays, and promotions. The design should be able to handle these volumes, with the ability to handle higher volumes if necessary. How should the Architect design the architecture to ensure the web tier is cost-optimized and can handle the expected traffic? (Select two.)
- A.
Launch Amazon EC2 instances in an Auto Scaling group behind an ELB.
- B.
Store all static files in a multi-AZ Amazon Aurora database.
- C.
Create an CloudFront distribution pointing to static content in Amazon S3.
- D.
Use Amazon Route 53 to route traffic to the correct region.
- E.
Use Amazon S3 multi-part uploads to improve upload times.
Correct Answer(s)
A. Launch Amazon EC2 instances in an Auto Scaling group behind an ELB.
C. Create an CloudFront distribution pointing to static content in Amazon S3. -
- 16.
A Solution Architect is designing a three-tier web application. The Architect wants to restrict access to the database tier to accept traffic from the application servers only. However, these application servers are in an Auto Scaling group and may vary in quantity. How should the Architect configure the database servers to meet the requirements?
- A.
Configure the database security group to allow database traffic from the application server IP addresses.
- B.
Configure the database security group to allow database traffic from the application server security group.
- C.
Configure the database subnet network ACL to deny all inbound non-database traffic from the application-tier subnet.
- D.
Configure the database subnet network ACL to allow inbound database traffic from the application-tier subnet.
Correct Answer
B. Configure the database security group to allow database traffic from the application server security group. -
- 17.
An Internet-facing multi-tier web application must be highly available. An ELB Classic Load Balancer is deployed in front of the web tier. Amazon EC2 instances at the web application tier are deployed evenly across two Availability Zones. The database is deployed using RDS Multi-AZ. A NAT instance is launched for Amazon EC2 instances and database resources to access the Internet. These instances are not assigned with public IP addresses. Which component poses a potential single point of failure in this architecture?
- A.
Amazon EC2
- B.
NAT instance
- C.
ELB Classic Load Balancer
- D.
Amazon RDS
Correct Answer
B. NAT instance -
- 18.
A call center application consists of a three-tier application using Auto Scaling groups to automatically scale resources as needed. Users report that every morning at 9:00 AM the system becomes very slow for about 15 minutes. A Solution Architect determines that a large percentage of the call center staff starts work at 9:00 AM, so Auto Scaling does not have enough time to scale out to meet demand. How can the Architect fix the problem?
- A.
Change the Auto Scaling group's scale out event to scale based on network utilization.
- B.
Create an Auto Scaling scheduled action to scale out the necessary resources at 8:30 AM every morning.
- C.
Use Reserved Instances to ensure the system has reserved the right amount of capacity for the scale-up events.
- D.
Permanently keep a steady state of instances that is needed at 9:00 AM to guarantee available resources, but leverage Spot Instances.
Correct Answer
B. Create an Auto Scaling scheduled action to scale out the necessary resources at 8:30 AM every morning. -
- 19.
An e-commerce application is hosted in AWS. The last time a new product was launched, the application experienced a performance issue due to an enormous spike in traffic. Management decided that capacity must be doubled the week after the product is launched. Which is the MOST efficient way for management to ensure that capacity requirements are met?
- A.
Add a Step Scaling policy.
- B.
Add a Dynamic Scaling policy.
- C.
Add a Scheduled Scaling action.
- D.
Add Amazon EC2 Spot Instances.
Correct Answer
C. Add a Scheduled Scaling action. -
- 20.
A customer owns a simple API for their website that receives about 1,000 requests each day and has an average response time of 50 ms. It is currently hosted on one c4.large instance. Which changes to the architecture will provide high availability at the LOWEST cost?
- A.
Create an Auto Scaling group with a minimum of one instance and a maximum of two instances, then use an Application Load Balancer to balance the traffic.
- B.
Recreate the API using Amazon API Gateway and use AWS Lambda as the service backend.
- C.
Create an Auto Scaling group with a maximum of two instances, then use an Application Load Balancer to balance the traffic.
- D.
Recreate the API using Amazon API Gateway and integrate the new API with the existing backend service.
Correct Answer
B. Recreate the API using Amazon API Gateway and use AWS Lambda as the service backend. -
- 21.
A Solution Architect is designing an application that uses Amazon EBS volumes. The volumes must be backed up to a different region. How should the Architect meet this requirement?
- A.
Create EBS snapshots directly from one region to another.
- B.
Move the data to an Amazon S3 bucket and enable cross-region replication.
- C.
Create EBS snapshots and then copy them to the desired region.
- D.
Use a script to copy data from the current Amazon EBS volume to the destination Amazon EBS volume.
Correct Answer
C. Create EBS snapshots and then copy them to the desired region. -
- 22.
A company is using an Amazon S3 bucket located in us-west-2 to serve videos to their customers. Their customers are located all around the world and the videos are requested a lot during peak hours. Customers in Europe complain about experiencing slow downloaded speeds, and during peak hours, customers in all locations report experiencing HTTP 500 errors. What can a Solutions Architect do to address these issues?
- A.
Place an elastic load balancer in front of the Amazon S3 bucket to distribute the load during peak hours.
- B.
Cache the web content with Amazon CloudFront and use all Edge locations for content delivery.
- C.
Replicate the bucket in eu-west-1 and use an Amazon Route 53 failover routing policy to determine which bucket it should serve the request to.
- D.
Use an Amazon Route 53 weighted routing policy for the CloudFront domain name to distribute the GET request between CloudFront and the Amazon S3 bucket directly.
Correct Answer
B. Cache the web content with Amazon CloudFront and use all Edge locations for content delivery. -
- 23.
A Solutions Architect is designing a solution that includes a managed VPN connection. To monitor whether the VPN connection is up or down, the Architect should use:
- A.
An external service to ping the VPN endpoint from outside the VPC.
- B.
AWS CloudTrail to monitor the endpoint.
- C.
The CloudWatch TunnelState Metric.
- D.
An AWS Lambda function that parses the VPN connection logs.
Correct Answer
C. The CloudWatch TunnelState Metric. -
- 24.
A social networking portal experiences latency and throughput issues due to an increased number of users. Application servers use very large datasets from an Amazon RDS database, which creates a performance bottleneck on the database. Which AWS service should be used to improve performance?
- A.
Auto Scaling
- B.
Amazon SQS
- C.
Amazon ElastiCache
- D.
ELB Application Load Balancer
Correct Answer
C. Amazon ElastiCache -
- 25.
A Solutions Architect is designing network architecture for an application that has compliance requirements. The application will be hosted on Amazon EC2 instances in a private subnet and will be using Amazon S3 for storing data. The compliance requirements mandate that the data cannot traverse the public Internet. What is the MOST secure way to satisfy this requirement?
- A.
Use a NAT Instance.
- B.
Use a NAT Gateway.
- C.
Use a VPC endpoint.
- D.
Use a Virtual Private Gateway.
Correct Answer
C. Use a VPC endpoint. -
- 26.
Developers are creating a new online transaction processing (OLTP) application for a small database that is very read-write intensive. A single table in the database is updated continuously throughout the day, and the developers want to ensure that the database performance is consistent. Which Amazon EBS storage option will achieve the MOST consistent performance to help maintain application performance?
- A.
Provisioned IOPS SSD
- B.
General Purpose SSD
- C.
Cold HDD
- D.
Throughput Optimized HDD
Correct Answer
A. Provisioned IOPS SSD -
- 27.
A Solutions Architect is designing a log-processing solution that requires storage that supports up to 500 MB/s throughput. The data is sequentially accessed by an Amazon EC2 instance. Which Amazon storage type satisfies these requirements?
- A.
EBS Provisioned IOPS SSD (io1)
- B.
EBS General Purpose SSD (gp2)
- C.
EBS Throughput Optimized HDD (st1)
- D.
EBS Cold HDD (sc1)
Correct Answer
C. EBS Throughput Optimized HDD (st1) -
- 28.
A company's development team plans to create an Amazon S3 bucket that contains millions of images. The team wants to maximize the read performance of Amazon S3. Which naming scheme should the company use?
- A.
Add a date as the prefix.
- B.
Add a sequential id as the suffix.
- C.
Add a hexadecimal hash as the suffix.
- D.
Add a hexadecimal hash as the prefix.
Correct Answer
A. Add a date as the prefix. -
- 29.
A Solutions Architect needs to design a solution that will enable a security team to detect, review, and perform root cause analysis of security incidents that occur in a cloud environment. The Architect must provide a centralized view of all API events for current and future AWS regions. How should the Architect accomplish this task?
- A.
Enable AWS CloudTrail logging in each individual region. Repeat this for all future regions.
- B.
Enable Amazon CloudWatch logs for all AWS services across all regions and aggregate them in a single Amazon S3 bucket.
- C.
Enable AWS Trusted Advisor security checks and report all security incidents for all regions.
- D.
Enable AWS CloudTrail by creating a new trail and apply the trail to all regions. Reveal Solution Discussion 14
Correct Answer
D. Enable AWS CloudTrail by creating a new trail and apply the trail to all regions. Reveal Solution Discussion 14 -
- 30.
A company has a legacy application using a proprietary file system and plans to migrate the application to AWS. Which storage service should the company use?
- A.
Amazon DynamoDB
- B.
Amazon S3
- C.
Amazon EBS
- D.
Amazon EFS
Correct Answer
C. Amazon EBS -
- 31.
A company plans to use AWS for all new batch processing workloads. The company's developers use Docker containers for the new batch processing. The system design must accommodate critical and non-critical batch processing workloads 24/7. How should a Solutions Architect design this architecture in a cost-efficient manner?
- A.
Purchase Reserved Instances to run all containers. Use Auto Scaling groups to schedule jobs.
- B.
Host a container management service on Spot Instances. Use Reserved Instances to run Docker containers.
- C.
Use Amazon ECS orchestration and Auto Scaling groups: one with Reserve Instances, one with Spot Instances.
- D.
Use Amazon ECS to manage container orchestration. Purchase Reserved Instances to run all batch workloads at the same time.
Correct Answer
C. Use Amazon ECS orchestration and Auto Scaling groups: one with Reserve Instances, one with Spot Instances. -
- 32.
A company is evaluating Amazon S3 as a data storage solution for their daily analyst reports. The company has implemented stringent requirements concerning the security of the data at rest. Specifically, the CISO asked for the use of envelope encryption with separate permissions for the use of an envelope key, automated rotation of the encryption keys, and visibility into when an encryption key was used and by whom. Which steps should a Solutions Architect take to satisfy the security requirements requested by the CISO?
- A.
Create an Amazon S3 bucket to store the reports and use Server-Side Encryption with Customer-Provided Keys (SSE-C).
- B.
Create an Amazon S3 bucket to store the reports and use Server-Side Encryption with Amazon S3-Managed Keys (SSE-S3).
- C.
Create an Amazon S3 bucket to store the reports and use Server-Side Encryption with AWS KMS-Managed Keys (SSE-KMS).
- D.
Create an Amazon S3 bucket to store the reports and use Amazon s3 versioning with Server-Side Encryption with Amazon S3-Managed Keys (SSE-S3).
Correct Answer
C. Create an Amazon S3 bucket to store the reports and use Server-Side Encryption with AWS KMS-Managed Keys (SSE-KMS). -
- 33.
A customer has a production application that frequently overwrites and deletes data, the application requires the most up-to-date version of the data every time it is requested. Which storage should a Solutions Architect recommend to bet accommodate this use case?
- A.
Amazon S3
- B.
Amazon RDS
- C.
Amazon RedShift
- D.
AWS Storage Gateway
Correct Answer
B. Amazon RDS -
- 34.
A Solutions Architect is designing a photo application on AWS. Every time a user uploads a photo to Amazon S3, the Architect must insert a new item to a DynamoDB table. Which AWS-managed service is the BEST fit to insert the item?
- A.
Lambda@Edge
- B.
AWS Lambda
- C.
Amazon API Gateway
- D.
Amazon EC2 instances
Correct Answer
A. Lambda@Edge -
- 35.
An application relies on messages being sent and received in order. The volume will never exceed more than 300 transactions each second. Which service should be used?
- A.
Amazon SQS
- B.
Amazon SNS
- C.
Amazon ECS
- D.
AWS STS
Correct Answer
A. Amazon SQS -
- 36.
A Solutions Architect is designing an application on AWS that uses persistent block storage. Data must be encrypted at rest. Which solution meets the requirement?
- A.
Enable SSL on Amazon EC2 instances.
- B.
Encrypt Amazon EBS volumes on Amazon EC2 instances.
- C.
Enable server-side encryption on Amazon S3.
- D.
Encrypt Amazon EC2 Instance Storage.
Correct Answer
B. Encrypt Amazon EBS volumes on Amazon EC2 instances. -
- 37.
A company is launching a static website using the zone apex (mycompany.com). The company wants to use Amazon Route 53 for DNS. Which steps should the company perform to implement a scalable and cost-effective solution? (Choose two.)
- A.
Host the website on an Amazon EC2 instance with ELB and Auto Scaling, and map a Route 53 alias record to the ELB endpoint.
- B.
Host the website using AWS Elastic Beanstalk, and map a Route 53 alias record to the Beanstalk stack.
- C.
Host the website on an Amazon EC2 instance, and map a Route 53 alias record to the public IP address of the Amazon EC2 instance.
- D.
Serve the website from an Amazon S3 bucket, and map a Route 53 alias record to the website endpoint.
- E.
Create a Route 53 hosted zone, and set the NS records of the domain to use Route 53 name servers.
Correct Answer(s)
C. Host the website on an Amazon EC2 instance, and map a Route 53 alias record to the public IP address of the Amazon EC2 instance.
D. Serve the website from an Amazon S3 bucket, and map a Route 53 alias record to the website endpoint. -
- 38.
A manufacturing company captures data from machines running at customer sites. Currently, thousands of machines send data every 5 minutes, and this is expected to grow to hundreds of thousands of machines in the near future. The data is logged with the intent to be analyzed in the future as needed. What is the SIMPLEST method to store this streaming data at scale?
- A.
Create an Amazon Kinesis Firehouse delivery stream to store the data in Amazon S3.
- B.
Create an Auto Scaling group of Amazon EC2 servers behind ELBs to write the data into Amazon RDS.
- C.
Create an Amazon SQS queue, and have the machines write to the queue.
- D.
Create an Amazon EC2 server farm behind an ELB to store the data in Amazon EBS Cold HDD volumes.
Correct Answer
A. Create an Amazon Kinesis Firehouse delivery stream to store the data in Amazon S3. -
- 39.
A bank is writing new software that is heavily dependent upon the database transactions for write consistency. The application will also occasionally generate reports on data in the database, and will do joins across multiple tables. The database must automatically scale as the amount of data grows. Which AWS service should be used to run the database?
- A.
Amazon S3
- B.
Amazon Aurora
- C.
Amazon DynamoDB
- D.
Amazon Redshift
Correct Answer
B. Amazon Aurora -
- 40.
A Solutions Architect is designing a new application that needs to access data in a different AWS account located within the same region. The data must not be accessed over the Internet. Which solution will meet these requirements with the LOWEST cost?
- A.
Add rules to the security groups in each account.
- B.
Establish a VPC Peering connection between accounts.
- C.
Configure Direct Connect in each account.
- D.
Add a NAT Gateway to the data account.
Correct Answer
B. Establish a VPC Peering connection between accounts. -
- 41.
A Solutions Architect is designing a mobile application that will capture receipt images to track expenses. The Architect wants to store the images on Amazon S3. However, uploading images through the web server will create too much traffic. What is the MOST efficient method to store images from a mobile application on Amazon S3?
- A.
Upload directly to S3 using a pre-signed URL.
- B.
Upload to a second bucket, and have a Lambda event copy the image to the primary bucket.
- C.
Upload to a separate Auto Scaling group of servers behind an ELB Classic Load Balancer, and have them write to the Amazon S3 bucket.
- D.
Expand the web server fleet with Spot Instances to provide the resources to handle the images.
Correct Answer
A. Upload directly to S3 using a pre-signed URL. -
- 42.
A company requires that the source, destination, and protocol of all IP packets be recorded when traversing a private subnet. What is the MOST secure and reliable method of accomplishing this goal.
- A.
Create VPC flow logs on the subnet.
- B.
Enable source destination check on private Amazon EC2 instances.
- C.
Enable AWS CloudTrail logging and specify an Amazon S3 bucket for storing log files.
- D.
Create an Amazon CloudWatch log to capture packet information.
Correct Answer
A. Create VPC flow logs on the subnet. -
- 43.
A Solutions Architect has a multi-layer application running in Amazon VPC. The application has an ELB Classic Load Balancer as the front end in a public subnet, and an Amazon EC2-based reverse proxy that performs content-based routing to two backend Amazon EC2 instances hosted in a private subnet. The Architect sees tremendous traffic growth and is concerned that the reverse proxy and current backend set up will be insufficient. Which actions should the Architect take to achieve a cost-effective solution that ensures the application automatically scales to meet traffic demand? (Select two.)
- A.
Replace the Amazon EC2 reverse proxy with an ELB internal Classic Load Balancer.
- B.
Add Auto Scaling to the Amazon EC2 backend fleet.
- C.
Add Auto Scaling to the Amazon EC2 reverse proxy layer.
- D.
Use t2 burstable instance types for the backend fleet.
- E.
Replace both the frontend and reverse proxy layers with an ELB Application Load Balancer.
Correct Answer(s)
A. Replace the Amazon EC2 reverse proxy with an ELB internal Classic Load Balancer.
B. Add Auto Scaling to the Amazon EC2 backend fleet. -
- 44.
A company is launching a marketing campaign on their website tomorrow and expects a significant increase in traffic. The website is designed as a multi-tiered web architecture, and the increase in traffic could potentially overwhelm the current design. What should a Solutions Architect do to minimize the effects from a potential failure in one or more of the tiers?
- A.
Migrate the database to Amazon RDS.
- B.
Set up DNS failover to a statistic website.
- C.
Use Auto Scaling to keep up with the demand.
- D.
Use both a SQL and a NoSQL database in the design.
Correct Answer
C. Use Auto Scaling to keep up with the demand. -
- 45.
A web application experiences high compute costs due to serving a high amount of static web content. How should the web server architecture be designed to be the MOST cost-efficient?
- A.
Create an Auto Scaling group to scale out based on average CPU usage.
- B.
Create an Amazon CloudFront distribution to pull static content from an Amazon S3 bucket.
- C.
Leverage Reserved Instances to add additional capacity at a significantly lower price.
- D.
Create a multi-region deployment using an Amazon Route 53 geolocation routing policy.
Correct Answer
B. Create an Amazon CloudFront distribution to pull static content from an Amazon S3 bucket. -
- 46.
A Solutions Architect plans to migrate NAT instances to NAT gateway. The Architect has NAT instances with scripts to manage high availability. What is the MOST efficient method to achieve similar high availability with NAT gateway?
- A.
Remove source/destination check on NAT instances.
- B.
Launch a NAT gateway in each Availability Zone.
- C.
Use a mix of NAT instances and NAT gateway.
- D.
Add an ELB Application Load Balancer in front of NAT gateway.
Correct Answer
B. Launch a NAT gateway in each Availability Zone. -
- 47.
A Solutions Architect is designing a solution to store a large quantity of event data in Amazon S3. The Architect anticipates that the workload will consistently exceed 100 requests each second. What should the Architect do in Amazon S3 to optimize performance?
- A.
Randomize a key name prefix.
- B.
Store the event data in separate buckets.
- C.
Randomize the key name suffix.
- D.
Use Amazon S3 Transfer Acceleration.
Correct Answer
A. Randomize a key name prefix. -
- 48.
A user is testing a new service that receives location updates from 3,600 rental cars every hour. Which service will collect data and automatically scale to accommodate production workload?
- A.
Amazon EC2
- B.
Amazon Kinesis Firehose
- C.
Amazon EBS
- D.
Amazon API Gateway
Correct Answer
D. Amazon API Gateway -
- 49.
A Solutions Architect is designing a web application. The web and application tiers need to access the Internet, but they cannot be accessed from the Internet. Which of the following steps is required?
- A.
Attach an Elastic IP address to each Amazon EC2 instance and add a route from the private subnet to the public subnet.
- B.
Launch a NAT gateway in the public subnet and add a route to it from the private subnet.
- C.
Launch Amazon EC2 instances in the public subnet and change the security group to allow outbound traffic on port 80.
- D.
Launch a NAT gateway in the private subnet and deploy a NAT instance in the private subnet.
Correct Answer
B. Launch a NAT gateway in the public subnet and add a route to it from the private subnet. -
- 50.
An application stack includes an Elastic Load Balancer in a public subnet, a fleet of Amazon EC2 instances in an Auto Scaling group, and an Amazon RDS MySQL cluster. Users connect to the application from the Internet. The application servers and database must be secure. How should a Solutions Architect perform this task?
- A.
Create a private subnet for the Amazon EC2 instances and a public subnet for the Amazon RDS cluster.
- B.
Create a private subnet for the Amazon EC2 instances and a private subnet for the Amazon RDS cluster.
- C.
Create a public subnet for the Amazon EC2 instances and a private subnet for the Amazon RDS cluster.
- D.
Create a public subnet for the Amazon EC2 instances and a public subnet for the Amazon RDS cluster.
Correct Answer
B. Create a private subnet for the Amazon EC2 instances and a private subnet for the Amazon RDS cluster. -
Quiz Review Timeline +
Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.
-
Current Version
-
Feb 26, 2020Quiz Edited by
ProProfs Editorial Team -
Feb 24, 2020Quiz Created by
Jordbluenose
Back to top