AWS Certified Solutions Architect – Associate 2022 Complete Solution

AWS Certified Solutions Architect – Associate 2022 Complete Solution Amazon Glacier is designed for: (Choose 2 answers) A. active database storage. B. infrequently accessed data. C. data archives. D. frequently acc ...

AWS Certified Solutions Architect – Associate 2022 Complete Solution Amazon Glacier is designed for: (Choose 2 answers) A. active database storage. B. infrequently accessed data. C. data archives. D. frequently accessed data. E. cached session data. - Correct Answer- B. infrequently accessed data. C. data archives. Your web application front end consists of multiple EC2 instances behind an Elastic Load Balancer. You configured ELB to perform health checks on these EC2 instances. If an instance fails to pass health checks, which statement will be true? A. The instance is replaced automatically by the ELB. B. The instance gets terminated automatically by the ELB. C. The ELB stops sending traffic to the instance that failed its health check. D. The instance gets quarantined by the ELB for root cause analysis. - Correct Answer- C. The ELB stops sending traffic to the instance that failed its health check. You are building a system to distribute confidential training videos to employees. Using CloudFront, what method could be used to serve content that is stored in S3, but not publicly accessible from S3 directly? A. Create an Origin Access Identity (OAI) for CloudFront and grant access to the objects in your S3 bucket to that OAI. B. Add the CloudFront account security group "amazon-cf/amazon-cf-sg" to the appropriate S3 bucket policy. C. Create an Identity and Access Management (IAM) User for CloudFront and grant access to the objects in your S3 bucket to that IAM User. D. Create a S3 bucket policy that lists the CloudFront distribution ID as the Principal and the target bucket as the Amazon Resource Name (ARN). - Correct Answer- A. Create an Origin Access Identity (OAI) for CloudFront and grant access to the objects in your S3 bucket to that OAI. Which of the following will occur when an EC2 instance in a VPC with an associated Elastic IP is stopped and started? (Choose 2 answers) A. The Elastic IP will be dissociated from the instance B. All data on instance-store devices will be lost C. All data on EBS (Elastic Block Store) devices will be lost D. The ENI (Elastic Network Interface) is detached E. The underlying host for the instance is changed - Correct Answer- B. All data on instance-store devices will be lost E. The underlying host for the instance is changed In the basic monitoring package for EC2, Amazon CloudWatch provides the following metrics: A. web server visible metrics such as number failed transaction requests B. operating system visible metrics such as memory utilization C. database visible metrics such as number of connections D. hypervisor visible metrics such as CPU utilization - Correct Answer- D. hypervisor visible metrics such as CPU utilization, disk I/O, network I/O Which is an operational process performed by AWS for data security? A. AES-256 encryption of data stored on any shared storage device B. Decommissioning of storage devices using industry-standard practices C. Background virus scans of EBS volumes and EBS snapshots D. Replication of data across multiple AWS Regions E. Secure wiping of EBS data when an EBS volume is unmounted - Correct AnswerB. Decommissioning of storage devices using industry-standard practices You have been tasked with creating a VPC network topology for your company. The VPC network must support both Internet-facing applications and internally-facing applications accessed only over VPN. Both Internet-facing and internally-facing applications must be able to leverage at least three AZs for high availability. At a minimum, how many subnets must you create within your VPC to accommodate these requirements? A. 2 B. 3 C. 4 D. 6 - Correct Answer- D. 6 You receive a Spot Instance at a bid of $0.05/hr. After 30 minutes, the Spot Price increases to $0.06/hr and your Spot Instance is terminated by AWS. What was the total EC2 compute cost of running your Spot Instance? A. $0.00 B. $0.02 C. $0.03 D. $0.05 E. $0.06 - Correct Answer- A. $0.00 You are developing a highly available web application using stateless web servers. Which services are suitable for storing session state data? Choose 3 answers A. Amazon CloudWatch B. Amazon Relational Database Service (RDS) C. Elastic Load Balancing D. Amazon ElastiCache E. AWS Storage Gateway F. Amazon DynamoDB - Correct Answer- B. Amazon Relational Database Service (RDS) D. Amazon ElastiCache F. Amazon DynamoDB You have a business-critical two-tier web app currently deployed in two AZs in a single region, using Elastic Load Balancing and Auto Scaling. The app depends on synchronous replication (very low latency connectivity) at the database layer. The application needs to remain fully available even if one application AZ goes off-line, and Auto Scaling cannot launch new instances in the remaining Availability Zones. How can the current architecture be enhanced to ensure this? A. Deploy in two regions using Weighted Round Robin (WRR), with Auto Scaling minimums set for 50 percent peak load per Region. B. Deploy in two regions using Weighted Round Robin (WRR), with Auto Scaling minimums set for 100 percent peak load per region. C. Deploy in three Availability Zones, with Auto Scaling minimum set to handle 50 percent peak load per zone. D. Deploy in three Availability Zones, with Auto Scaling minimum set to handle 33 percent peak load per zone. - Correct Answer- C. Deploy in three Availability Zones, with Auto Scaling minimum set to handle 50 percent peak load per zone. You are deploying an application on EC2 that must call AWS APIs. What method of securely passing credentials to the application should you use? A. Use AWS Identity and Access Management roles for EC2 instances. B. Pass API credentials to the instance using instance userdata. C. Embed the API credentials into your JAR files. D. Store API credentials as an object in Amazon Simple Storage Service. - Correct Answer- A. Use AWS Identity and Access Management roles for EC2 instances. Which route must be added to your routing table in order to allow connections to the Internet from your subnet? A. Destination: 0.0.0.0/0 --> Target: your Internet gateway B. Destination: 192.168.1.257/0 --> Target: your Internet gateway C. Destination: 0.0.0.0/33 --> Target: your virtual private gateway D. Destination: 0.0.0.0/0 --> Target: 0.0.0.0/24 E. Destination: 10.0.0.0/32 --> Target: your virtual private gateway - Correct AnswerA. Destination: 0.0.0.0/0 --> Target: your Internet gateway A customer's nightly EMR job processes a single 2-TB data file stored on Amazon Simple Storage Service (S3). The EMR job runs on two On-Demand core nodes and three On-Demand task nodes. Which of the following may help reduce the EMR job completion time? CONTINUES....