[Feb 12, 2022] AWS-Solutions-Associate Practice Exam Dumps - 99% Marks In Amazon Exam [Q224-Q242]

[Feb 12, 2022] AWS-Solutions-Associate Practice Exam Dumps - 99% Marks In Amazon Exam

Updated Verified AWS-Solutions-Associate Q&As - Pass Guarantee or Full Refund

Certification Path of AWS Solutions Architect Associate Exam

• Prerequisites: None
• AWS advises a minimum of one (1) year experience developing cost-effective, fault-tolerant, as well as scalable distributed systems on AWS.

Recommended:

• Experience of the use of AWS resources in computing, networking , storage and database AWS implementation and operations systems hands-on insight
• Understand the security characteristics and resources provided by AWS and its ties with conventional providers
• The ability to define which AWS programmes satisfy a particular technological needs

Understanding functional and technical aspects of AWS Solutions Architect Associate Exam

The following will be discussed in the AMAZON AWS-SOLUTIONS-ARCHITECT-ASSOCIATE exam dumps:

• An understanding of network technologies as they relate to AWS
• An understanding of the AWS global infrastructure
• An understanding of security features and tools that AWS provides and how they relate to traditional services
• Effectively demonstrate knowledge of how to architect and deploy secure and robust applications on AWS technologies
• Provide implementation guidance based on best practices to the organization throughout the life cycle of the project
• Hands-on experience using compute, networking, storage, and database AWS services
• Ability to identify and define technical requirements for an AWS-based application
• Ability to identify which AWS services meet a given technical requirement

 

NEW QUESTION 224
A three-tier web application processes orders from customers. The web tier consists of Amazon EC2 instances behind an Application Load Balancer, a middle tier of three EC2 instances decoupled from the web tier using Amazon SQS. and an Amazon DynamoDB backend At peak times customers who submit orders using the site have to wait much longer than normal to receive confirmations due to lengthy processing times A solutions architect needs to reduce these processing times Which action will be MOST effective in accomplishing this?

• A. Add an Amazon CloudFront distribution to cache the responses for the web tier.
• B. Replace the SQS queue with Amazon Kinesis Data Firehose
• C. Use Amazon ElastiCache for Redis in front of the DynamoDB backend tier
• D. Use Amazon EC2 Auto Scaling to scale out the middle tier instances based on the SQS queue depth

Answer: A

 

NEW QUESTION 225
An 1AM user made several configuration changes to AWS resources in their company's account during a production deployment last week. A solutions architect learned that a couple of security group rules are not configured as desired. The solutions architect wants to confirm which 1AM user was responsible for making changes.
Which service should the solutions architect use to find the desired information?

• A. AWS Config
• B. Amazon Inspector
• C. Amazon GuardDuty
• D. AWS CloudTrail

Answer: C

 

NEW QUESTION 226
As part of securing an API layer built on Amazon API gateway, a Solutions Architect has to authorize users who are currently authenticated by an existing identity provider. The users must be denied access for a period of one hour after three unsuccessful attempts.
How can the Solutions Architect meet these requirements?

• A. Use Amazon Cognito user pools to provide built-in user management.
• B. Use an API Gateway custom authorizer to invoke an AWS Lambda function to validate each user's identity.
• C. Use AWS 1AM authorization and add least-privileged permissions to each respective
  1AM role.
• D. Use Amazon Cognito user pools to integrate with external identity providers.

Answer: B

Explanation:
Explanation
https://aws.amazon.com/blogs/compute/introducing-custom-authorizers-in-amazon-api-gateway/ Today Amazon API Gateway is launching custom request authorizers. With custom request authorizers, developers can authorize their APIs using bearer token authorization strategies, such as OAuth using an AWS Lambda function. For each incoming request, API Gateway verifies whether a custom authorizer is configured, and if so, API Gateway calls the Lambda function with the authorization token. You can use Lambda to implement various authorization strategies (e.g., JWT verification, OAuth provider callout).
Custom authorizers must return AWS Identity and Access Management (IAM) policies. These policies are used to authorize the request. If the policy returned by the authorizer is valid, API Gateway caches the returned policy associated with the incoming token for up to 1 hour so that your Lambda function doesn't need to be invoked again.

 

NEW QUESTION 227
A media company asked a Solutions Architect to design a highly available storage solution to serve as a centralized document store for their Amazon EC2 instances. The storage solution needs to be POSIX-compliant, scale dynamically, and be able to serve up to 100 concurrent EC2 instances.
Which solution meets these requirements?

• A. Create an Amazon S3 bucket and store all of the documents in this bucket.
• B. Create an Amazon Elastic File System (Amazon EFS) to store and share the documents.
• C. Use Amazon Glacier to store all of the documents.
• D. Create an Amazon EBS volume and allow multiple users to mount that volume to their EC2 instance (s).

Answer: B

Explanation:
https://aws.amazon.com/efs/enterprise-applications/

 

NEW QUESTION 228
A solutions architect is designing a multi-tier application for a company. The application's users upload images from a mobile device. The application generates a thumbnail of each image and returns a message to the user to confirm that the image was uploaded successfully.
The thumbnail generation can take up to 60 seconds, but the company wants to provide a faster response time to its users to notify them that the original image was received. The solutions architect must design the application to asynchronously dispatch requests to the different application tiers.
What should the solutions architect do to meet these requirements?

• A. Create Amazon Simple Notification Service (Amazon SNS) notification topics and subscriptions Use one subscription with the application to generate the thumbnail after the image upload is complete. Use a second subscription to message the user's mobile app by way of a push notification after thumbnail generation is complete.
• B. Create an AWS Step Functions workflow Configure Step Functions to handle the orchestration between the application tiers and alert the user when thumbnail generation is complete
• C. Write a custom AWS Lambda function to generate the thumbnail and alert the user. Use the image upload process as an event source to invoke the Lambda function.
• D. Create an Amazon Simple Queue Service (Amazon SQS) message queue. As images are uploaded, place a message on the SQS queue for thumbnail generation. Alert the user through an application message that the image was received

Answer: C

 

NEW QUESTION 229
Your department creates regular analytics reports from your company's log files All log data is collected in Amazon S3 and processed by daily Amazon Elastic MapReduce (EMR) jobs that generate daily PDF reports and aggregated tables in CSV format for an Amazon Redshift data warehouse.
Your CFO requests that you optimize the cost structure for this system.
Which of the following alternatives will lower costs without compromising average performance of the system or data integrity for the raw data?

• A. Use reduced redundancy storage (RRS) for all data In S3. Use a combination of Spot Instances and Reserved Instances for Amazon EMR jobs. Use Reserved Instances for Amazon Redshift.
• B. Use reduced redundancy storage (RRS) for PDF and .csv data in S3. Add Spot Instances to EMR jobs.
  Use Spot Instances for Amazon Redshift.
• C. Use reduced redundancy storage (RRS) for all data in Amazon S3. Add Spot Instances to Amazon EMR jobs. Use Reserved Instances for Amazon Redshift.
• D. Use reduced redundancy storage (RRS) for PDF and .csv data In Amazon S3. Add Spot Instances to Amazon EMR jobs. Use Reserved Instances for Amazon Redshift.

Answer: D

Explanation:
Using Reduced Redundancy Storage Amazon S3 stores objects according to their storage class. It assigns the storage class to an object when it is written to Amazon S3. You can assign objects a specific storage class (standard or reduced redundancy) only when you write the objects to an Amazon S3 bucket or when you copy objects that are already stored in Amazon S3. Standard is the default storage class. For information about storage classes, see Object Key and Metadata.
In order to reduce storage costs, you can use reduced redundancy storage for noncritical, reproducible data at lower levels of redundancy than Amazon S3 provides with standard storage. The lower level of redundancy results in less durability and availability, but in many cases, the lower costs can make reduced redundancy storage an acceptable storage solution. For example, it can be a cost-effective solution for sharing media content that is durably stored elsewhere. It can also make sense if you are storing thumbnails and other resized images that can be easily reproduced from an original image.
Reduced redundancy storage is designed to provide 99.99% durability of objects over a given year. This durability level corresponds to an average annual expected loss of 0.01% of objects. For example, if you store
10,000 objects using the RRS option, you can, on average, expect to incur an annual loss of a single object per year (0.01% of 10,000 objects).
Note:
This annual loss represents an expected average and does not guarantee the loss of less than 0.01% of objects in a given year.
Reduced redundancy storage stores objects on multiple devices across multiple facilities, providing 400 times the durability of a typical disk drive, but it does not replicate objects as many times as Amazon S3 standard storage. In addition, reduced redundancy storage is designed to sustain the loss of data in a single facility.
If an object in reduced redundancy storage has been lost, Amazon S3 will return a 405 error on requests made to that object. Amazon S3 also offers notifications for reduced redundancy storage object loss: you can configure your bucket so that when Amazon S3 detects the loss of an RRS object, a notification will be sent through Amazon Simple Notification Service (Amazon SNS). You can then replace the lost object. To enable notifications, you can use the Amazon S3 console to set the Notifications property of your bucket.

 

NEW QUESTION 230
How can the domain's zone apex, for example, "myzoneapexdomain.com", be pointed towards an Elastic Load Balancer?

• A. By using an AAAA record
• B. By using an Amazon Route 53 CNAME record
• C. By using an A record
• D. By using an Amazon Route 53 Alias record

Answer: A

 

NEW QUESTION 231
A customer is migrating to AWS and requires applications to access Network File System shares without code changes. Data is critical and accessed frequently.
Which storage solution should a Solutions Architect recommend to maximize availability and durability?

• A. AWS Storage Gateway for files
• B. Amazon EFS
• C. Amazon S3
• D. Amazon EBS

Answer: B

 

NEW QUESTION 232
A company recently launched a new service that involves medical images The company scans the images and sends them from its on-premises data center through an AWS Direct Connect connection to Amazon EC2 instances After processing is complete, the images are stored in an Amazon S3 bucket A company requirement states that the EC2 instances cannot be accessible through the internet The EC2 instances run in a private subnet, which has a default route back to the on-premises data center for outbound internet access Usage of the new service is increasing rapidly A solutions architect must recommend a solution that meets the company's requirements and reduces the Direct Connect charges.
Which solution accomplishes these goals MOST cost-effectively?

• A. Configure Amazon S3 as a file system mount point on the EC2 instances Access Amazon S3 through the mount
• B. Move the EC2 instances into a public subnet Configure the public subnet route table to point to an internet gateway
• C. Configure a NAT gateway in a public subnet Configure the private subnet's route table to use the NAT gateway
• D. Configure a VPC endpoint for Amazon S3 Add an entry to the private subnet's route table for the S3 endpoint

Answer: C

 

NEW QUESTION 233
A company plans to deploy a new application in AWS that reads and write information to dataset. The company wants to deploy the application in two different AWS Regions in an active-active configuration. The database need to replicate to keep information in sync.
What should be uses to meet these requirements?

• A. Amazon Athena with Amazon S3 cross-region replication
• B. Amazon RDS PostgreSQL with a cross-region Read Replica
• C. AWS Database Migration Service with change data capture
• D. Amazon DynamoDB with global tables

Answer: C

 

NEW QUESTION 234
A 3-tier e-commerce web application is current deployed on-premises and will be migrated to AWS for greater scalability and elasticity The web server currently shares read-only data using a network distributed file system The app server tier uses a clustering mechanism for discovery and shared session state that depends on IP multicast The database tier uses shared-storage clustering to provide database fall over capability, and uses several read slaves for scaling Data on all servers and the distributed file system directory is backed up weekly to off-site tapes
Which AWS storage and database architecture meets the requirements of the application?

• A. Web servers, store read-only data in an EC2 NFS server, mount to each web server at boot time App servers share state using a combination of DynamoDB and IP multicast Database use RDS with multl-AZ deployment and one or more Read Replicas Backup web and app servers backed up weekly via Mils database backed up via DB snapshots
• B. Web servers store read-only data In S3 and copy from S3 to root volume at boot time App servers share state using a combination of DynamoDB and IP unicast Database use RDS with multi-AZ deployment Backup web and app servers backed up weekly via AM is. database backed up via DB snapshots
• C. Web servers, store read-only data in S3, and copy from S3 to root volume at boot time App servers snare state using a combination or DynamoDB and IP unicast Database use RDS with multi-AZ deployment and one or more Read Replicas Backup web and app servers backed up weekly via Mils database backed up via DB snapshots.
• D. Web servers store -read-only data in S3, and copy from S3 to root volume at boot time App servers share state using a combination of DynamoDB and IP unicast Database, use RDS with multi-AZ deployment and one or more read replicas Backup web servers app servers, and database backed up weekly to Glacier using snapshots.

Answer: C

 

NEW QUESTION 235
A company runs an on-premises application The company is planning to move the application to containers by using Kubernetes The company wants to migrate the application to AWS to reduce the overhead of container infrastructure management A solutions architect must configure the environment to allow deployment of the company's own custom Amazon Machine Image (AMI) to nodes Which solution will meet these requirements with the LEAST operational overhead'?

• A. Use Amazon Elastic Kubernetes Service (Amazon EKS) with self-managed worker nodes Store container images in an image repository that runs on Amazon EC2
• B. Use AWS Fargate on Amazon Elastic Kubernetes Service (Amazon EKS) Store container images in Amazon Elastic Container Registry (Amazon ECR).
• C. Use Amazon Elastic Kubernetes Service (Amazon EKS) with managed worker nodes Store container images in Amazon Elastic Container Registry (Amazon ECR)
• D. Provision a Kubernetes cluster on Amazon EC2 Store container images in Docker Hub

Answer: D

 

NEW QUESTION 236
A company has an application that generates reports and stores them in an Amazon bucket Amazon S3 bucket. When a user accesses their report, the application generates a signed URL to allow the user to download the report. The company's security team has discovered that the files are public and that anyone can download them without authentication. The company has suspended the generation of new reports until the problem is resolved.
Which set of action will immediately remediate the security issue without impacting the application's normal workflow?

• A. Use the Block Public Access feature in Amazon S3 to set the IgnorePublicAcis option to TRUE on the bucket.
• B. Create an AWS Lambda function that applies all policy for users who are not authenticated. Create a scheduled event to invoke the Lambda function.
• C. Run a script that puts a Private ACL on all of the object in the bucket.
• D. Review the AWS Trusted advisor bucket permissions check and implement the recommend actions.

Answer: D

 

NEW QUESTION 237
An application runs on EC2 instances behind an Elastic Load Balancing Application Load Balancer. The instances run in an EC2 Auto Scaling group across multiple Availability Zones. The application provides a RESTful interface with both synchronous and asynchronous operations. The asynchronous operations requireup to 5 minutes to complete. Although the application must remain available at all times, after business hours, the traffic going to the application is greatly reduced and often results in the Auto Scaling group running the minimum number of On-Demand Instances.
What should the Solutions Architect recommend to optimize the cost of the environment after business hours?

• A. Change the Availability Zones in which the instances were created to another Availability Zone in the same region with a lower cost.
• B. Purchase Reserved Instances for the minimum number of Auto Scaling instances.
• C. Replace all On-Demand Instances with Spot Instances in the Auto Scaling group.
• D. Reduce the number of minimum instances to 0. New requests to the Application Load Balancer create new instances.

Answer: C

 

NEW QUESTION 238
A customer wants to leverage Amazon Simple Storage Service (S3) and Amazon Glacier as part of their backup and archive infrastructure. The customer plans to use third-party software to support this integration.
Which approach will limit the access of the third party software to only the Amazon S3bucket named
"company-backup"?

• A. A custom IAM user policy limited to the Amazon S3 API for the Amazon Glacier archive company-backup
• B. A custom IAM user policy limited to the Amazon S3 API in company-backup
• C. A custom bucket policy limited to the Amazon S3 API in company-backup
• D. A custom bucket policy limited to the Amazon S3 API in the Amazon Glacier archive company-backup

Answer: D

 

NEW QUESTION 239
How can software determine the public and private IP addresses of the Amazon EC2 instance that it is running on?

• A. Query the local instance metadata
• B. Query the appropriate Amazon CloudWatch metric
• C. Query the local instance userdata
• D. Use ipconfig or ifconfig command

Answer: A

 

NEW QUESTION 240
Amazon RDS automated backups and DB Snapshots are currently supported for only the __________ storage engine

• A. InnoDB
• B. MyISAM

Answer: A

 

NEW QUESTION 241
A company has multiple AWS accounts, for various departments. One of the departments wants to share an Amazon S3 bucket with all other department.
Which solution will require the LEAST amount of effort?

• A. Enable cross-account S3 replication for the bucket
• B. Set the S3 bucket policy to allow cross-account access to other departments
• C. Create a pre signed URL tor the bucket and share it with other departments
• D. Create IAM users for each of the departments and configure a read-only IAM policy

Answer: D

 

NEW QUESTION 242
......

AWS-Solutions-Associate Real Valid Brain Dumps With 501 Questions: https://lead2pass.pdfbraindumps.com/AWS-Solutions-Associate_valid-braindumps.html