AWS Certified Solutions Architect - Associate (SAA-C02) Questions And Answers 2022/2023

Document Content and Description Below

AWS Certified Solutions Architect - Associate (SAA-C02) Questions And Answers 2022/2023 A Solutions Architect is developing a document sharing application and needs a storage layer. The storage ... should provide automatic support for versioning so that users can easily roll back to a previous version or recover a deleted account. What AWS service will meet the above requirements? - Correct Answer- Amazon S3 A company is planning on using the AWS Redshift service. The Redshift service and data on it would be used continuously for the next 3 years as per the current business plan. What would be the most cost-effective solution in this scenario? - Correct AnswerConsider using Reserved Instances for the Redshift Cluster. A company is using a Redshift cluster to store their data warehouse. There is a requirement from the Internal IT Security team to encrypt data for the Redshift database. How can this be achieved? - Correct Answer- Use AWS KMS Customer Default master key. A company stores its log data in an S3 bucket. There is a current need to have search capabilities available for the data in S3. How can this be achieved in an efficient and ongoing manner? - Correct Answer- - Load the data into Amazon Elasticsearch. - Use an AWS Lambda function which gets triggered whenever data is added to the S3 bucket. You are working on creating a mobile application for your company. This application is being built to work with DynamoDB as the back end and JavaScript as the front end. During application usage, you notice that there are spikes in the application, especially in the DynamoDB area. What will provide the most cost-effective and scalable architecture for this application? - Correct Answer- Create a service that pulls SQS messages and writes these to DynamoDB to handle suddenspikes in DynamoDB. An application needs to have a messaging system in AWS. It is of the utmost importance that the order of messages is preserved and duplicate messages are not sent. What service can help fulfill this requirement? - Correct Answer- AWS SQS FIFO Which of the following is not a feature of AWS Security Token Service? - Correct Answer- STS generates Git Credentials for IAM users. An administrator runs a highly available application in AWS. A file storage layer is needed that can share between instances and scale the platform more easily. What AWS service can perform this action? - Correct Answer- Amazon EFS You are planning on hosting a web and MySQL database application in an AWS VPC. The database should only be accessible by the web server. What would you change to fulfill this requirement? - Correct Answer- Security groups You need to ensure that instances in a private subnet can access the Internet. The solution should be highly available and ensure less maintenance overhead. What would ideally fit this requirement? - Correct Answer- Use the NAT Gateway in the public subnet. Currently, you're helping design and architect a highly available application. After building the initial environment, you discover that a part of your application does not work correctly until port 443 is added to the security group. After adding port 443 to the appropriate security group, how much time will it take before the changes are applied and the application begins working correctly? - Correct Answer- Changes apply instantly to the security group, and the application should be able to respond to 443 requests. Your current setup in AWS consists of the following architecture: 2 public subnets, one subnet which has web servers accessed by users across the Internet and another subnet for the database server. What will change the architecture adds a better security boundary to the resources hosted in this setup? - Correct AnswerConsider moving the database server to a private subnet. A retailer exports data daily from its transnational databases into an S3 bucket in the Sydney region. The retailer's Data Warehousing team wants to import this data into an existing Amazon Redshift cluster in their VPC at Sydney. Corporate security policy mandates that data can only be transported within a VPC. What will satisfy the security policy? - Correct Answer- - Amazon Redshift Enhanced VPC Routing provides VPC resources, the access to Redshift. - Redshift will not be able to access the S3 VPC endpoints without enabling Enhanced VPC routing, so one option is not going to support the scenario if another is not selected. There is an application which consists of EC2 Instances behind a classic ELB. An EC2 proxy is used for content management to backend instances. The application might not be able to scale properly. What can be used to scale the proxy and backend instances appropriately? - Correct Answer- Use Auto Scaling for the proxy servers and backend instances. Continues... [Show More]

Last updated: 2 years ago

Preview 1 out of 8 pages