4. X-Tinction Agenda

90問 • 1年前

問題一覧

A company stores its application logs in an Amazon CloudWatch Logs log group. A new policy requires the company to store all application logs in Amazon OpenSearch Service (Amazon Elasticsearch Service) in near-real time. Which solution will meet this requirement with the LEAST operational overhead?

Configure a CloudWatch Logs subscription to stream the logs to Amazon OpenSearch Service (Amazon Elasticsearch Service).

The database layer of an on-premises web application is being migrated to AWS. The database uses a multi-threaded, in-memory caching layer to improve performance for repeated queries. Which service would be the most suitable replacement for the database cache?

Amazon ElastiCache Memcached

A company provides a Voice over Internet Protocol (VoIP) service that uses UDP as the protocol. The service utilizes Amazon EC2 instances that are scaled automatically using an Auto Scaling group. The company currently uses multiple AWS Regions for its AWS deployments. The company needs to route users to the appropriate Region based on the lowest latency. The company also needs automated failover between Regions. Which solution will meet these requirements?

Set up a Network Load Balancer (NLB) and an associated target group. Assign the target group with the Auto Scaling group. In each region, use the NLB as an AWS Global Accelerator endpoint.

A large company is currently using multiple AWS accounts as part of its cloud deployment model, and these accounts are currently structured using AWS Organizations. A Solutions Architect has been tasked with limiting access to an Amazon S3 bucket to only users of accounts that are enrolled with AWS Organizations. The Solutions Architect wants to avoid listing the many dozens of account IDs in the Bucket policy, as there are many accounts the frequent changes. Which strategy meets these requirements with the LEAST amount of effort?

Use the global key of AWS Organizations within a bucket policy using the aws:PrincipalOrgID key to allow access only to accounts which are part of the Organization.

A large manufacturing company is migrating many of its on-premises applications to AWS. The applications are staged in many different AWS accounts under a payer account, using AWS Organizations. The company's security team needs to enable a single sign-on (SSO) solution across all the company's accounts, and this must be integrated with the company's existing Active Directory setup. Which solution will meet these requirements?

Enable AWS IAM Identity Center (successor to AWS SSO). Create a two-way forest trust to connect the company's self-managed Microsoft Active Directory with AWS SSO by using AWS Directory Service for Microsoft Active Directory.

An online education platform uses Amazon CloudFront to distribute learning resources globally. The company wants to ensure that only enrolled students have access to the course materials. These materials are stored in an Amazon S3 bucket. In addition, the company occasionally provides exclusive resources to certain students for research and project work. Which solution will meet these requirements?

Implement CloudFront signed cookies for authenticated students.

A game development company is planning to build a cloud-based game platform on AWS. The player activity patterns are unpredictable and could remain idle for extended periods. Only players who have purchased the game should have the ability to log in and play. Which combination of steps will meet these requirements MOST cost-effectively? (Select THREE.)

Use AWS Cognito User Pools to handle user authentication., Leverage AWS Amplify to serve the frontend game interface with HTML, CSS, and JS. Use the integrated Amazon CloudFront configuration for distribution., Implement an AWS Lambda function to fetch player information from Amazon DynamoDB. Establish an Amazon API Gateway endpoint to handle RESTful API calls, directing them to the Lambda function.

A law firm has recently moved an on-premises multi-tier web application to AWS. Currently, the web application is based on a containerized solution and is running inside Linux based EC2 instances which connect to a PostgreSQL database hosted on separate but dedicated EC2 instances. The company wishes to optimize operational efficiency and performance. Which combination of actions should the solutions architect take? (Select TWO.)

Migrate the PostgreSQL database to Amazon Aurora., Migrate the web application to be hosted on AWS Fargate with Amazon Elastic Container Service (Amazon ECS).

An application is running in a private subnet of an Amazon VPC and must have outbound internet access for downloading updates. The Solutions Architect does not want the application exposed to inbound connection attempts. Which steps should be taken?

Create a NAT gateway and attach an internet gateway to the VPC

A travel agency operates a web service in an AWS Region. The service is accessed by customers via a REST API on Amazon API Gateway. The agency uses Amazon Route 53 for DNS and wants to provide individual and secure URLs for each travel agent using the service. Which combination of steps will meet these requirements with the LEAST operational complexity? (Select THREE.)

Register the desired domain with a domain registrar. Set up a wildcard custom domain in a Route 53 hosted zone and create a record in the zone that points to the API Gateway endpoint., Establish a custom domain name in API Gateway for the REST API. Import the corresponding certificate from AWS Certificate Manager (ACM)., Request a wildcard certificate that matches the custom domain name in AWS Certificate Manager (ACM) in the same Region.

An application that is being installed on an Amazon EC2 instance requires a persistent block storage volume. The data must be encrypted at rest and regular volume-level backups must be automated. Which solution options should be used?

Use an encrypted Amazon EBS volume and use Data Lifecycle Manager to automate snapshots

An application has been migrated from on-premises to an Amazon EC2 instance. The migration has failed due to an unknown dependency that the application must communicate with an on-premises server using private IP addresses. Which action should a solutions architect take to quickly provision the necessary connectivity?

Configure a Virtual Private Gateway

A solutions architect in a large finance organization must restrict access for a specific S3 bucket to only users in accounts within the organization in AWS Organizations. This is due to the confidentiality of project reports data. Which solution meets these requirements with the LEAST amount of operational overhead?

Add the aws:PrincipalOrgID global condition key with a reference to the organization ID to the S3 bucket policy.

A multinational podcast company uses Amazon CloudFront for distributing its digital content. The company wants to gradually introduce content across various regions. It also needs to ensure that listeners who are outside the regions to which the content is currently released, cannot access the content. Which solution will meet these requirements?

Implement geographical restrictions on CloudFront content using a deny list and create a custom error message.

A retail company is running an important event. The company require guaranteed capacity in two specific Availability Zones in a specific AWS Region for running Amazon EC2 instances for 5 consecutive days. What is the best way to ensure guaranteed EC2 capacity?

Create an On-Demand Capacity Reservation that specifies the Region and two Availability Zones needed.

A company runs an API on a Linux server in their on-premises data center. The company are planning to migrate the API to the AWS cloud. The company require a highly available, scalable and cost-effective solution. What should a Solutions Architect recommend?

Migrate the API to Amazon API Gateway and use AWS Lambda as the backend

A social media application is creating new functionality that will convert uploaded images to smaller, thumbnail images. When a user uploads an image through the web interface, the application should store the image in an Amazon S3 bucket, process and compress the image with an AWS Lambda function and store the image in its compressed form in a different S3 bucket. The solution architect must develop a stateless, durable solution to process images automatically upon upload. Which combination of actions will meet these requirements? (Select TWO.)

Create an Amazon SQS queue. Configure an event notification to add a message to the SQS queue when an image is uploaded to the S3 bucket., Configure the Lambda function to use the Amazon SQS queue as the event source. The Lambda function will resize the image and store it in a separate S3 Bucket.

A global financial services company is currently operating a three-tier web application to handle their main customer facing website. This application uses several Amazon EC2 instances behind an Application Load Balancer and connects directly to a DynamoDB table. Due to recent customer complaints of slow loading times, their Solutions Architect has been asked to implement changes to solve this problem, without rearchitecting the core application components. Which combination of actions should the solutions architect take to accomplish this? (Select TWO.)

Set up an Amazon DynamoDB Accelerator (DAX) cluster in front of the DynamoDB table., Create a CloudFront distribution and place it in front of the Application Load Balancer.

A software development company is creating a microservices-based application using Amazon Elastic Kubernetes Service (Amazon EKS). The company needs to ensure that sensitive configuration data like database credentials and API keys stored in Kubernetes ConfigMaps and Secrets are encrypted at rest. Which solution will meet these requirements?

Create a new AWS Key Management Service (AWS KMS) key. Enable Amazon EKS KMS secrets encryption on the Amazon EKS cluster.

A three-tier web application is composed of a front end hosted on an Amazon EC2 instance in public subnet, application middleware hosted on EC2 in a private subnet and a database hosted on an Amazon RDS MySQL database in a private subnet. The database layer should be restricted to only allow incoming connections from the application. Which of the following options makes sure that database can only be accessed by the application layer?

Create a security group that allows inbound traffic from the security group that is assigned to instances in the private subnets. Attach the security group to the DB instances.

An application is used by a large bank to ingest incoming messages. The messages are then quickly consumed by dozens of other applications and microservices. The number of messages can increase suddenly from a few messages per second up to 120,000 messages per second. In response to several recent outages and failures, the company wants to decouple this applications architecture and solution to ensure scalability. Which solution meets these requirements?

Post the messages to an Amazon Simple Notification Service topic with multiple Amazon Simple Queue Service subscriptions. Process messages from queues using the Consumer Applications.

A Solutions Architect is designing a migration strategy for a company moving to the AWS Cloud. The company use a shared Microsoft filesystem that uses Distributed File System Namespaces (DFSN). What will be the MOST suitable migration strategy for the filesystem?

Use AWS DataSync to migrate to Amazon FSx for Windows File Server

A media company is running a production workload on thousands of EC2 instances which run a custom solution powered by third-party software. This software is subjected to regular updates and patches by the third-party organization. How can a solutions architect patch all the instances quickly to remediate a security exposure?

Configure AWS Systems Manager Patch Manager to apply the patch to all EC2 instances.

A Solutions Architect manages multiple Amazon RDS MySQL databases. To improve security, the Solutions Architect wants to enable secure user access with short-lived credentials. How can these requirements be met?

Create the MySQL user accounts to use the AWSAuthenticationPlugin with IAM

A software development firm uses AWS to run their compute instances across multiple accounts. These instances are individually billed. The company recently purchased an EC2 Reserved Instance (RI) for an ongoing project. However, due to the completion of that project, a significant number of EC2 instances were decommissioned. The company now wishes to utilize the benefits of their unused Reserved Instance across their other AWS accounts. Which combination of steps should the company follow to achieve this? (Select TWO.)

Enable Reserved Instance sharing in the billing preferences section of the AWS Management Console for the account that purchased the existing RI., Establish an AWS Organization in the AWS account that purchased the RI and hosts the remaining active EC2 instances. Invite the other AWS accounts to join this organization from the management account.

A company operates multiple AWS accounts under AWS Organizations. To better manage the costs, the company wants to allocate different budgets for each of these accounts. The company also wants to prevent additional resource provisioning in an AWS account if it reaches its allocated budget before the end of the budget period. Which combination of solutions will meet these requirements? (Select THREE.)

Set up an IAM role with the necessary permissions that allow AWS Budgets to execute budget actions., Configure alerts in AWS Budgets to notify the company when an account is about to reach its budget threshold. Then use a budget action that links to the IAM role to prevent additional resource provisioning., Use AWS Budgets to establish different budgets for each AWS account. Configure the budgets in the Billing and Cost Management console.

A company is looking for ways to incorporate its current AWS usage expenditure into its operational expense tracking dashboard. A solutions architect has been tasked with proposing a method that enables the company to fetch its current year's cost data and project the costs for the forthcoming 12 months programmatically. Which approach would fulfill these needs with the MINIMUM operational burden?

Leverage the AWS Cost Explorer API to retrieve usage cost-related data, using pagination for larger data sets.

A large quantity of data that is rarely accessed is being archived onto Amazon Glacier. Your CIO wants to understand the resilience of the service. Which of the statements below is correct about Amazon Glacier storage? (choose 2)

Data is resilient in the event of one entire Availability Zone destruction , Provides 99.999999999% durability of archives

An international software firm provides its clients with custom solutions and tools designed for efficient data collection and analysis on AWS. The firm intends to centrally manage and distribute a standard set of solutions and tools for its clients' self-service needs. Which solution would best satisfy these requirements?

Create AWS Service Catalog portfolios for the clients.

An application uses an Amazon RDS database and Amazon EC2 instances in a web tier. The web tier instances must not be directly accessible from the internet to improve security. How can a Solutions Architect meet these requirements?

Launch the EC2 instances in a private subnet and create an Application Load Balancer in a public subnet

A web application receives order processing information from customers and places the messages on an Amazon SQS queue. A fleet of Amazon EC2 instances are configured to pick up the messages, process them, and store the results in a DynamoDB table. The current configuration has been resulting in a large number of empty responses to ReceiveMessage API requests. A Solutions Architect needs to eliminate empty responses to reduce operational overhead. How can this be done?

Configure Long Polling to eliminate empty responses by allowing Amazon SQS to wait until a message is available in a queue before sending a response

A financial services company is migrating its sensitive customer data and applications to AWS. They want to ensure that the data is securely stored and managed while reducing the overall maintenance and operational overhead associated with managing databases. Which solution will meet these requirements?

Migrate the data and applications to Amazon RDS instances. Enable encryption at rest using AWS Key Management Service (AWS KMS).

A company has launched a multi-tier application architecture. The web tier and database tier run on Amazon EC2 instances in private subnets within the same Availability Zone. Which combination of steps should a Solutions Architect take to add high availability to this architecture? (Select TWO.)

Create new private subnets in the same VPC but in a different AZ. Migrate the database to an Amazon RDS multi-AZ deployment, Create an Amazon EC2 Auto Scaling group and Application Load Balancer (ALB) spanning multiple AZs

A Solutions Architect needs to upload a large (2GB) file to an S3 bucket. What is the recommended way to upload a single large file to an S3 bucket?

Use Multipart Upload

A healthcare company is migrating its patient record system to AWS. The company receives thousands of encrypted patient data files every day through FTP. An on-premises server processes the data files twice a day. However, the processing job takes hours to finish. The company wants the AWS solution to process incoming data files as soon as they arrive with minimal changes to the FTP clients that send the files. The solution must delete the incoming data files after the files have been processed successfully. Processing for each file needs to take around 10 minutes. Which solution will meet these requirements in the MOST operationally efficient way?

Use AWS Transfer Family to create an SFTP server to store incoming files in Amazon S3 Standard. Create an AWS Lambda function to process the files and to delete the files after they are processed. Use an S3 event notification to invoke the Lambda function when the files arrive.

A media company hosts several terabytes of multimedia content across multiple AWS accounts. The company uses AWS Lake Formation to manage its data lake. The company's marketing team needs to securely access and analyze selective data from various accounts for targeted advertisement campaigns. Which solution will meet these requirements with the LEAST operational overhead?

Utilize Lake Formation tag-based access control to authorize and grant cross-account permissions for the required data to the marketing team accounts.

A Solutions Architect needs to capture information about the traffic that reaches an Amazon Elastic Load Balancer. The information should include the source, destination, and protocol. What is the most secure and reliable method for gathering this data?

Create a VPC flow log for each network interface associated with the ELB

A cloud architect is assessing the resilience of a web application deployed on AWS. It was observed that the application experienced a downtime of about 3 minutes when a scheduled failover was performed on the application's Amazon RDS MySQL database as part of a scaling operation. The organization wants to mitigate such downtime in future scaling exercises while minimizing operational overhead. Which solution will be the MOST effective in achieving this?

Configure an Amazon RDS Proxy for the database and modify the application to connect to the proxy endpoint.

A Solutions Architect is launching an Amazon EC2 instance with multiple attached volumes by modifying the block device mapping. Which block device can be specified in a block device mapping to be used with an EC2 instance? (choose 2)

Instance store volume , EBS volume

The application development team in a company have developed a Java application and saved the source code in a .war file. They would like to run the application on AWS resources and are looking for a service that can handle the provisioning and management of the underlying resources it will run on. Which AWS service should a Solutions Architect recommend the Developers use to upload the Java source code file?

AWS Elastic Beanstalk

A company is transitioning their web presence into the AWS cloud. As part of the migration the company will be running a web application both on-premises and in AWS for a period of time. During the period of co-existence the client would like 80% of the traffic to hit the AWS-based web servers and 20% to be directed to the on-premises web servers. What method can a Solutions Architect use to distribute traffic as requested?

Use Route 53 with a weighted routing policy and configure the respective weights

A company is in the process of improving its security posture and wants to analyze and rectify a high volume of failed login attempts and unauthorized activities being logged in AWS CloudTrail. What is the most efficient solution to help the company identify these security events with the LEAST amount of operational effort?

Use Amazon Athena to directly query CloudTrail logs for failed logins and unauthorized activities.

An application runs on EC2 instances in a private subnet behind an Application Load Balancer in a public subnet. The application is highly available and distributed across multiple AZs. The EC2 instances must make API calls to an internet-based service. How can the Solutions Architect enable highly available internet connectivity?

Create a NAT gateway in the public subnet of each AZ. Update the route tables for each private subnet to direct internet-bound traffic to the NAT gateway

A Solutions Architect has created a new security group in an Amazon VPC. No rules have been created. Which of the statements below are correct regarding the default state of the security group? (choose 2)

There is an outbound rule that allows all traffic to all IP addresses , There are no inbound rules and traffic will be implicitly denied

A legacy application is being migrated into AWS. The application has a large amount of data that is rarely accessed. When files are accessed they are retrieved sequentially. The application will be migrated onto an Amazon EC2 instance. What is the LEAST expensive EBS volume type for this use case?

Cold HDD (sc1)

A Solutions Architect enabled Access Logs on an Application Load Balancer (ALB) and needs to process the log files using a hosted Hadoop service. What configuration changes and services can be leveraged to deliver this requirement?

Configure Access Logs to be delivered to S3 and use EMR for processing the log files

A Solutions Architect has created an AWS Organization with several AWS accounts. Security policy requires that use of specific API actions are limited across all accounts. The Solutions Architect requires a method of centrally controlling these actions. What is the SIMPLEST method of achieving the requirements?

Create a service control policy in the root organizational unit to deny access to the services or actions

An Amazon EBS-backed EC2 instance has been launched. A requirement has come up for some high-performance ephemeral storage. How can a Solutions Architect add a new instance store volume?

You can specify the instance store volumes for your instance only when you launch an instance

A company is developing a web-based application that will be used for real-time chat functionality. The application should use WebSocket APIs to maintain a persistent connection with the client. The backend services of the application, hosted in containers within private subnets of a VPC, need to be accessed securely. Which solution will meet these requirements?

Develop a WebSocket API using Amazon API Gateway. Host the application in Amazon Elastic Kubernetes Service (EKS) in a private subnet. Establish a private VPC link for the API Gateway to securely access the Amazon EKS cluster.

The load on a MySQL database running on Amazon EC2 is increasing and performance has been impacted. Which of the options below would help to increase storage performance? (choose 2)

Use EBS optimized instances , Use Provisioned IOPS (I01) EBS volumes

Three AWS accounts are owned by the same company but in different regions. Account Z has two AWS Direct Connect connections to two separate company offices. Accounts A and B require the ability to route across account Z’s Direct Connect connections to each company office. A Solutions Architect has created an AWS Direct Connect gateway in account Z. How can the required connectivity be configured?

Associate the Direct Connect gateway to a virtual private gateway in account A and B

A software development company is deploying a microservices-based application on Amazon Elastic Kubernetes Service (Amazon EKS). The application's traffic fluctuates significantly throughout the day and the company wants to ensure that the EKS cluster scales up and down according to these traffic patterns. Which combination of steps would satisfy these requirements with MINIMAL operational overhead? (Select TWO.)

Employ the Kubernetes Cluster Autoscaler for dynamically managing the quantity of nodes in the EKS cluster., Utilize the Kubernetes Metrics Server to enable horizontal pod autoscaling based on resource utilization.

One of the departments in a company has been generating a large amount of data on Amazon S3 and costs are increasing. Data older than 90 days is rarely accessed but must be retained for several years. If this data does need to be accessed at least 24 hours notice is provided. How can a Solutions Architect optimize the costs associated with storage of this data whilst ensuring it is accessible if required?

Use S3 lifecycle policies to move data to GLACIER after 90 days

A Solutions Architect is designing the disk configuration for an Amazon EC2 instance. The instance needs to support a MapReduce process that requires high throughput for a large dataset with large I/O sizes. Which Amazon EBS volume is the MOST cost-effective solution for these requirements?

EBS Throughput Optimized HDD

An on-premise data center will be connected to an Amazon VPC by a hardware VPN that has public and VPN-only subnets. The security team has requested that traffic hitting public subnets on AWS that’s destined to on-premise applications must be directed over the VPN to the corporate firewall. How can this be achieved?

In the public subnet route table, add a route for your remote network and specify the virtual private gateway as the target

An e-commerce company operates a serverless web application that must interact with numerous Amazon DynamoDB tables to fulfill user requests. It is critical that the application's performance remains consistent and unaffected while interacting with these tables. Which method provides the MOST operationally efficient way to fulfill these requirements?

AWS AppSync with multiple data sources and resolvers.

A multinational organization has a distributed application that runs on Amazon EC2 instances, which are behind an Application Load Balancer in an Auto Scaling group. The application utilizes a MySQL database hosted on Amazon Aurora. The database cluster spans across multiple Availability Zones in a single region. The organization plans to launch its services in a new geographical area and wants to ensure maximum availability with minimal service interruption. Which strategy should the organization adopt?

Establish the application layer in the new region. Use Amazon Aurora Global Database for deploying the database in the primary and new regions. Apply Amazon Route 53 health checks with a failover routing policy to the new region. Promote the secondary to primary as needed.

A company needs to capture detailed information about all HTTP requests that are processed by their Internet facing Application Load Balancer (ALB). The company requires information on the requester, IP address, and request type for analyzing traffic patterns to better understand their customer base. Which actions should a Solutions Architect recommend?

Enable Access Logs and store the data on S3

A web application runs on a series of Amazon EC2 instances behind an Application Load Balancer (ALB). A Solutions Architect is updating the configuration with a health check and needs to select the protocol to use. What options are available? (choose 2)

HTTP, HTTPS

Several Amazon EC2 Spot instances are being used to process messages from an Amazon SQS queue and store results in an Amazon DynamoDB table. Shortly after picking up a message from the queue AWS terminated the Spot instance. The Spot instance had not finished processing the message. What will happen to the message?

The message will become available for processing again after the visibility timeout expires

A financial institution wants to use machine learning (ML) algorithms to detect potential fraudulent transactions. They need to create ML models based on their vast financial transaction data and integrate these models into their business intelligence system for real-time decision-making. The solution should require minimal operational overhead. Which solution will best meet these requirements?

Use Amazon SageMaker to build, train, and deploy ML models, and use Amazon QuickSight for data visualization.

A Solutions Architect has created an AWS account and selected the Asia Pacific (Sydney) region. Within the default VPC there is a default security group. What settings are configured within this security group by default? (choose 2)

There is an outbound rule that allows all traffic to all addresses , There is an inbound rule that allows all traffic from the security group itself

An on-premises server runs a MySQL database and will be migrated to the AWS Cloud. The company require a managed solution that supports high availability and automatic failover in the event of the outage of an Availability Zone (AZ). Which solution is the BEST fit for these requirements?

Use the AWS Database Migration Service (DMS) to directly migrate the database to an Amazon RDS MySQL Multi-AZ deployment

A company operates a critical Python-based application that analyzes incoming real-time data. The application runs every 15 minutes and takes approximately 2 minutes to complete a run. It requires 1.5 GB of memory and uses the CPU intensively during its operation. The company wants to minimize the costs associated with running this application. Which solution will meet these requirements?

Implement the application as an AWS Lambda function configured with 1.5 GB of memory. Use Amazon EventBridge to schedule the function to run every 15 minutes.

An Amazon EC2 instance is generating very high packets-per-second and performance of the application stack is being impacted. A Solutions Architect needs to determine a resolution to the issue that results in improved performance. Which action should the Architect take?

Use enhanced networking

An organization in the agriculture sector is deploying sensors and smart devices around factory plants and fields. The devices will collect information and send it to cloud applications running on AWS. Which AWS service will securely connect the devices to the cloud applications?

AWS IoT Core

An application uses a MySQL database running on an Amazon EC2 instance. The application generates high I/O and constant writes to a single table on the database. Which Amazon EBS volume type will provide the MOST consistent performance and low latency?

Provisioned IOPS SSD (io1)

The Solutions Architect in charge of a critical application must ensure the Amazon EC2 instances are able to be launched in another AWS Region in the event of a disaster. What steps should the Solutions Architect take? (Select TWO.)

Create AMIs of the instances and copy them to another Region, Launch instances in the second Region from the AMIs

A Solutions Architect has created a new Network ACL in an Amazon VPC. No rules have been created. Which of the statements below are correct regarding the default state of the Network ACL? (choose 2)

There is a default inbound rule denying all traffic , There is a default outbound rule denying all traffic

A Solutions Architect has created a VPC and is in the process of formulating the subnet design. The VPC will be used to host a two-tier application that will include Internet facing web servers, and internal-only DB servers. Zonal redundancy is required. How many subnets are required to support this requirement?

4 subnets

A company runs an application on premises that stores a large quantity of semi-structured data using key-value pairs. The application code will be migrated to AWS Lambda and a highly scalable solution is required for storing the data. Which datastore will be the best fit for these requirements?

Amazon DynamoDB

An application makes calls to a REST API running on Amazon EC2 instances behind an Application Load Balancer (ALB). Most API calls complete quickly. However, a single endpoint is making API calls that require much longer to complete and this is introducing overall latency into the system. What steps can a Solutions Architect take to minimize the effects of the long-running API calls?

Create an Amazon SQS queue and decouple the long-running API calls

A company is deploying a new two-tier web application that uses EC2 web servers and a DynamoDB database backend. An Internet facing ELB distributes connections between the web servers. The Solutions Architect has created a security group for the web servers and needs to create a security group for the ELB. What rules should be added? (choose 2)

Add an Inbound rule that allows HTTP/HTTPS, and specify the source as 0.0.0.0/0 , Add an Outbound rule that allows HTTP/HTTPS, and specify the destination as the web server security group

An application receives a high traffic load between 7:30am and 9:30am daily. The application uses an Auto Scaling group to maintain three instances most of the time but during the peak period it requires six instances. How can a Solutions Architect configure Auto Scaling to perform a daily scale-out event at 7:30am and a scale-in event at 9:30am to account for the peak load?

Use a Scheduled scaling policy

A corporation has a web-based multiplayer gaming service that operates using both TCP and UDP protocols. Amazon Route 53 is currently employed to direct application traffic to a set of Network Load Balancers (NLBs) in various AWS Regions. To prepare for an increase in user activity, the company must enhance application performance and reduce latency. Which approach will best meet these requirements?

Implement AWS Global Accelerator ahead of the NLBs and align the Global Accelerator endpoint to use the appropriate listener ports.

An Amazon EC2 instance behind an Elastic Load Balancer (ELB) is in the process of being de-registered. Which ELB feature is used to allow existing connections to close cleanly?

Connection Draining

A company requires an Elastic Load Balancer (ELB) for an application they are planning to deploy on AWS. The application requires extremely high throughput and extremely low latencies. The connections will be made using the TCP protocol and the ELB must support load balancing to multiple ports on an instance. Which ELB would should the company use?

Network Load Balancer

The database layer of an on-premises web application is being migrated to AWS. The database currently uses an in-memory cache. A Solutions Architect must deliver a solution that supports high availability and replication for the caching layer. Which service should the Solutions Architect recommend?

Amazon ElastiCache Redis

A company needs to ensure that they can failover between AWS Regions in the event of a disaster seamlessly with minimal downtime and data loss. The applications will run in an active-active configuration. Which DR strategy should a Solutions Architect recommend?

Multi-site

A tool needs to analyze data stored in an Amazon S3 bucket. Processing the data takes a few seconds and results are then written to another S3 bucket. Less than 256 MB of memory is needed to run the process. What would be the MOST cost-effective compute solutions for this use case?

AWS Lambda functions

A development team needs to run up a few lab servers on a weekend for a new project. The servers will need to run uninterrupted for a few hours. Which EC2 pricing option would be most suitable?

On-Demand

A Solutions Architect needs to run a PowerShell script on a fleet of Amazon EC2 instances running Microsoft Windows. The instances have already been launched in an Amazon VPC. What tool can be run from the AWS Management Console that to execute the script on all target EC2 instances?

Run Command

A company runs a streaming media service and the content is stored on Amazon S3. The media catalog server pulls updated content from S3 and can issue over 1 million read operations per second for short periods. Latency must be kept under 5ms for these updates. Which solution will provide the BEST performance for the media catalog updates?

Update the application code to use an Amazon ElastiCache for Redis cluster

A Solutions Architect has logged into an Amazon EC2 Linux instance using SSH and needs to determine a few pieces of information including what IAM role is assigned, the instance ID and the names of the security groups that are assigned to the instance. From the options below, what would be the best source of this information?

Metadata

A digital media company uses an Amazon RDS MySQL instance for its content management system. Recently, the company has observed that their RDS instance is nearing its storage capacity due to the constant influx of new data. The company wants to ensure there's always sufficient storage without any operational interruption or manual intervention. Which solution should the company use to address this situation with the LEAST operational overhead?

Enable automatic storage scaling for the MySQL instance.

A security officer has requested that all data associated with a specific customer is encrypted. The data resides on Elastic Block Store (EBS) volumes. Which of the following statements about using EBS encryption are correct? (Select TWO.)

There is no direct way to change the encryption state of a volume, Data in transit between an instance and an encrypted volume is also encrypted

A data analytics company is building a high-performance application that requires concurrent writes to a shared block storage volume from multiple Amazon EC2 instances. The EC2 instances are Nitro-based and reside within the same Availability Zone. The company needs a storage solution that supports simultaneous connections to facilitate data resilience and high availability. Which solution will meet these requirements?

Use Provisioned IOPS SSD (io2) EBS volumes with Amazon EBS Multi-Attach.

An Amazon DynamoDB table has a variable load, ranging from sustained heavy usage some days, to only having small spikes on others. The load is 80% read and 20% write. The provisioned throughput capacity has been configured to account for the heavy load to ensure throttling does not occur. What would be the most efficient solution to optimize cost?

Create a DynamoDB Auto Scaling scaling policy

A company runs a web-based application that uses Amazon EC2 instances for the web front-end and Amazon RDS for the database back-end. The web application writes transaction log files to an Amazon S3 bucket and the quantity of files is becoming quite large. It is acceptable to retain the most recent 60 days of log files and permanently delete the rest. Which action can a Solutions Architect take to enable this to happen automatically?

Use an S3 lifecycle policy with object expiration configured to automatically remove objects that are more than 60 days old

A telecommunication company has an API that allows users to manage their mobile plans and services. The API experiences significant traffic spikes during specific times such as end of the month and special offer periods. The company needs to ensure low latency response time consistently to ensure a good user experience. The solution should also minimize operational overhead. Which solution would meet these requirements MOST efficiently?

Use Amazon API Gateway along with AWS Lambda functions with provisioned concurrency.

MPLE

ユーザ名非公開 · 41問 · 13日前

MPLE