• Home
  • Articles
  • Amazon AWS-Solutions-Architect-Associate Deluxe Study Guide with Online Test Engine [Q79-Q98]

Amazon AWS-Solutions-Architect-Associate Deluxe Study Guide with Online Test Engine [Q79-Q98]

Share

Amazon AWS-Solutions-Architect-Associate Deluxe Study Guide with Online Test Engine

AWS-Solutions-Architect-Associate dumps review - Professional Quiz Study Materials


How to study the AWS Solutions Associate

**AMAZON AWS SOLUTIONS ASSOCIATE practice test is not challenging to use, with the purpose that anybody can recognize their benefits. In the before-mentioned strong regions, where capability needs an exceptional deal of study, arranging, and center, nobody wants loss. An exertion is hard to the point that even the understudies' nerves can be broken. Our exhaustion administration frameworks are so genuine and best that you have no suffering to pass your AWS licensed Developer Professional.

Use AMAZON AWS SOLUTIONS ASSOCIATE dumps for preparation.

AMAZON AWS SOLUTIONS ASSOCIATE practice test is not difficult to utilize, with the goal that anybody can see the value in them. In such powerful regions, where capability requires a great deal of study, arranging, and center, nobody likes misfortune. An exertion is difficult to the point that even the understudies' nerves can be broken. Our waste administration frameworks are so authentic and best that you have no torment to pass your AWS licensed Developer Professional.

 

NEW QUESTION 79
A company is implementing a data lake solution on Amazon S3. Its security policy mandates that the data stored in Amazon S3 should be encrypted at rest.
Which options can achieve this? (Select TWO.)

  • A. Use client-side encryption before ingesting the data to Amazon S3 using encryption keys.
  • B. Use S3 bucket policies to restrict access to the data at rest.
  • C. Use SSL to encrypt the data while in transit to Amazon S3.
  • D. Use S3 server-side encryption with an Amazon EC2 key pair.
  • E. Use S3 server-side encryption with customer-provided keys (SSE-C).

Answer: A,E

 

NEW QUESTION 80
Much of your company's data does not need to be accessed often, and can take several hours for retrieval time, so it's stored on Amazon Glacier. However someone within your organization has expressed concerns that his data is more sensitive than the other data, and is wondering whether the high level of encryption that he knows is on S3 is also used on the much cheaper Glacier service. Which of the following statements would be most applicable in regards to this concern?

  • A. Amazon Glacier automatically encrypts the data using AES-256, the same as Amazon S3.
  • B. Amazon Glacier automatically encrypts the data using AES-128 a lesser encryption method than Amazon S3 but you can change it to AES-256 if you are willing to pay more.
  • C. There is no encryption on Amazon Glacier, that's why it is cheaper.
  • D. Amazon Glacier automatically encrypts the data using AES-128 a lesser encryption method than Amazon S3.

Answer: A

Explanation:
Like Amazon S3, the Amazon Glacier service provides low-cost, secure, and durable storage. But where S3 is designed for rapid retrieval, Glacier is meant to be used as an archival service for data that is not accessed often, and for which retrieval times of several hours are suitable.
Amazon Glacier automatically encrypts the data using AES-256 and stores it durably in an immutable form. Amazon Glacier is designed to provide average annual durability of 99.999999999% for an archive.
It stores each archive in multiple facilities and multiple devices. Unlike traditional systems which can require laborious data verification and manual repair, Glacier performs regular, systematic data integrity checks, and is built to be automatically self-healing.
Reference: http://d0.awsstatic.com/whitepapers/Security/AWS%20Security%20Whitepaper.pdf

 

NEW QUESTION 81
A company recently transformed its legacy infrastructure provisioning scripts to AWS CloudFormation templates. The newly developed templates are hosted in the company's private GitHub repository. Since adopting CloudFormation, the company has encountered several issues with updates to the CloudFormation templates, causing execution or creating environment. Management is concerned by the increase in errors and has asked a Solutions Architect to design the automated testing of CloudFormation template updates.
What should the Solution Architect do to meet these requirements?

  • A. Mirror the GitHub repository to AWS CodeCommit using AWS Lambda. Use AWS CodeBuild to create a change set from the CloudFormation templates and execute it. Have CodeBuild test the deployment with testing scripts.
  • B. Use AWS CodePipeline to create and execute a change set from the CloudFormation templates stored in the GitHub repository. Configure a CodePipeline action to be deployment with testing scripts run by AWS CodeBuild.
  • C. Use AWS CodePipeline to create a change set from the CloudFormation templates stored in the private GitHub repository. Execute the change set using AWS CodeDeploy. Include a CodePipeline action to test the deployment with testing scripts run by AWS CodeBuild.
  • D. Mirror the GitHub repository to AWS CodeCommit using AWS Lambda. Use AWS CodeDeploy to create a change set from the CloudFormation templates and execute it. Have CodeDeploy test the deployment with testing scripts run by AWS CodeBuild.

Answer: D

 

NEW QUESTION 82
A company wants to improve the availability and performance of its stateless UDP-based workload. The workload is deployed on Amazon EC2 instances in multiple AWS Regions What should a solutions architect recommend to accomplish this?

  • A. Place the EC2 instances behind Application Load Balancers (ALBs) in each Region Create an Amazon CloudFront distribution with an origin that uses Amazon Route 53 latency-based routing to route requests to the ALBs.
  • B. Place the EC2 instances behind Network Load Balancers (NLBs) in each Region. Create an Amazon CloudFront distribution with an origin that uses Amazon Route 53 latency-based routing to route requests to the NLBs
  • C. Place the EC2 instances behind Application Load Balancers (ALBs) in each Region. Create an accelerator using AWS Global Accelerator Use the ALBs as endpoints for the accelerator
  • D. Place the EC2 instances behind Network Load Balancers (NLBs) in each Region Create an accelerator using AWS Global Accelerator. Use the NLBs as endpoints for the accelerator

Answer: A

 

NEW QUESTION 83
A company has several business systems that require access to data stored in a file share. the business systems will access the file share using the Server Message Block (SMB) protocol. The file share solution should be accessible from both of the company's legacy on-premises environment and with AWS.
Which services mod the business requirements? (Select TWO.)

  • A. Amazon FSx for Windows
  • B. Amazon EFS
  • C. Amazon S3
  • D. AWS Storage Gateway file gateway
  • E. Amazon EBS

Answer: A,D

 

NEW QUESTION 84
Which aspects of Amazon EC2 security are the responsibility of AWS? Choose 2 answers

  • A. VPC and security group configuration
  • B. Application authentication
  • C. Guest operating systems
  • D. Physical security of hardware
  • E. Virtualization Infrastructure

Answer: C,D

Explanation:
* AWS is responsible for protecting the global infrastructure that runs all of the services offered in the AWS cloud. This infrastructure is comprised of the hardware, software, networking, and facilities that run AWS services.
* AWS provide several reports from third-party auditors who have verified their compliance with a variety of computer security standards and regulations
* AWS is responsible for the security configuration of its products that are considered managed services for e.g. RDS, DynamoDB
* For Managed Services, AWS will handle basic security tasks like guest operating system (OS) and database patching, firewall configuration, and disaster recovery.
AWS Security Responsibilities

 

NEW QUESTION 85
An instance is launched into a VPC subnet with the network ACL configured to allow all inbound traffic and deny all outbound traffic. The instance's security group is configured to allow SSH from any IP address and deny all outbound traffic. What changes need to be made to allow SSH access to the instance?

  • A. Both the outbound security group and outbound network ACL need to be modified to allow outbound traffic.
  • B. The outbound network ACL needs to be modified to allow outbound traffic.
  • C. The outbound security group needs to be modified to allow outbound traffic.
  • D. Nothing, it can be accessed from any IP address using SSH.

Answer: A

 

NEW QUESTION 86
A company hosts an online shopping application that stores all orders in an Amazon RDS for PostgreSQL Single-AZ DB instance Management wants to eliminate single points of failure and has asked a solutions architect to recommend an approach to minimize database downtime without requiring any changes to the application code.
Which solution meets these requirements?

  • A. Create a new RDS Multi-AZ deployment Take a snapshot of the current RDS instance and restore the new Multi-AZ deployment with the snapshot
  • B. Convert the existing database instance to a Multi-AZ deployment by modifying the database instance and specifying the Multi-AZ option.
  • C. Place the RDS for PostgreSQL database in an Amazon EC2 Auto Scaling group with a minimum group size of two Use Amazon Route 53 weighted record sets to distribute requests across instances.
  • D. Create a read-only replica of the PostgreSQL database in another Availability Zone Use Amazon Route
    53 weighted record sets to distribute requests across the databases.

Answer: B

 

NEW QUESTION 87
A university is running an internal web application on AWS that students can access from the university network to check their exam results. The web application runs on Amazon EC2 instances and pulls results from an Amazon DynamoDB table. Auto Scaling is currently configured to add a new web server when CPU is greater than 80% for 5 minutes. DynamoDB is configured to increase both read and write capacity units by five when utilization is greater than
80%. Exam results are released at 9:00 a.m. each Monday, and 80% of students, attempt to access their unique result within the first 30 minutes. Despite Auto Scaling being enabled, students are complaining of slow response times and errors when they view the site. There are no performance complaints after 9:30 a.m. on Monday.
Which recommendation should a Solutions Architect make to improve performance in a cost- effective manner?

  • A. Scale out the EC2 instances to ensure that the environment scales up and down based on the highest load.
  • B. Implement Amazon DynamoDB Accelerator to improve database performance and remove the need to scale the read/write units.
  • C. Use Amazon CloudFront to cache web request and reduce the load on EC2 and DynamoDB.
  • D. Use a scheduled job to scale out EC2 before 9:00 a.m. on Monday and to scale down after 9:30 a.m.

Answer: D

 

NEW QUESTION 88
Which of the following are characteristics of Amazon VPC subnets? Choose 2 answers

  • A. Instances in a private subnet can communicate with the Internet only if they have an Elastic IP.
  • B. By default, all subnets can route between each other, whether they are private or public.
  • C. Each subnet maps to a single Availability Zone.
  • D. Each subnet spans at least 2 Availability Zones to provide a high-availability environment.
  • E. CIDR block mask of/25 is the smallest range supported.

Answer: A,C

 

NEW QUESTION 89
In the context of AWS IAM, identify a true statement about user passwords (login profiles).

  • A. They must contain Unicode characters.
  • B. They can contain any Basic Latin (ASCII) characters.
  • C. They cannot contain Basic Latin (ASCII) characters.
  • D. They must begin and end with a forward slash (/).

Answer: B

Explanation:
The user passwords (login profiles) of IAM users can contain any Basic Latin (ASCII)characters.
Reference:
http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html

 

NEW QUESTION 90
A company is running a multi-tier web application on AWS. The application runs its database tier on Amazon Aurora MySQL The application and database tiers are in the us-east-1 Region A database administrator who regularly monitors the Aurora DB cluster finds that an intermittent increase in read traffic is creating high CPU utilization on the read replica and causing increased read latency of the application What should a solutions architect do to improve read scalability?

  • A. Create a cross-Region read replica
  • B. Increase the instance class of the read replica
  • C. Configure Aurora Auto Scaling for the read replica
  • D. Reboot the Aurora DB cluster

Answer: C

 

NEW QUESTION 91
A company hosts a multi-tier web application that uses an Amazon Aurora MySQL DB cluster for storage.
The application tier is hosted on Amazon EC2 instances. The comp.......... mandate that the database credentials be encrypted and rotated every 14 days.
What should a solutions architect do to meet this requirement with the LEAST operational effort?

  • A. Store a file that contains the credentials in an AWS Key Management Service (AWS KMS) encrypted Amazon S3 bucket that the application uses to load the crede......... application regularly to ensure that the correct credentials are used. Implement an AWS Lambda function that rotates the Aurora credentials every 14 days and ....... in the S3 bucket.
  • B. Create a new AWS Key Management Service (AWS KMS) encryption key. Use AWS Secrets Manager to create a new secret that uses the KMS key with the appro........ secret with the Aurora DB cluster Configure a custom rotation period of 14 days.
  • C. Store a file that contains the credentials in an AWS Key Management Service (AWS KMS) encrypted Amazon Elastic File System (Amazon EFS) file system. Mount........ instances of the application tier.
    Restrict the access to the file on the file system so that the application can read the file and that only super users can modify the........ file function that rotates the key in Aurora every 14 days and writes new credentials into the file.
  • D. Create two parameters in AWS Systems Manager Parameter Store: one for the user name as a stinng parameter and one that uses the SecureString type for the ..........Management Service (AWS KMS) encryption for the password parameter, and load these parameters in the application tier. Implement an AWS Lambda function th days.

Answer: D

 

NEW QUESTION 92
What is the maximum number of data points for an HTTP data request that a user can include in PutMetricRequest in the CloudWatch?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

Answer: C

Explanation:
The size of a PutMetricData request of CloudWatch is limited to 8KB for the HTTP GET requests and 40KB for the HTTP POST requests. The user can include a maximum of 20 data points in one PutMetricData request.
Reference:
http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html

 

NEW QUESTION 93
A read only news reporting site with a combined web and application tier and a database tier that receives large and unpredictable traffic demands must be able to respond to these traffic fluctuations automatically.
What AWS services should be used meet these requirements?

  • A. Stateless instances for the web and application tier synchronized using ElastiCache Memcached in an autoscaling group monitored with CloudWatch and multi-AZ RDS.
  • B. Stateful instances for the web and application tier in an autoscaling group monitored with CloudWatch and RDS with read replicas.
  • C. Stateful instances for the web and application tier in an autoscaling group monitored with CloudWatch and multi-AZ RDS.
  • D. Stateless instances for the web and application tier synchronized using ElastiCache Memcached in an autoscaimg group monitored with CloudWatch and RDS with read replicas.

Answer: D

 

NEW QUESTION 94
A solutions architect needs to design a managed storage solution for a company's application that includes high-performance machine learning This application runs on AWS Fargate and the connected storage needs to have concurrent access to files and deliver high performance.
Which storage option should the solutions architect recommend?

  • A. Create an Amazon Elastic File System (Amazon EFS) file share and establish an 1AM role that allows Fargate to communicate with Amazon EFS.
  • B. Create an Amazon S3 bucket for the application and establish an 1AM role for Fargate to communicate with Amazon S3
  • C. Create an Amazon FSx for Lustre file share and establish an 1AM role that allows Fargate to communicate with FSx for Lustre.
  • D. Create an Amazon Elastic Block Store (Amazon EBS) volume for the application and establish an 1AM role that allows Fargate to communicate with Amazon EBS

Answer: C

 

NEW QUESTION 95
An application is running in a single AWS region. The business team adds a requirement to run the application in a second region for multi-region high availability. A Solutions Architect needs to enable traffic to be distributed to multiple regions for high availability.
Which AWS service meets the requirements?

  • A. Amazon CloudFront
  • B. Elastic Load Balancing
  • C. Amazon S3 Website Hosting
  • D. Amazon Route 53

Answer: D

 

NEW QUESTION 96
A company runs a three-tier application in AWS. Users report that the application performance can vary greatly depending on the time of day and functionality being accessed.
The application includes the following components:
Eight t2.large front-end web servers that serve static content and proxy dynamic content from the

application tier.
Four t2.large application servers.

One db.m4.large Amazon RDS MySQL Multi-AZ DB instance.

Operations has determined that the web and application tiers are network constrained.
Which of the following should cost effective improve application performance? (Choose two.)

  • A. Use AWS Auto Scaling and m4.large instances for the web and application tiers
  • B. Create an Amazon CloudFront distribution to cache content
  • C. Convert the MySQL RDS instance to a self-managed MySQL cluster on Amazon EC2
  • D. Replace web and app tiers with t2.xlarge instances
  • E. Increase the size of the Amazon RDS instance to db.m4.xlarge

Answer: C,D

 

NEW QUESTION 97
A company hosts more than 300 global websites and applications. The company requires a platform to analyze more than 30 TB of clickstream data each day. What should a solutions architect do to transmit and process the clickstream data?

  • A. Cache the data to Amazon CloudFront. Store the data in an Amazon S3 bucket. When an object is added to the S3 bucket, run an AWS Lambda function to process the data for analysis.
  • B. Design an AWS Data Pipeline to archive the data to an Amazon S3 bucket and run an Amazon EMR cluster with the data to generate analytics.
  • C. Create an Auto Scaling group of Amazon EC2 instances to process the data and send it to an Amazon S3 data lake for Amazon Redshift to use for analysis.
  • D. Collect the data from Amazon Kinesis Data Streams. Use Amazon Kinesis Data firehose to transmit the data to an Amazon S3 data lake. Load the data in Amazon Redshift for analysis.

Answer: A

 

NEW QUESTION 98
......

Exam Questions Answers Braindumps AWS-Solutions-Architect-Associate Exam Dumps PDF Questions: https://www.free4dump.com/AWS-Solutions-Architect-Associate-braindumps-torrent.html

AWS-Solutions-Architect-Associate Test Prep Training Practice Exam Questions Practice Tests: https://drive.google.com/open?id=1UkZHhwQi1dTvZqliUxjcTBnnc0WqpJgd

Related Articles

more
Amazon AWS-Solutions-Architect-Associate Certification Practice Exam