21 October, 2020

All About Pinpoint SAP-C01 Free Practice Test

Our pass rate is high to 98.9% and the similarity percentage between our SAP-C01 study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the Amazon-Web-Services SAP-C01 exam in just one try? I am currently studying for the Amazon-Web-Services SAP-C01 exam. Latest Amazon-Web-Services SAP-C01 Test exam practice questions and answers, Try Amazon-Web-Services SAP-C01 Brain Dumps First.

Free demo questions for Amazon-Web-Services SAP-C01 Exam Dumps Below:

Page: 1 / 14

Total 179 questions Full Exam Access

Question 1

During a security audit of a Service team's application a Solutions Architect discovers that a username and password tor an Amazon RDS database and a set of AWSIAM user credentials can be viewed in the AWS Lambda function code. The Lambda function uses the username and password to run queries on the database and it uses the I AM credentials to call AWS services in a separate management account.
The Solutions Architect is concerned that the credentials could grant inappropriate access to anyone who can view the Lambda code The management account and the Service team's account are in separate AWS Organizations organizational units (OUs)
Which combination of changes should the Solutions Architect make to improve the solution's security? (Select TWO)

Configure Lambda to assume a tole in the management account with appropriate access to AWS

Configure Lambda to use the stored database credentials in AWS Secrets Manager and enable automatic rotation

Create a Lambda function to rotate the credentials every hour by deploying a new Lambda version with the updated credentials

Use an SCP on the management accounts OU to prevent IAM users from accessing resources m the Service team\'s account

Enable AWS Shield Advanced on the management account to shield sensitive resources from unauthorized IAM access

Question 2

A company is running a web application with On-Demand Amazon EC2 instances in Auto Scaling groups that scale dynamically based on custom metrics After extensive testing the company determines that the m5 2xlarge instance size is optimal for the workload Application data is stored in db r4 4xlarge Amazon RDS instances that are confirmed to be optimal The traffic to the web application spikes randomly during the day
What other cost-optimization methods should the company implement to further reduce costs without impacting the reliability of the application?

Double the instance count in the Auto Scaling groups and reduce the instance size to m5 large

Reserve capacity for the RDS database and the minimum number of EC2 instances that are constantly running

Reduce the RDS instance size to db r4 xlarge and add five equivalents sized read replicas to provide reliability

Reserve capacity for all EC2 instances and leverage Spot Instance pricing for the RDS database

Question 3

A company has an Amazon VPC that is divided into a public subnet and a private subnet A web application runs in Amazon VPC, and each subnet has its own NACL The public subnet has a CIDR of 10.0.0.0/24. An Application Load Balancer is deployed to the public subnet. The private subnet has a CIDR of 10.0.1.0/24. Amazon EC2 instances that run a web server on port 80 are launched into the private subnet.
Only network traffic that is required for the Application Load Balancer to access the web application can be allowed to travel between the public and private subnets
What collection of rules should be written to ensure that the private subnet's NACL meets the requirement? (Select TWO.)

An inbound rule for port 80 from source 0.0.0 0/0

An inbound rule for port 80 from source 10.0.0.0/24

An outbound rule for port 80 to destination 0.0.0.0/0

An outbound rule for port 80 to destination 10.0.0.0/24

An outbound rule for ports 1024 through 65535 to destination 10.0.0.0/24

Question 5

A Solutions Architect is working with a company that is extremely sensitive to its IT costs and wishes to implement controls that will result in a predictable AWS spend each month.
Which combination of steps can help the company control and monitor its monthly AWS usage to achieve a cost that is as close as possible to the target amount? (Choose three.)

Implement an IAM policy that requires users to specify a ‘workload’ tag for cost allocation when launching Amazon EC2 instances.

Contact AWS Support and ask that they apply limits to the account so that users are not able to launch more than a certain number of instance types.

Purchase all upfront Reserved Instances that cover 100% of the account’s expected Amazon EC2 usage.

Place conditions in the users’ IAM policies that limit the number of instances they are able to launch.

Define ‘workload’ as a cost allocation tag in the AWS Billing and Cost Management console.

Set up AWS Budgets to alert and notify when a given workload is expected to exceed a defined cost.

Question 6

A large global company wants to migrate a stateless mission-critical application to AWS. The application is based on IBM WebSphere (application and integration middleware), IBM MQ (messaging middleware), and IBM DB2 (database software) on a z/OS operating system.
How should the Solutions Architect migrate the application to AWS?

Re-host WebSphere-based applications on Amazon EC2 behind a load balancer with Auto Scaling.Re-platform the IBM MQ to an Amazon EC2-based M

Re-platform the z/OS-based DB2 to Amazon RDS DB2.

Re-host WebSphere-based applications on Amazon EC2 behind a load balancer with Auto Scaling.Re-platform the IBM MQ to an Amazon M

Re-platform z/OS-based DB2 to Amazon EC2-based DB2.

Orchestrate and deploy the application by using AWS Elastic Beanstal

Re-platform the IBM MQ to Amazon SQ

Re-platform z/OS-based DB2 to Amazon RDS DB2.

Use the AWS Server Migration Service to migrate the IBM WebSphere and IBM DB2 to an Amazon EC2-based solutio

Re-platform the IBM MQ to an Amazon MQ.

Question 7

A Solutions Architect is designing the storage layer for a data warehousing application. The data files are large, but they have statically placed metadata at the beginning of each file that describes the size and placement of the file’s index. The data files are read in by a fleet of Amazon EC2 instances that store the index size, index location, and other category information about the data file in a database. That database is used by Amazon EMR to group files together for deeper analysis.
What would be the MOST cost-effective, high availability storage solution for this workflow?

Store the data files in Amazon S3 and use Range GET for each file’s metadata, then index the relevant data.

Store the data files in Amazon EFS mounted by the EC2 fleet and EMR nodes.

Store the data files on Amazon EBS volumes and allow the EC2 fleet and EMR to mount and unmount the volumes where they are needed.

Store the content of the data files in Amazon DynamoDB tables with the metadata, index, and data as their own keys.

Question 8

An organization has a write-intensive mobile application that uses Amazon API Gateway, AWS Lambda, and Amazon DynamoDB. The application has scaled well, however, costs have increased exponentially because of higher than anticipated Lambda costs. The application’s use is unpredictable, but there has been a steady 20% increase in utilization every month.
While monitoring the current Lambda functions, the Solutions Architect notices that the execution-time averages 4.5 minutes. Most of the wait time is the result of a high-latency network call to a 3-TB MySQL database server that is on-premises. A VPN is used to connect to the VPC, so the Lambda functions have been configured with a five-minute timeout.
How can the Solutions Architect reduce the cost of the current architecture?

Replace the VPN with AWS Direct Connect to reduce the network latency to the on-premises MySQL database.Enable local caching in the mobile application to reduce the Lambda function invocation calls.Monitor the Lambda function performance; gradually adjust the timeout and memory properties to lower values while maintaining an acceptable execution time.Offload the frequently accessed records from DynamoDB to Amazon ElastiCache.

Replace the VPN with AWS Direct Connect to reduce the network latency to the on-premises MySQL database.Cache the API Gateway results to Amazon CloudFront.Use Amazon EC2 Reserved Instances instead of Lambda.Enable Auto Scaling on EC2, and use Spot Instances during peak times.Enable DynamoDB Auto Scaling to manage target utilization.

Migrate the MySQL database server into a Multi-AZ Amazon RDS for MySQL.Enable caching of the Amazon API Gateway results in Amazon CloudFront to reduce the number of Lambda function invocations.Monitor the Lambda function performance; gradually adjust the timeout and memory properties to lower values while maintaining an acceptable execution time.Enable DynamoDB Accelerator for frequently accessed records, and enable the DynamoDB Auto Scaling feature.

Migrate the MySQL database server into a Multi-AZ Amazon RDS for MySQL.Enable API caching on API Gateway to reduce the number of Lambda function invocations.Continue to monitor the AWS Lambda function performance; gradually adjust the timeout and memory properties to lower values while maintaining an acceptable execution time.Enable Auto Scaling in DynamoDB.

Question 9

A company collects a steady stream of 10 million data records from 100,000 sources each day. These records are written to an Amazon RDS MySQL DB. A query must produce the daily average of a data source over the past 30 days. There are twice as many reads as writes. Queries to the collected data are for one source ID at a time.
How can the Solutions Architect improve the reliability and cost effectiveness of this solution?

Use Amazon Aurora with MySQL in a Multi-AZ mod

Use four additional read replicas.

Use Amazon DynamoDB with the source ID as the partition key and the timestamp as the sort ke

Use a Time to Live (TTL) to delete data after 30 days.

Use Amazon DynamoDB with the source ID as the partition ke

Use a different table each day.

Ingest data into Amazon Kinesis using a retention period of 30 day

Use AWS Lambda to write data records to Amazon ElastiCache for read access.

Question 10

A company uses Amazon S3 to store documents that may only be accessible to an Amazon EC2 instance in a certain virtual private cloud (VPC). The company fears that a malicious insider with access to this instance could also set up an EC2 instance in another VPC to access these documents.
Which of the following solutions will provide the required protection?

Use an S3 VPC endpoint and an S3 bucket policy to limit access to this VPC endpoint.

Use EC2 instance profiles and an S3 bucket policy to limit access to the role attached to the instance profile.

Use S3 client-side encryption and store the key in the instance metadata.

Use S3 server-side encryption and protect the key with an encryption context.

Question 11

A company is migrating an application to AWS. It wants to use fully managed services as much as possible during the migration. The company needs to store large, important documents within the application with the following requirements:
SAP-C01 dumps exhibit

The data must be highly durable and available.
SAP-C01 dumps exhibit

The data must always be encrypted at rest and in transit.
SAP-C01 dumps exhibit

The encryption key must be managed by the company and rotated periodically. Which of the following solutions should the Solutions Architect recommend?

Deploy the storage gateway to AWS in file gateway mod

Use Amazon EBS volume encryption using an AWS KMS key to encrypt the storage gateway volumes.

Use Amazon S3 with a bucket policy to enforce HTTPS for connections to the bucket and to enforce server-side encryption and AWS KMS for object encryption.

Use Amazon DynamoDB with SSL to connect to DynamoD

Use an AWS KMS key to encrypt DynamoDB objects at rest.

Deploy instances with Amazon EBS volumes attached to store this dat

Use EBS volume encryption using an AWS KMS key to encrypt the data.

Question 12

A Solutions Architect is building a containerized NET Core application that will run in AWS Fargate The backend of the application requires Microsoft SQL Server with high availability All tiers of the application must be highly available The credentials used for the connection string to SQL Server should not be stored on disk within the .NET Core front-end containers.
Which strategies should the Solutions Architect use to meet these requirements'?

Set up SQL Server to run in Fargate with Service Auto Scaling Create an Amazon ECS task execution role that allows the Fargate task definition to get the secret value for the credentials to SQL Server running in Fargate Specify the ARN of the secret in AWS Secrets Manager m the secrets section of the Fargate task definition so the sensitive data can be injected into the containers as environment variables on startup for reading into the application to construct the connection string Set up the NET Core service using Service Auto Scaling behind an Application Load Balancer in multiple Availability Zones

Create a Multi-AZ deployment of SQL Server on Amazon RDS Create a secret in AWS Secrets Manager for the credentials to the RDS database Create an Amazon ECS task execution role that allows the Fargate task definition to get the secret value for the credentials to the RDS database in Secrets Manager Specify the ARN of the secret in Secrets Manager in the secrets section of the Fargate task definition so the sensitive data can be injected into the containers as environment variables on startup for reading into the application to construct the connection string Set up the NET Core service m Fargate using Service Auto Scalina behind an Application Load Balancer in multiple Availability Zones.

Create an Auto Scaling group to run SQL Server on Amazon EC2 Create a secret in AWS Secrets Manager for the credentials to SQL Server running on EC2 Create an Amazon ECS task execution role that allows the Fargate task definition to get the secret value for the credentials to SQL Server on EC2 Specify the ARN of the secret in Secrets Manager In the secrets section of the Fargate task definition sothe sensitive data can be injected into the containers as environment variables on startup for reading into the application to construct the connection string Set up the NET Core service using Service Auto Scaling behind an Application Load Balancer in multiple Availabilitv Zones.

Create a Multi-AZ deployment of SQL Server on Amazon RDS Create a secret in AWS Secrets Manager for the credentials to the RDS database Create non-persistent empty storage for the NET Core containers in the Fargate task definition to store the sensitive information Create an Amazon ECS task execution role that allows the Fargate task definition to get the secret value for the credentials to the RDS database in Secrets Manager Specify the ARN of the secret in Secrets Manager in the secrets section of the Fargate task definition so the sensitive data can be written to the non-persistent empty storage on startup for reading into the application to construct the connection.

Question 13

A Solutions Architect is designing a network solution for a company that has applications running in a data center in Northern Virginia. The applications in the company’s data center require predictable performance to applications running in a virtual private cloud (VPC) located in us-east-1, and a secondary VPC in us-west-2 within the same account. The company data center is collocated in an AWS Direct Connect facility that serves the us-est-1 region. The company has already ordered an AWS Direct Connect connection and a cross-connect has been established.
Which solution will meet the requirements at the LOWEST cost?

Provision a Direct Connect gateway and attach the virtual private (VGW) for the VPC in us-east-1 and the VGW for the VPC in us-west-2. Create a private VIF on the Direct Connect connection and associate it to the Direct Connect gateway.

Create private VIFs on the Direct Connect connection for each of the company’s VPCs in the us-est-1 and us-west-2 region

Configure the company’s data center router to connect directly with the VPCs in those regions via the private VIFs.

Deploy a transit VPC solution using Amazon EC2-based router instances in the us-east-1 region.Establish IPsec VPN tunnels between the transit routers and virtual private gateways (VGWs) located in the us-east-1 and us-west-2 regions, which are attached to the company’s VPCs in those region

Create a public VIF on the Direct Connect connection and establish IPsec VPN tunnels over the public VIF between the transit routers and the company’s data center router.

Order a second Direct Connect connection to a Direct Connect facility with connectivity to theus-west-2 regio

Work with partner to establish a network extension link over dark fiber from the Direct Connect facility to the company’s data cente

Establish private VIFs on the Direct Connect connections for each of the company’s VPCs in the respective region

Configure the company’s data center router to connect directly with the VPCs in those regions via the private VIFs.

Question 15

A company deployed a three-tier web application in two regions: us-east-1 and eu-west-1. The application must be active in both regions at the same time. The database tier of the application uses a single Amazon RDS Aurora database globally, with a master in us-east-1 and a read replica in eu-west-1. Both regions are connected by a VPN.
The company wants to ensure that the application remains available even in the event of a region-level failure of all of the application’s components. It is acceptable for the application to be in read-only mode for up to 1 hour. The company plans to configure two Amazon Route 53 record sets, one for each of the regions.
How should the company complete the configuration to meet its requirements while providing the lowest latency for the application end-users? (Choose two.)

Use failover routing and configure the us-east-1 record set as primary and the eu-west-1 record set as secondar

Configure an HTTP health check for the web application in us-east-1, and associate it to the us-east-1 record set.

Use weighted routing and configure each record set with a weight of 50. Configure an HTTP health check for each region, and attach it to the record set for that region.

Use latency-based routing for both record set

Configure a health check for each region and attach it to the record set for that region.

Configure an Amazon CloudWatch alarm for the health checks in us-east-1, and have it invoke an AWS Lambda function that promotes the read replica in eu-west-1.

Configure an Amazon RDS event notifications to react to the failure of the database in us-east-1 by invoking an AWS Lambda function that promotes the read replica in eu-west-1.

Question 16

A company is running an email application across multiple AWS Regions. The company uses Ohio (us-east-2) as the primary Region and Northern Virginia (us-east-1) as the Disaster Recovery (DR) Region. The data is continuously replicated from the primary Region to the DR Region by a single instance on the public subnet in both Regions. The replication messages between the Regions have a significant backlog during certain times of the day. The backlog clears on its own after a short time, but it affects the application’s RPO.
Which of the following solutions should help remediate this performance problem? (Select TWO)

Increase the size of the instances.

Have the instance in the primary Region write the data to an Amazon SQS queue in the primary Region instead, and have the instance in the DR Region poll from this queue.

Use multiple instances on the primary and DR Regions to send and receive the replication data.

Change the DR Region to Oregon (us-west-2) instead of the current DR Region.

Attach an additional elastic network interface to each of the instances in both Regions and set up load balancing between the network interfaces.

Question 17

A company needs to run a software package that has a license that must be run on the same physical host for the duration of its use. The software package is only going to be used for 90 days. The company requires patching and restarting of all instances every 30 days.
How can these requirements be met using AWS?

Run a dedicated instance with auto-placement disabled.

Run the instance on a dedicated host with Host Affinity set to Host.

Run an On-Demand instance with a Reserved Instance to ensure consistent placement.

Run the instance on a licensed host with termination set for 90 days.

Question 18

A company has several teams, and each team has their own Amazon RDS database that totals 100 TB The company is building a data query platform for Business Intelligence Analysts to generate a weekly business report The new system must run ad-hoc SQL queries
What is the MOST cost-effective solution?

Create a new Amazon Redshift cluster Create an AWS Glue ETL job to copy data from the RDS databases to the Amazon Redshift cluster Use Amazon Redshift to run the query

Create an Amazon EMR cluster with enough core nodes Run an Apache Spark job to copy data from the RDS databases to an Hadoop Distributed File System (HDFS) Use a local Apache Hive metastore to maintain the table definition Use Spark SQL to run the query

Use an AWS Glue ETL job to copy all the RDS databases to a single Amazon Aurora PostgreSQL database Run SQL queries on the Aurora PostgreSQL database

Use an AWS Glue crawler to crawl all the databases and create tables in the AWS Glue Data Catalog Use an AWS Glue ETL Job to load data from the RDS databases to Amazon S3, and use Amazon Athena to run the queries.

Question 22

A company has a serverless application comprised of Amazon CloudFront, Amazon API Gateway, and AWS Lambda functions. The current deployment process of the application code is to create a new version number of the Lambda function and run an AWS CLI script to update. If the new function version has errors, another CLI script reverts by deploying the previous working version of the function. The company would like to decrease the time to deploy new versions of the application logic provided by the Lambda functions, and also reduce the time to detect and revert when errors are identified.
How can this be accomplished?

Create and deploy nested AWS CloudFormation stacks with the parent stack consisting of the AWS CloudFront distribution and API Gateway, and the child stack containing the Lambda functio

For changes to Lambda, create an AWS CloudFormation change set and deploy; if errors are triggered, revert the AWS CloudFormation change set to the previous version.

Use AWS SAM and built-in AWS CodeDeploy to deploy the new Lambda version, gradually shift traffic to the new version, and use pre-traffic and post-traffic test functions to verify cod

Rollback if Amazon CloudWatch alarms are triggered.

Refactor the AWS CLI scripts into a single script that deploys the new Lambda versio

When deployment is completed, the script tests execut

If errors are detected, revert to the previous Lambda version.

Create and deploy an AWS CloudFormation stack that consists of a new API Gateway endpoint that references the new Lambda versio

Change the CloudFront origin to the new API Gateway endpoint, monitor errors and if detected, change the AWS CloudFront origin to the previous API Gateway endpoint.

Page: 1 / 14

Total 179 questions Full Exam Access