AWS Weird Ones

1. A Solutions Architect needs to design an architecture for a new, mission-critical batch processing billing application. The application is required to run Monday, Wednesday, and Friday from 5 AM to 11 AM. Which is the MOST cost-effective Amazon EC2 pricing model?

Amazon EC2 Spot Instances

On-Demand Amazon EC2 Instances

Scheduled Reserved Instances

Dedicated Amazon EC2 Instances

2. An AWS workload in a VPC is running a legacy database on an Amazon EC2 instance. Data is stored on a 200GB Amazon EBS (gp2) volume. At peak load times, logs show excessive wait time. What solution should be implemented to improve database performance using persistent storage?

Migrate the data on the Amazon EBS volume to an SSD-backed volume.

Change the EC2 instance type to one with EC2 instance store volumes.

Migrate the data on the EBS volume to provisioned IOPS SSD (io1).

Change the EC2 instance type to one with burstable performance.

3. An application stack includes an Elastic Load Balancer in a public subnet, a fleet of Amazon EC2 instances in an Auto Scaling group, and an Amazon RDS MySQL cluster. Users connect to the application from the Internet. The application servers and database must be secure. How should a Solutions Architect perform this task?

Create a private subnet for the Amazon EC2 instances and a public subnet for the Amazon RDS cluster.

Create a private subnet for the Amazon EC2 instances and a private subnet for the Amazon RDS cluster.

Create a public subnet for the Amazon EC2 instances and a private subnet for the Amazon RDS cluster.

Create a public subnet for the Amazon EC2 instances and a public subnet for the Amazon RDS cluster.

4. A Solutions Architect needs to build a resilient data warehouse using Amazon Redshift. The Architect needs to rebuild the Redshift cluster in another region. Which approach can the Architect take to address this requirement?

Modify the Redshift cluster and configure cross-region snapshots to the other region.

Modify the Redshift cluster and configure the backup and specify the Amazon S3 bucket in the other region.

Modify the Redshift cluster to use AWS Snowball in export mode with data delivered to the other region.

5. A company plans to use AWS for all new batch processing workloads. The company's developers use Docker containers for the new batch processing. The system design must accommodate critical and non-critical batch processing workloads 24/7. How should a Solutions Architect design this architecture in a cost-efficient manner?

Purchase Reserved Instances to run all containers. Use Auto Scaling groups to schedule jobs.

Host a container management service on Spot Instances. Use Reserved Instances to run Docker containers.

Use Amazon ECS orchestration and Auto Scaling groups: one with Reserve Instances, one with Spot Instances.

Use Amazon ECS to manage container orchestration. Purchase Reserved Instances to run all batch workloads at the same time.

6. A Solutions Architect is developing software on AWS that requires access to multiple AWS services, including an Amazon EC2 instance. This is a security sensitive application, and AWS credentials such as Access Key ID and Secret Access Key need to be protected and cannot be exposed anywhere in the system. What security measure would satisfy these requirements?

Store the AWS Access Key ID/Secret Access Key combination in software comments

Assign an IAM user to the Amazon EC2 instance.

Assign an IAM role to the Amazon EC2 instance.

Enable multi-factor authentication for the AWS root account.

7. A company wants to migrate a highly transactional database to AWS. Requirements state that the database has more than 6 TB of data and will grow exponentially. Which solution should a Solutions Architect recommend?

Amazon Aurora

Amazon Redshift

Amazon DynamoDB

Amazon RDS MySQL

8. A Solutions Architect needs to deploy a node.js-based web application that is highly available and scales automatically. The Marketing team needs to roll back on application releases quickly, and they need to have an operational dashboard. The Marketing team does not want to manage deployment of OS patches to the Linux servers. Use of which AWS service will satisfy these requirements?

Amazon EC2

Amazon API Gateway

AWS Elastic Beanstalk

Amazon EC2 Container Service

9. A web application stores all data in an Amazon RDS Aurora database instance. A Solutions Architect wants to provide access to the data for a detailed report for the Marketing team, but is concerned that the additional load on the database will affect the performance of the web application. How can the report be created without affecting the performance of the application?

Create a read replica of the database.

Provision a new RDS instance as a secondary master.

Configure the database to be in multiple regions.

Increase the number of provisioned storage IOPS.

10. A manufacturing company captures data from machines running at customer sites. Currently, thousands of machines send data every 5 minutes, and this is expected to grow to hundreds of thousands of machines in the near future. The data is logged with the intent to be analyzed in the future as needed. What is the SIMPLEST method to store this streaming data at scale?

Create an Amazon Kinesis Firehouse delivery stream to store the data in Amazon S3.

Create an Auto Scaling group of Amazon EC2 servers behind ELBs to write the data into Amazon RDS.

Create an Amazon SQS queue, and have the machines write to the queue.

Create an Amazon EC2 server farm behind an ELB to store the data in Amazon EBS Cold HDD volumes.

11. A company hosts a popular web application. The web application connects to a database running in a private VPC subnet. The web servers must be accessible only to customers on an SSL connection. The RDS MySQL database server must be accessible only from the web servers. How should the Architect design a solution to meet the requirements without impacting running applications?

12. A call center application consists of a three-tier application using Auto Scaling groups to automatically scale resources as needed. Users report that every morning at 9:00 AM the system becomes very slow for about 15 minutes. A Solution Architect determines that a large percentage of the call center staff starts work at 9:00 AM, so Auto Scaling does not have enough time to scale out to meet demand. How can the Architect fix the problem?

Change the Auto Scaling groups scale out event to scale based on network utilization.

Create an Auto Scaling scheduled action to scale out the necessary resources at 8:30 AM every morning.

Use Reserved Instances to ensure the system has reserved the right amount of capacity for the scale-up events.

13. An application is running on Amazon EC2 instances behind an Application Load Balancer. The instances run in an Auto Scaling group across multiple Availability Zones. Four instances are required to handle a predictable traffic load. The Solutions Architect wants to ensure that the operation is fault-tolerant up to the loss of one Availability Zone. Which is the MOST cost-efficient way to meet these requirements?

Deploy two instances in each of three Availability Zones.

Deploy two instances in each of two Availability Zones.

Deploy four instances in each of two Availability Zones.

Deploy one instance in each of three Availability Zones.

14. A Solutions Architect is designing a mobile application that will capture receipt images to track expenses. The Architect wants to store the images on Amazon S3. However, uploading images through the web server will create too much traffic. What is the MOST efficient method to store images from a mobile application on Amazon S3?

Upload directly to S3 using a pre-signed URL.

Upload to a second bucket, and have a Lambda event copy the image to the primary bucket.

Expand the web server fleet with Spot Instances to provide the resources to handle the images.

15. A Solutions Architect is designing the storage layer for a production relational database. The database will run on Amazon EC2. The database is accessed by an application that performs intensive reads and writes, so the database requires the LOWEST random I/O latency. Which data storage method fulfills the above requirements?

Store data in a filesystem backed by Amazon Elastic File System (EFS).

Store data in Amazon Dynamo DB and emulate relational database semantics.

Stripe data across multiple Amazon EBS volumes using RAID 0

16. A company is launching an application that it expects to be very popular. The company needs a database that can scale with the rest of the application. The schema will change frequently. The application cannot afford any downtime for database changes. Which AWS service allows the company to achieve these objectives?

Amazon Redshift

Amazon DynamoDB

Amazon RDS MySQL

Amazon Aurora

17. A Solution Architect has a two-tier application with a single Amazon EC2 instance web server and Amazon RDS MySQL Multi-AZ DB instances. The Architect is re-architecting the application for high availability by adding instances in a second Availability Zone. Which additional services will improve the availability of the application? (Choose two.)

Auto Scaling group

AWS CloudTrail

ELB Classic Load Balancer

Amazon DynamoDB

Amazon ElastiCache

Submit

18. A Solutions Architect is designing a solution to store a large quantity of event data in Amazon S3. The Architect anticipates that the workload will consistently exceed 100 requests each second. What should the Architect do in Amazon S3 to optimize performance?

Randomize a key name prefix.

Store the event data in separate buckets.

Randomize the key name suffix.

Use Amazon S3 Transfer Acceleration.

19. A company wants to improve the performance of their web application after receiving customer complaints. An analysis concluded that the same complex database queries were causing increased latency. What should a Solutions Architect recommend to improve the applicationâ€™s performance?

Migrate the database to MySQL.

Use Amazon RedShift to analyze the queries.

Integrate Amazon ElastiCache into the application.

Use a Lambda-triggered request to the backend database.

20. A company hosts a website on premises. The website has a mix of static and dynamic content, but users experience latency when loading static files. Which AWS service can help reduce latency?

Amazon CloudFront with on-premises servers as the origin

ELB Application Load Balancer

Amazon Route 53 latency-based routing

Amazon EFS to store and server static files

21. A company wants to analyze all of its sales information aggregated over the last 12 months. The company expects there to be over 10TB of data from multiple sources. What service should be used?

Amazon DynamoDB

Amazon Aurora MySQL

Amazon RDS MySQL

Amazon Redshift

22. A company has an Amazon RDS database backing its production website. The Sales team needs to run queries against the database to track training program effectiveness. Queries against the production database cannot impact performance, and the solution must be easy to maintain. How can these requirements be met?

Use an Amazon Redshift database. Copy the product database into Redshift and allow the team to query it.

Use an Amazon RDS read replica of the production database and allow the team to query against it.

Use multiple Amazon EC2 instances running replicas of the production database, placed behind a load balancer.

Use an Amazon DynamoDB table to store a copy of the data.

23. A restaurant reservation application needs the ability to maintain a waiting list. When a customer tries to reserve a table, and none are available, the customer must be put on the waiting list, and the application must notify the customer when a table becomes free. What service should the Solutions Architect recommend to ensure that the system respects the order in which the customer requests are put onto the waiting list?

Amazon SNS

AWS Lambda with sequential dispatch

A FIFO queue in Amazon SQS

A standard queue in Amazon SQS

24. A Solutions Architect is designing a VPC. Instances in a private subnet must be able to establish IPv6 traffic to the Internet. The design must scale automatically and not incur any additional cost. This can be accomplished with:

An egress-only internet gateway

A NAT gateway

A custom NAT instance

A VPC endpoint

25. Two Auto Scaling applications, Application A and Application B, currently run within a shared set of subnets. A Solutions Architect wants to make sure that Application A can make requests to Application B, but Application B should be denied from making requests to Application A. Which is the SIMPLEST solution to achieve this policy?

Using security groups that reference the security groups of the other application

Using security groups that reference the application servers IP addresses

Using Network Access Control Lists to allow/deny traffic based on application IP addresses

Migrating the applications to separate subnets from each other

26. A Solutions Architect is designing a stateful web application that will run for one year (24/7) and then be decommissioned. Load on this platform will be constant, using a number of r4.8xlarge instances. Key drivers for this system include high availability, but elasticity is not required. What is the MOST cost-effective way to purchase compute for this platform?

Scheduled Reserved Instances

Convertible Reserved Instances

Standard Reserved Instances

Spot Instances

27. An interactive, dynamic website runs on Amazon EC2 instances in a single subnet behind an ELB Classic Load Balancer. Which design changes will make the site more highly available?

Move some Amazon EC2 instances to a subnet in a different AZ"

Move the website to Amazon S3.

Change the ELB to an Application Load Balancer.

Move some Amazon EC2 instances to a subnet in the same Availability Zone.

28. A Solutions Architect is designing a solution that can monitor memory and disk space utilization of all Amazon EC2 instances running Amazon Linux and Windows. Which solution meets this requirement?

Default Amazon CloudWatch metrics.

Custom Amazon CloudWatch metrics.

Amazon Inspector resource monitoring.

Default monitoring of Amazon EC2 instances.

29. A Solutions Architect is designing an Amazon VPC. Applications in the VPC must have private connectivity to Amazon DynamoDB in the same AWS Region. The design should route DynamoDB traffic through:

VPC peering connection.

NAT gateway

VPC endpoint

AWS Direct Connect

30. A company must collect temperature data from thousands of remote weather devices. The company must also store this data in a data warehouse to run aggregations and visualizations. Which services will meet these requirements? (Choose two.)

Amazon Kinesis Data Firehouse

Amazon SQS

Amazon Redshift

Amazon SNS

Amazon DynamoDB

Submit

31. An organization has a long-running image processing application that runs on Spot Instances that will be terminated when interrupted. A highly available workload must be designed to respond to Spot Instance interruption notices. The solution must include a two-minute warning when there is not enough capacity. How can these requirements be met?

Use Amazon CloudWatch Events to invoke an AWS Lambda function that can launch On-Demand Instances.

Manually place a bid for additional Spot Instances at a higher price in the same AWS Region and Availability Zone.

Ensure that the Amazon Machine Image associated with the application has the latest configurations for the launch configuration.

32. A Solution Architect is designing a three-tier web application. The Architect wants to restrict access to the database tier to accept traffic from the application servers only. However, these application servers are in an Auto Scaling group and may vary in quantity. How should the Architect configure the database servers to meet the requirements?

Configure the database security group to allow database traffic from the application server IP addresses.

Configure the database security group to allow database traffic from the application server security group.

Configure the database subnet network ACL to deny all inbound non-database traffic from the application-tier subnet.

Configure the database subnet network ACL to allow inbound database traffic from the application-tier subnet.

33. An application hosted on AWS uses object storage for storing internal reports that are accessed daily by the CFO. Currently, these reports are publicly available. How should a Solutions Architect re-design this architecture to prevent unauthorized access to these reports?

Move the files to Amazon ElastiCache and provide a username and password for downloading the reports.

Specify the use of AWS KMS server-side encryption at the time of an object creation on Amazon S3.

Store the files on Amazon S3 and use the application to generate S3 pre-signed URLs to users.

34. An on-premises database is experiencing significant performance problems when running SQL queries. With 10 users, the lookups are performing as expected. As the number of users increases, the lookups take three times longer than expected to return values to an application. Which action should a Solutions Architect take to maintain performance as the user count increases?

Use Amazon SQS.

Deploy Multi-AZ RDS MySQL

Configure Amazon RDS with additional read replicas.

Migrate from MySQL to RDS Microsoft SQL Server.

35. An application runs on Amazon EC2 instances in an Auto Scaling group. When instances are terminated, the Systems Operations team cannot determine the route cause, because the logs reside on the terminated instances and are lost. How can the root cause be determined?

Use ephemeral volumes to store the log files.

Use a scheduled Amazon CloudWatch Event to take regular Amazon EBS snapshots.

Use an Amazon CloudWatch agent to push the logs to Amazon CloudWatch Logs.

Use AWS CloudTrail to pull the logs from the Amazon EC2 instances.

36. Which one do you like?

Option 1

Option 2

Option 3

Option 4

37. An application stack includes an Elastic Load Balancer in a public subnet, a fleet of Amazon EC2 instances in an Auto Scaling group, and an Amazon RDS MySQL cluster. Users connect to the application from the Internet. The application servers and database must be secure. How should a Solutions Architect perform this task?

Create a private subnet for the Amazon EC2 instances and a public subnet for the Amazon RDS cluster.

Create a private subnet for the Amazon EC2 instances and a private subnet for the Amazon RDS cluster.

Create a public subnet for the Amazon EC2 instances and a private subnet for the Amazon RDS cluster.

Create a public subnet for the Amazon EC2 instances and a public subnet for the Amazon RDS cluster.

38. A customer owns a MySQL database that is accessed by various clients who expect, at most, 100 ms latency on requests. Once a record is stored in the database, it rarely changed. Clients only access one record at a time. Database access has been increasing exponentially due to increased client demand. The resultant load will soon exceed the capacity of the most expensive hardware available for purchase. The customer wants to migrate to AWS, and is willing to change database systems. Which service would alleviate the database load issue and offer virtually unlimited scalability for the future?

Amazon RDS

Amazon DynamoDB

Amazon Redshift

AWS Data Pipeline

39. An organization designs a mobile application for their customers to upload photos to a site. The application needs a secure login with MFA. The organization wants to limit the initial build time and maintenance of the solution. Which solution should a Solutions Architect recommend to meet the requirements?

Use Amazon Cognito Identity with SMS-based MFA.

Edit AWS IAM policies to require MFA for all users.

Federate IAM against corporate AD that requires MFA.

Use Amazon API Gateway and require SSE for photos.

40. A media company has deployed a multi-tier architecture on AWS. Web servers are deployed in two Availability Zones using an Auto Scaling group with a default Auto Scaling termination policy. The web servers Auto Scaling group currently has 15 instances running. Which instance will be terminated first during a scale-in operation?

The instance with the oldest launch configuration.

The instance in the Availability Zone that has most instances.

The instance closest to the next billing hour.

The oldest instance in the group.

41. A Solutions Architect is designing a web application that is running on an Amazon EC2 instance. The application stores data in DynamoDB. The Architect needs to secure access to the DynamoDB table. What combination of steps does AWS recommend to achieve secure authorization? (Select two.)

Store an access key on the Amazon EC2 instance with rights to the Dynamo DB table.

Attach an IAM user to the Amazon EC2 instance.

Create an IAM role with permissions to write to the DynamoDB table.

Attach an IAM role to the Amazon EC2 instance.

Attach an IAM policy to the Amazon EC2 instance.

Submit

42. A Solutions Architect is deploying a new production MySQL database on AWS. It is critical that the database is highly available. What should the Architect do to achieve this goal with Amazon RDS?

Create a read replica of the primary database and deploy it in a different AWS Region.

Enable multi-AZ to create a standby database in a different Availability Zone.

Enable multi-AZ to create a standby database in a different AWS Region.

Create a read replica of the primary database and deploy it in a different Availability Zone.

43. A company runs a legacy application with a single-tier architecture on an Amazon EC2 instance. Disk I/O is low, with occasional small spikes during business hours. The company requires the instance to be stopped from 8 PM to 8 AM daily. Which storage option is MOST appropriate for this workload?

Amazon EC2 instance storage

Amazon EBS General Purpose SSD (gp2) storage

Amazon S3

Amazon EBS Provision IOPS SSD (io1) storage

44. A customer has written an application that uses Amazon S3 exclusively as a data store. The application works well until the customer increases the rate at which the application is updating information. The customer now reports that outdated data occasionally appears when the application accesses objects in Amazon S3. What could be the problem, given that the application logic is otherwise correct?

The application is reading parts of objects from Amazon S3 using a range header.

The application is reading objects from Amazon S3 using parallel object requests.

The application is updating records by writing new objects with unique keys.

The application is updating records by overwriting existing objects with the same keys.

45. A Solutions Architect is developing a new web application on AWS. The Architect expects the application to become very popular, so the application must scale to support the load. The Architect wants to focus on software development and deploying new features without provisioning or managing instances. What solution is appropriate?

Amazon API Gateway and AWS Lambda

Elastic Load Balancing with Auto Scaling groups and Amazon EC2

Amazon API Gateway and Amazon EC2

Amazon CloudFront and AWS Lambda

46. An application is running on an Amazon EC2 instance in a private subnet. The application needs to read and write data onto Amazon Kinesis Data Streams, and corporate policy requires that this traffic should not go to the internet. How can these requirements be met?

Configure a NAT gateway in a public subnet and route all traffic to Amazon Kinesis through the NAT gateway.

Configure a gateway VPC endpoint for Kinesis and route all traffic to Kinesis through the gateway VPC endpoint.

Configure an interface VPC endpoint for Kinesis and route all traffic to Kinesis through the gateway VPC endpoint.

Configure an AWS Direct Connect private virtual interface for Kinesis and route all traffic to Kinesis through the virtual interface.

47. Which requirements must be met in order for a Solutions Architect to specify that an Amazon EC2 instance should stop rather than terminate when its Spot Instance is interrupted? (Choose two.)

The Spot Instance request type must be one-time.

The Spot Instance request type must be persistent.

The root volume must be an Amazon EBS volume.

The root volume must be an instance store volume.

The launch configuration is changed.

Submit

48. A legacy application needs to interact with local storage using iSCSI. A team needs to design a reliable storage solution to provision all new storage on AWS. Which storage solution meets the legacy application requirements?

AWS Snowball storage for the legacy application until the application can be re-architected.

AWS Storage Gateway in cached mode for the legacy application storage to write data to Amazon S3.

AWS Storage Gateway in stored mode for the legacy application storage to write data to Amazon S3.

An Amazon S3 volume mounted on the legacy application server locally using the File Gateway service

49. A company has a Node.js application running on Amazon EC2 that currently retrieves data for customers from a DynamoDB table. The company is seeing many repeat queries for the same items, and the number of queries is continuing to increase as the application gains popularity. What solution will reduce the number of read capacity units (RCUs) required while minimizing the amount of refactoring that must be done to the application?

Use Amazon ElastiCache to provide a caching layer

Use Amazon DynamoDB Accelerator (DAX) to provide a caching layer

Obtain Reserved Capacity for Amazon DynamoDB to manage the increased number of queries

50. A Solutions Architect needs to design a centralized logging solution for a group of web applications running on Amazon EC2 instances. The solution requires minimal development effort due to budget constraints. Which of the following should the Architect recommend?

Create a crontab job script in each instance to push the logs regularly to Amazon S3.

Install and configure Amazon CloudWatch Logs agent in the Amazon EC2 instances.

Enable Amazon CloudWatch Events in the AWS Management Console.

Enable AWS CloudTrail to map all API calls invoked by the applications.

51. An application runs on EC2 instances behind an Elastic Load Balancing Application Load Balancer. The instances run in an EC2 Auto Scaling group across multiple Availability Zones. The application provides a RESTful interface with both synchronous and asynchronous operations. The asynchronous operations require up to 5 minutes to complete. Although the application must remain available at all times, after business hours, the traffic going to the application is greatly reduced and often results in the Auto Scaling group running the minimum number of On-Demand Instances. What should the Solutions Architect recommend to optimize the cost of the environment after business hours?

Replace all On-Demand Instances with Spot Instances in the Auto Scaling group.

Purchase Reserved Instances for the minimum number of Auto Scaling instances.

Reduce the number of minimum instances to 0. New requests to the Application Load Balancer create new instances.

52. A company wants to migrate a three-tier web application to AWS. The company wants to control the placement of the instances and have visibility into underlying sockets and cores for licensing purposes. Which compute model should a Solutions Architect choose to accomplish this task?

EC2 Reserved Instances

EC2 Spot Instances

EC2 Dedicated Hosts

EC2 Placement Groups

53. A company's development team plans to create an Amazon S3 bucket that contains millions of images. The team wants to maximize the read performance of Amazon S3. Which naming scheme should the company use?

Add a date as the prefix.

Add a sequential id as the suffix.

Add a hexadecimal hash as the suffix.

Add a hexadecimal hash as the prefix.

54. A Solutions Architect must select the storage type for a big data application that requires very high sequential I/O. The data must persist if the instance is stopped. Which of the following storage types will provide the best fit at the LOWEST cost for the application?

An Amazon EC2 instance store local SSD volume.

An Amazon EBS provisioned IOPS SSD volume.

An Amazon EBS throughput optimized HDD volume

An Amazon EBS general purpose SSD volume.

55. A Solutions Architect is designing the architecture for a new three-tier web-based e-commerce site that must be available 24/7. Requests are expected to range from 100 to 10,000 each minute. Usage can vary depending on time of day, holidays, and promotions. The design should be able to handle these volumes, with the ability to handle higher volumes if necessary. How should the Architect design the architecture to ensure the web tier is cost-optimized and can handle the expected traffic? (Select two.)

Launch Amazon EC2 instances in an Auto Scaling group behind an ELB.

Store all static files in a multi-AZ Amazon Aurora database.

Create an CloudFront distribution pointing to static content in Amazon S3.

Use Amazon Route 53 to route traffic to the correct region.

Use Amazon S3 multi-part uploads to improve upload times.

Submit

56. A customer is looking for a storage archival solution for 1,000 TB of data. The customer requires that the solution be durable and data be available within a few hours of requesting it, but not exceeding a day. The solution should be as cost-effective as possible. To meet security compliance policies, data must be encrypted at rest. The customer expects they will need to fetch the data two times in a year. Which storage solution should a Solutions Architect recommend to meet these requirements?

Copy data to Amazon S3 buckets by using server-side encryption. Move data to Amazon S3 to reduce redundancy storage (RRS).

Copy data to encrypted Amazon EBS volumes, then store data into Amazon S3.

Copy each object into a separate Amazon Glacier vault, and let Amazon Glacier take care of encryption.

57. Which one do you like?

Option 1

Option 2

Option 3

Option 4

58. A media company has more than 100TB of data to be stored and retrieved infrequently. However, the company occasionally receives requests for data within an hour. The company needs a low-cost retrieval method to handle the requests. Which service meets this requirement?

Amazon S3 Standard

Amazon Glacier standard retrievals

Amazon Glacier bulk retrievals

Amazon S3 Standard Infrequent Access

59. An Administrator is hosting an application on a single Amazon EC2 instance, which users can access by the public hostname. The administrator is adding a second instance, but does not want users to have to decide between many public hostnames. Which AWS service will decouple the users from specific Amazon EC2 instances?

Amazon SQS

Auto Scaling group

Amazon EC2 security group

Amazon ELB

60. A Solutions Architect is designing a Lambda function that calls an API to list all running Amazon RDS instances. How should the request be authorized?

Create an IAM access and secret key, and store it in the Lambda function.

Create an IAM role to the Lambda function with permissions to list all Amazon RDS instances.

Create an IAM role to Amazon RDS with permissions to list all Amazon RDS instances.

Create an IAM access and secret key, and store it in an encrypted RDS database.

61. Which one do you like?

Option 1

Option 2

Option 3

Option 4

62. An AWS Lambda function requires access to an Amazon RDS for SQL Server instance. It is against company policy to store passwords in Lambda functions. How can a Solutions Architect enable the Lambda function to retrieve the database password without violating company policy?

Add an IAM policy for IAM database access to the Lambda execution role.

Store a one-way hash of the password in the Lambda function.

Have the Lambda function use the AWS Systems Manager Parameter Store.

Connect to the Amazon RDS for SQL Server instance by using a role assigned to the Lambda function.

63. An e-commerce application is hosted in AWS. The last time a new product was launched, the application experienced a performance issue due to an enormous spike in traffic. Management decided that capacity must be doubled the week after the product is launched. Which is the MOST efficient way for management to ensure that capacity requirements are met?

Add a Step Scaling policy.

Add a Dynamic Scaling policy.

Add a Scheduled Scaling action.

Add Amazon EC2 Spot Instances.

64. A company is using an Amazon S3 bucket located in us-west-2 to serve videos to their customers. Their customers are located all around the world and the videos are requested a lot during peak hours. Customers in Europe complain about experiencing slow downloaded speeds, and during peak hours, customers in all locations report experiencing HTTP 500 errors. What can a Solutions Architect do to address these issues?

Place an elastic load balancer in front of the Amazon S3 bucket to distribute the load during peak hours.

Cache the web content with Amazon CloudFront and use all Edge locations for content delivery

65. A Solutions Architect is architecting a workload that requires a performant object-based storage system that must be shared with multiple Amazon EC2 instances. Which AWS service meets this requirement?

Amazon EFS

Amazon S3

Amazon EBS

Amazon ElastiCache

66. As part of a migration strategy, a Solutions Architect needs to analyze workloads that can be optimized for performance and cost. The Solutions Architect has identified a stateless application that serves static content as a potential candidate to move to the cloud. The Solutions Architect has the flexibility to choose an identity solution between Facebook, Twitter, and Amazon. Which AWS solution offers flexibility and ease of use, and the LEAST operational overhead for this migration?

67. A company has an Amazon RDS-managed online transaction processing system that has very heavy read and write. The Solutions Architect notices throughput issues with the system. How can the responsiveness of the primary database be improved?

Use asynchronous replication for standby to maximize throughput during peak demand.

Offload SELECT queries that can tolerate stale data to READ replica.

Offload SELECT and UPDATE queries to READ replica.

Offload SELECT query that needs the most current data to READ replica.

68. A popular e-commerce application runs on AWS. The application encounters performance issues. The database is unable to handle the amount of queries and load during peak times. The database is running on the RDS Aurora engine on the largest instance size available. What should an administrator do to improve performance?

Convert the database to Amazon Redshift.

Create a CloudFront distribution.

Convert the database to use EBS Provisioned IOPS.

Create one or more read replicas.

69. A company is launching a static website using the zone apex (mycompany.com). The company wants to use Amazon Route 53 for DNS. Which steps should the company perform to implement a scalable and cost-effective solution? (Choose two.)

Host the website using AWS Elastic Beanstalk, and map a Route 53 alias record to the Beanstalk stack.

Serve the website from an Amazon S3 bucket, and map a Route 53 alias record to the website endpoint.

Create a Route 53 hosted zone, and set the NS records of the domain to use Route 53 name servers.

Submit

70. A development team is building an application with front-end and backend application tiers. Each tier consists of Amazon EC2 instances behind an ELB Classic Load Balancer. The instances run in Auto Scaling groups across multiple Availability Zones. The network team has allocated the 10.0.0.0/24 address space for this application. Only the front-end load balancer should be exposed to the Internet. There are concerns about the limited size of the address space and the ability of each tier to scale. What should the VPC subnet design be in each Availability Zone?

One shared public subnet for all tiers of the application.

One public subnet for the load balancer tier and one shared private subnet for the application tiers.

One shared private subnet for all tiers of the application.

71. A Solutions Architect is designing a web application for document sharing. The users will upload documents that are then made available to other users. There will be tens of thousands of these documents. What is the MOST cost-effective storage solution?

Amazon EFS

Amazon S3

Amazon Glacier

Amazon EBS

72. A Solutions Architect is designing a highly-available website that is served by multiple web servers hosted outside of AWS. If an instance becomes unresponsive, the Architect needs to remove it from the rotation. What is the MOST efficient way to fulfill this requirement?

Use Amazon CloudWatch to monitor utilization.

Use Amazon API Gateway to monitor availability.

Use an Amazon Elastic Load Balancer.

Use Amazon Route 53 health checks.

73. A customer has a production application that frequently overwrites and deletes data, the application requires the most up-to-date version of the data every time it is requested. Which storage should a Solutions Architect recommend to bet accommodate this use case?

Amazon S3

Amazon RDS

Amazon RedShift

AWS Storage Gateway

74. A Solutions Architect is creating a new relational database. The Compliance team will use the database, and mandates that data content must be stored across three different Availability Zones. Which of the following options should the Architect Use?

Amazon Aurora

Amazon RDS MySQL with Multi-AZ enabled

Amazon DynamoDB

Amazon ElastiCache

75. A Solutions Architect has a multi-layer application running in Amazon VPC. The application has an ELB Classic Load Balancer as the front end in a public subnet, and an Amazon EC2-based reverse proxy that performs content-based routing to two backend Amazon EC2 instances hosted in a private subnet. The Architect sees tremendous traffic growth and is concerned that the reverse proxy and current backend set up will be insufficient. Which actions should the Architect take to achieve a cost-effective solution that ensures the application automatically scales to meet traffic demand? (Select two.)

Replace the Amazon EC2 reverse proxy with an ELB internal Classic Load Balancer.

Add Auto Scaling to the Amazon EC2 backend fleet.

Add Auto Scaling to the Amazon EC2 reverse proxy layer.

Use t2 burstable instance types for the backend fleet.

Replace both the frontend and reverse proxy layers with an ELB Application Load Balancer.

Submit

76. A Solutions Architect must migrate a monolithic on-premises application to AWS. It is a web application with a load balancer, web server, application server, and relational database. The key requirement driving the migration is that the application should perform better and be more elastic. Which of the following architectures would meet these requirements?

77. A Lambda function must execute a query against an Amazon RDS database in a private subnet. Which steps are required to allow the Lambda function to access the Amazon RDS database? (Select two.)

Create a VPC Endpoint for Amazon RDS.

Create the Lambda function within the Amazon RDS VPC.

Change the ingress rules of Lambda security group, allowing the Amazon RDS security group.

Change the ingress rules of the Amazon RDS security group, allowing the Lambda security group.

Add an Internet Gateway (IGW) to the VPC, route the private subnet to the IGW.

Submit

78. A Solutions Architect is asked to improve the fault tolerance of an existing Python application. The web application places 1-MB images is an S3 bucket. The application then uses a single t2.large instance to transform the image to include a watermark with the companys brand before writing the image back to the S3 bucket. What should the Solutions Architect recommend to increase the fault tolerance of the solution?

Convert the code to a Lambda function triggered by scheduled Amazon CloudWatch Events.

Increase the instance size to m4.xlarge and configure Enhanced Networking.

Convert the code to a Lambda function triggered by Amazon S3 events.

Create an Amazon SQS queue to send the images to the t2.large instance.

79. A Solutions Architect is designing a solution for a dynamic website, example.com, that is deployed in two regions: Tokyo, Japan and Sydney, Australia. The Architect wants to ensure that users located in Australia are directed to the website deployed in the Sydney region and users located in Japan are redirected to the website in the Tokyo region when they browse to example.com. Which service should the Architect use to achieve this goal with the LEAST administrative effort?

Amazon CloudFront with geolocation routing

Amazon Route 53

Application Load Balancer

Network Load Balancer deployed across multiple regions

80. A customer owns a simple API for their website that receives about 1,000 requests each day and has an average response time of 50 ms. It is currently hosted on one c4.large instance. Which changes to the architecture will provide high availability at the LOWEST cost?

Recreate the API using Amazon API Gateway and use AWS Lambda as the service backend.

Recreate the API using Amazon API Gateway and integrate the new API with the existing backend service.

81. A Solutions Architect is defining a shared Amazon S3 bucket where corporate applications will save objects. How can the Architect ensure that when an application uploads an object to the Amazon S3 bucket, the object is encrypted?

Set a CORS configuration.

Set a bucket policy to encrypt all Amazon S3 objects.

Enable default encryption on the bucket.

Set permission for users.

82. A company is rolling out a new web service, but is unsure how many customers the service will attract. However, the company is unwilling to accept any downtime. What could a Solutions Architect recommend to the company in order to keep track of customers current session data?

Amazon EC2

Amazon RDS

AWS CloudTrail

Amazon DynamoDB

83. A Solutions Architect needs to use AWS to implement pilot light disaster recovery for a three-tier web application hosted in an on-premises datacenter. Which solution allows rapid provision of working, fully-scaled production environment?

84. An application uses an Amazon RDS MySQL cluster for the database layer. Database growth requires periodic resizing of the instance. Currently, administrators check the available disk space manually once a week. How can this process be improved?

Use the largest instance type for the database.

Use AWS CloudTrail to monitor storage capacity.

Use Amazon CloudWatch to monitor storage capacity.

Use Auto Scaling to increase storage size.

85. A legacy application running in premises requires a Solutions Architect to be able to open a firewall to allow access to several Amazon S3 buckets. The Architect has a VPN connection to AWS in place. How should the Architect meet this requirement?

Create an IAM role that allows access from the corporate network to Amazon S3.

Configure a proxy on Amazon EC2 and use an Amazon S3 VPC endpoint.

Use Amazon API Gateway to do IP whitelisting

Configure IP whitelisting on the customerâ€™s gateway

86. A company wants to durably store data in 8 KB chunks. The company will access the data once every few months. However, when the company does access the data, it must be done with as little latency as possible. Which AWS service should a Solutions Architect recommend if cost is NOT a factor?

Amazon DynamoDB

Amazon EBS Throughput Optimized HDD Volumes

Amazon EBS Cold HDD Volumes

Amazon ElastiCache

87. An application currently stores objects in Amazon S3-Standard. The application accesses new objects frequently for one week. After one week, they are accessed occasionally for analysis batch jobs. A Solutions Architect has been asked to reduce storage costs for the application while allowing immediate access for batch jobs. How can costs be reduced without reducing data durability?

88. A Solutions Architect is designing a web application that will be hosted on Amazon EC2 instances in a public subnet. The web application uses a MySQL database in a private subnet. The database should be accessible to database administrators. Which of the following options should the Architect recommend? (Choose two.)

Create a bastion host in a public subnet, and use the bastion host to connect to the database.

Log in to the web servers in the public subnet to connect to the database.

Perform DB maintenance after using SSH to connect to the NAT Gateway in a public subnet.

Attach an Elastic IP address to the database.

Submit

89. A Solutions Architect is designing a service that must have four Amazon EC2 instances running between 8 AM and 6 PM daily. The service requires one EC2 instance outside of those hours. What is the MOST cost-effective way to provide enough compute?

90. A company has a website running on Amazon EC2. The application DNS name points to an Elastic IP address associated with the EC2 instance. In the event of an attack on the website coming from a specific IP address, the company wants a way to block the offending IP address. Which tool or service should a Solutions Architect recommend to block the IP address?

Security groups

Network ACL

AWS WAF

AWS Shield

91. A workload in an Amazon VPC consists of a single web server launched from a custom AMI. Session state is stored in a database. How should the Solutions Architect modify this workload to be both highly available and scalable?

92. A team has an application that detects new objects being uploaded into an Amazon S3 bucket. The uploads trigger a Lambda function to write object metadata into an Amazon DynamoDB table and RDS PostgreSQL database. Which action should the team take to ensure high availability?

Enable cross-region replication in the Amazon S3 bucket.

Create a Lambda function for each Availability Zone the application is deployed in.

Enable multi-AZ on the RDS PostgreSQL database.

Create a DynamoDB stream for the DynamoDB table.

93. A company has two different types of reporting needs on their 200-GB data warehouse: ✑ Data scientists run a small number of concurrent ad hoc SQL queries that can take several minutes each to run. ✑ Display screens throughout the company run many fast SQL queries to populate dashboards. Which design would meet these requirements with the LEAST cost?

Replicate relevant data between Amazon Redshift and Amazon DynamoDB. Data scientists use Redshift. Dashboards use DynamoDB.

Configure auto-replication between Amazon Redshift and Amazon RDS. Data scientists use Redshift. Dashboards use RDS.

Use Amazon Redshift for both requirements, with separate query queues configured in workload management.

94. A Solutions Architect was tasked with reviewing several templates that build VPCs and ensuring that they meet specific security requirements. After reviewing the templates, the Architect realizes that all of the templates are missing important security best practices. What should the Architect do to implement security best practices in an efficient manner?

Use VPC peering to enforce network consistency

Restrict users from deploying an AWS CloudFormation template

Provide the teams a nested AWS CloudFormation template that builds the VPC correctly

Create AWS Identity and Access Management (IAM) policies that enforce the corporate VPC architecture standards

95. A team is launching a marketing campaign and the peak database read activity in Amazon Aurora for MySQL is expected to increase. A Solutions Architect decides to add two Read Replicas to the cluster. How should the Solutions Architect ensure that the connections for read activities are load balanced?

Reader endpoint for Amazon Aurora

Cluster endpoint for Amazon Aurora

Primary DB instance endpoint for Amazon Aurora

Replica DB instances endpoint for Aurora

96. A retail company has sensors placed in its physical retail stores. The sensors send messages over HTTP when customers interact with in-store product displays. A Solutions Architect needs to implement a system for processing those sensor messages; the results must be available for the Data Analysis team. Which architecture should be used to meet these requirements?

97. Employees from several companies use an application once a year during a specific 30-day period. The periods are different for each company. Traffic to the application spikes during these 30-day periods. How can the application be designed to handle these traffic spikes?

Use Amazon S3 to cache static elements of the website requests.

Use an Auto Scaling group to scale the number of EC2 instances to match the site traffic.

Use Amazon Cloud Front to serve static assets to decrease the load on the EC2 instances.

98. A company needs to capture all client connection information from its Application Load Balancer every five minutes. This data will be used to analyze traffic patterns and troubleshoot the application. How can a Solutions Architect meet this requirement?

Enable AWS CloudTrail for the Application Load Balancer.

Enable Access Logs on the Application Load Balancer.

Install CloudWatch Agent on the Application Load Balancer.

Enable CloudWatch metrics on the Application Load Balancer.

99. A company plans to use an Amazon VPC to deploy a web application consisting of an elastic load balancer, a fleet of web and application servers, and an Amazon RDS MySQL database that should not be accessible from the Internet. The proposed design must be highly available and distributed over two Availability Zones. What would be the MOST appropriate VPC design for this specific use case?

100. A company has a popular multi-player mobile game hosted in its on-premises datacenter. The current infrastructure can no longer keep up with demand and the company is considering a move to the cloud. Which solution should a Solutions Architect recommend as the MOST scalable and cost-effective solution to meet these needs?

Amazon EC2 and an Application Load Balancer

Amazon S3 and Amazon CloudFront

Amazon EC2 and Amazon Elastic Transcoder

AWS Lambda and Amazon API Gateway

101. A Solutions Architect needs to allow developers to have SSH connectivity to web servers. The requirements are as follows: ✑ Limit access to users origination from the corporate network. ✑ Web servers cannot have SSH access directly from the Internet. ✑ Web servers reside in a private subnet. Which combination of steps must the Architect complete to meet these requirements? (Choose two.)

Create a bastion host that authenticates users against the corporate directory.

Create a bastion host with security group rules that only allow traffic from the corporate network.

Attach an IAM role to the bastion host with relevant permissions.

Configure the web servers security group to allow SSH traffic from a bastion host.

Deny all SSH traffic from the corporate network in the inbound network ACL.

Submit

102. A company has a legacy application using a proprietary file system and plans to migrate the application to AWS. Which storage service should the company use?

Amazon DynamoDB

Amazon S3

Amazon EBS

Amazon EFS

103. Configure an AWS Direct Connect private virtual interface for Kinesis and route all traffic to Kinesis through the virtual interface.

Amazon S3

Amazon Glacier

Amazon EFS

AWS Storage Gateway

104. A company expects its user base to increase five times over one year. Its application is hosted in one region and uses an Amazon RDS MySQL database, an ELB Application Load Balancer, and Amazon ECS to host the website and its microservices. Which design changes should a Solutions Architect recommend to support the expected growth? (Choose two.)

Move static files from ECS to Amazon S3

Use an Amazon Route 53 geolocation routing policy

Scale the environment based on real-time AWS CloudTrail logs

Create a dedicated Elastic Load Balancer for each microservice

Create RDS read replicas and change the application to use these replicas

Submit

105. A Solutions Architect is about to deploy an API on multiple EC2 instances in an Auto Scaling group behind an ELB. The support team has the following operational requirements: 1 They get an alert when the requests per second go over 50,000 2 They get an alert when latency goes over 5 seconds 3 They can validate how many times a day users call the API requesting highly-sensitive data Which combination of steps does the Architect need to take to satisfy these operational requirements? (Select two.)

Ensure that CloudTrail is enabled.

Create a custom CloudWatch metric to monitor the API for data access.

Configure CloudWatch alarms for any metrics the support team requires.

Ensure that detailed monitoring for the EC2 instances is enabled.

Create an application to export and save CloudWatch metrics for longer term trending analysis.

Submit

106. A web application runs on 10 EC2 instances launched from a single customer Amazon Machine Image (AMI). The EC2 instances are behind an Internet Application Load Balancer. Amazon Route 53 provides DNS for the application. How should a Solutions Architect automate recovery when a web server instance stops replying to request?

Launch the instances in an Auto Scaling group with an Elastic Load Balancing health check.

Launch instances in multiple Availability Zones and set the load balancer to Multi-AZ.

Add CloudWatch alarm actions for each instance to restart if the Status Check (Any) fails.

Add Route 53 records for each instance with an instance health check.

107. As part of securing an API layer built on Amazon API gateway, a Solutions Architect has to authorize users who are currently authenticated by an existing identity provider. The users must be denied access for a period of one hour after three unsuccessful attempts. How can the Solutions Architect meet these requirements?

Use AWS IAM authorization and add least-privileged permissions to each respective IAM role.

Use an API Gateway custom authorizer to invoke an AWS Lambda function to validate each users identity.

Use Amazon Cognito user pools to provide built-in user management.

Use Amazon Cognito user pools to integrate with external identity providers.

108. A company is using Amazon S3 as its local repository for weekly analysis reports. One of the company-wide requirements is to secure data at rest using encryption. The company chose Amazon S3 server-side encryption. The company wants to know how the object is decrypted when a GET request is issued. Which of the following answers this question?

The user needs to place a PUT request to decrypt the object.

The user needs to decrypt the object using a private key.

Amazon S3 manages encryption and decryption automatically.

Amazon S3 provides a server-side key for decrypting the object.

109. A Solutions Architect is designing a microservice to process records from Amazon Kinesis Streams. The metadata must be stored in Amazon DynamoDB. The microservice must be capable of concurrently processing 10,000 records daily as they arrive in the Kinesis stream. The MOST scalable way to design the microservice is:

As an AWS Lambda function.

As a process on an Amazon EC2 instance.

As a Docker container running on Amazon ECS.

As a Docker container on an EC2 instance.

110. A company has an application that uses Amazon CloudFront for content that is hosted on an Amazon S3 bucket. After an unexpected refresh, the users are still seeing old content. Which step should the Solutions Architect take to ensure that new content is displayed?

Perform a cache refresh on the CloudFront distribution that is serving the content.

Perform an invalidation on the CloudFront distribution that is serving the content.

Create a new cache behavior path with the updated content.

Change the TTL value for removing the old objects.

111. A company hosts a two-tier application that consists of a publicly accessible web server that communicates with a private database. Only HTTPS port 443 traffic to the web server must be allowed from the Internet. Which of the following options will achieve these requirements? (Choose two.)

Security group rule that allows inbound Internet traffic for port 443.

Security group rule that denies all inbound Internet traffic except port 443.

Network ACL rule that allows port 443 inbound and all ports outbound for Internet traffic.

Security group rule that allows Internet traffic for port 443 in both inbound and outbound.

Network ACL rule that allows port 443 for both inbound and outbound for all Internet traffic.

Submit

112. A Solutions Architect is designing a solution that will include a database in Amazon RDS. Corporate security policy mandates that the database, its logs, and its backups are all encrypted. Which is the MOST efficient option to fulfill the security policy using Amazon RDS?

Launch an Amazon RDS instance with encryption enabled. Enable encryption for logs and backups.

Launch an Amazon RDS instance. Enable encryption for database, logs and backups.

Launch an Amazon RDS instance with encryption enabled. Logs and backups are automatically encrypted.

Launch an Amazon RDS instance. Enable encryption for backups. Encrypt logs with a database-engine feature.

113. A company has asked the Solutions Architect to modify its AWS-hosted internal application to allow for load balancing. The customer requests always come from the company domain (example.net). The company requires that incoming HTTP and HTTPS traffic is routed based on the path element of the URL in the request. Which implementation can satisfy all requirements?

Configure a Network Load Balancer with listeners for appropriate path patterns for the target groups.

Configure an Application Load Balancer with host-based routing based on the domain field in the HTTP header.

Configure a Network Load Balancer and enable cross-zone load balancing to ensure that all EC2 instances are used.

Configure an Application Load Balancer with listeners for appropriate path patterns for the target group.

114. A university is running an internal web application on AWS that students can access from the university network to check their exam results. The web application runs on Amazon EC2 instances and pulls results from an Amazon DynamoDB table. Auto Scaling is currently configured to add a new web server when CPU is greater than 80% for 5 minutes. DynamoDB is configured to increase both read and write capacity units by five when utilization is greater than 80%. Exam results are released at 9:00 a.m. each Monday, and 80% of students, attempt to access their unique result within the first 30 minutes. Despite Auto Scaling being enabled, students are complaining of slow response times and errors when they view the site. There are no performance complaints after 9:30 a.m. on Monday. Which recommendation should a Solutions Architect make to improve performance in a cost-effective manner?

Scale out the EC2 instances to ensure that the environment scales up and down based on the highest load.

Implement Amazon DynamoDB Accelerator to improve database performance and remove the need to scale the read/write units.

Use a scheduled job to scale out EC2 before 9:00 a.m. on Monday and to scale down after 9:30 a.m.

Use Amazon CloudFront to cache web request and reduce the load on EC2 and DynamoDB.