24 November, 2023

The Secret Of Amazon AWS-Certified-Solutions-Architect-Professional Dump

Want to know Exambible AWS-Certified-Solutions-Architect-Professional Exam practice test features? Want to lear more about Amazon Amazon AWS Certified Solutions Architect Professional certification experience? Study Refined Amazon AWS-Certified-Solutions-Architect-Professional answers to Updated AWS-Certified-Solutions-Architect-Professional questions at Exambible. Gat a success with an absolute guarantee to pass Amazon AWS-Certified-Solutions-Architect-Professional (Amazon AWS Certified Solutions Architect Professional) test on your first attempt.

Free AWS-Certified-Solutions-Architect-Professional Demo Online For Amazon Certifitcation:

Page: 1 / 33

Total 398 questions Full Exam Access

Question 1

What is the default maximum number of VPCs allowed per region?

100

Question 2

Your customer is willing to consolidate their log streams (access logs application logs security logs etc.) in one single system. Once consolidated, the customer wants to analyze these logs in real time based on heuristics. From time to time, the customer needs to validate heuristics, which requires going back to data samples extracted from the last 12 hours?
What is the best approach to meet your customer’s requirements?

Send all the log events to Amazon SQS, setup an Auto Scaling group of EC2 sewers to consume the logs and apply the heuristics.

Send all the log events to Amazon Kinesis, develop a client process to apply heuristics on the logs

Configure Amazon CIoudTraiI to receive custom logs, use EMR to apply heuristics the logs

Setup an Auto Scaling group of EC2 syslogd servers, store the logs on S3, use EMR to apply heuristics on the logs

Question 3

To serve Web traffic for a popular product your chief financial officer and IT director have purchased 10 ml large heavy utilization Reserved Instances (Rls) evenly spread across two availability zones: Route 53 is used to deliver the traffic to an Elastic Load Balancer (ELB). After several months, the product grows even more popular and you need additional capacity As a result, your company purchases two C3.2xIarge medium utilization Ris You register the two c3 2xIarge instances with your ELB and quickly find that the ml large instances are at 100% of capacity and the c3 2xIarge instances have significant capacity that's
unused Which option is the most cost effective and uses EC2 capacity most effectively?

Configure Autoscaling group and Launch Configuration with ELB to add up to 10 more on-demand m1 .|arge instances when triggered by Cloudwatc

Shut off c3.2x|arge instances.

Configure ELB with two c3.2xIarge instances and use on-demand Autoscaling group for up to two additional c3.2x|arge instance

Shut off m1 .Iarge instances.

Route traffic to EC2 m1 .Iarge and c3.2xIarge instances directly using Route 53 latency based routing and health check

Shut off ELB.

Use a separate ELB for each instance type and distribute load to ELBs with Route 53 weighted round robin.

Question 4

Your company is storing millions of sensitive transactions across thousands of 100-GB files that must be encrypted in transit and at rest. Analysts concurrently depend on subsets of files, which can consume up to 5 TB of space, to generate simulations that can be used to steer business decisions. You are required to design an AWS solution that can cost effectively accommodate the long-term storage and in-flight subsets of data.

Use Amazon Simple Storage Service (S3) with server-side encryption, and run simulations on subsets in ephemeral drives on Amazon EC2.

Use Amazon S3 with server-side encryption, and run simulations on subsets in-memory on Amazon EC2.

Use HDFS on Amazon EMR, and run simulations on subsets in ephemeral drives on Amazon EC2.

Use HDFS on Amazon Elastic MapReduce (EMR), and run simulations on subsets in-memory on Amazon Elastic Compute Cloud (EC2).

Store the full data set in encrypted Amazon Elastic Block Store (EBS) volumes, and regularly capturesnapshots that can be cloned to EC2 workstation

Question 5

You are the new IT architect in a company that operates a mobile sleep tracking application.
When activated at night, the mobile app is sending collected data points of 1 kilobyte every 5 minutes to your backend.
The backend takes care of authenticating the user and writing the data points into an Amazon DynamoDB table.
Every morning, you scan the table to extract and aggregate last night's data on a per user basis, and store the results in Amazon S3. Users are notified via Amazon SNS mobile push notifications that new data is available, which is parsed and visualized by the mobile app.
Currently you have around 100k users who are mostly based out of North America. You have been tasked to optimize the architecture of the backend system to lower cost. What would you recommend? Choose 2 answers

Have the mobile app access Amazon DynamoDB directly Instead of JSON files stored on Amazon S3.

Write data directly into an Amazon Redshift cluster replacing both Amazon DynamoDB and Amazon S3.

Introduce an Amazon SQS queue to buffer writes to the Amazon DynamoDB table and reduce provisioned write throughput.

Introduce Amazon Elasticache to cache reads from the Amazon DynamoDB table and reduce provisioned read throughput.

Create a new Amazon DynamoDB table each day and drop the one for the previous day after its data is on Amazon S3.

Question 6

What does elasticity mean to AWS?

The ability to scale computing resources up easily, with minimal friction and down with latency.

The ability to scale computing resources up and down easily, with minimal friction.

The ability to provision cloud computing resources in expectation of future demand.

The ability to recover from business continuity events with minimal frictio

Question 7

How can multiple compute resources be used on the same pipeline in AWS Data Pipeline?

You can use multiple compute resources on the same pipeline by defining multiple cluster objects in your definition file and associating the cluster to use for each actMty via its runsOn field.

You can use multiple compute resources on the same pipeline by defining multiple cluster definition files.

You can use multiple compute resources on the same pipeline by defining multiple clusters for your actMty.

You cannot use multiple compute resources on the same pipelin

Question 8

Your company policies require encryption of sensitive data at rest. You are considering the possible options for protecting data while storing it at rest on an EBS data volume, attached to an EC2 instance. Which of these options would allow you to encrypt your data at rest? Choose 3 answers

Implement third party volume encryption tools

Implement SSL/TLS for all services running on the sewer

Encrypt data inside your applications before storing it on EBS

Encrypt data using native data encryption drivers at the file system level

Do nothing as EBS volumes are encrypted by default

Question 9

Which of the following components of AWS Data Pipeline polls for tasks and then performs those tasks?

Pipeline Definition

Task Runner

Amazon Elastic MapReduce (EMR)

AWS Direct Connect

Question 10

You are looking to migrate your Development (Dev) and Test environments to AWS. You have decided to use separate AWS accounts to host each environment. You plan to link each accounts bill to a Master AWS account using Consolidated Billing. To make sure you Keep within budget you would like to implement a way for administrators in the Master account to have access to stop, delete and/or terminate resources in both the Dev and Test accounts. Identify which option will allow you to achieve this goal.

Create IAM users in the Master account with full Admin permission

Create cross-account roles in the Dev and Test accounts that grant the Master account access to the resources in the account by inheriting permissions from the Master account.

Create IAM users and a cross-account role in the Master account that grants full Admin permissions to the Dev and Test accounts.

Create IAM users in the Master account Create cross-account roles in the Dev and Test accounts that have full Admin permissions and grant the Master account access.

Link the accounts using Consolidated Billin

This will give IAM users in the Master account access to resources in the Dev and Test accounts

Question 11

Regarding Amazon SNS, you can send notification messages to mobile devices through any of the following supported push notification services, EXCEPT:

Microsoft Windows Mobile Messaging (MWMM)

Google Cloud Messaging for Android (GCM)

Amazon Device Messaging (ADM)

Apple Push Notification Service (APNS)

Question 12

A user is hosting a public website on AWS. The user wants to have the database and the app server on the AWS VPC. The user wants to setup a database that can connect to the Internet for any patch upgrade but cannot receive any request from the internet. How can the user set this up?

Setup DB in a private subnet with the security group allowing only outbound traffic.

Setup DB in a public subnet with the security group allowing only inbound data.

Setup DB in a local data center and use a private gateway to connect the application with DB.

Setup DB in a private subnet which is connected to the internet via NAT for outbound.

Question 13

To get started using AWS Direct Connect, in which of the following steps do you configure Border Gateway Protocol (BGP)?

Complete the Cross Connect

Configure Redundant Connections with AWS Direct Connect

Create a Virtual Interface

Download Router Configuration

Question 14

An organization is planning to use NoSQL DB for its scalable data needs. The organization wants to host an application securely in AWS VPC. What action can be recommended to the organization?

The organization should setup their own NoSQL cluster on the AWS instance and configure route tables and subnets.

The organization should only use a DynamoDB because by default it is always a part of the default subnet provided by AWS.

The organization should use a DynamoDB while creating a table within the public subnet.

The organization should use a DynamoDB while creating a table within a private subne

Question 15

You require the ability to analyze a customer's clickstream data on a website so they can do behavioral analysis. Your customer needs to know what sequence of pages and ads their customer clicked on. This data will be used in real time to modify the page layouts as customers click through the site to increase stickiness and advertising click-through. Which option meets the requirements for captioning and analyzing this data?

Log clicks in weblogs by URL store to Amazon S3, and then analyze with Elastic MapReduce

Push web clicks by session to Amazon Kinesis and analyze behavior using Kinesis workers

Write click events directly to Amazon Redshift and then analyze with SQL

Publish web clicks by session to an Amazon SQS queue then periodically drain these events to Amazon RDS and analyze with SQL.

Question 16

What bandwidths do AWS Direct Connect currently support?

10Mbps and 100Mbps

10Gbps and 100Gbps

100Mbps and 1Gbps

1Gbps and 10 Gbps

Question 17

Which of the following is true while using an IAM role to grant permissions to applications running on Amazon EC2 instances?

All applications on the instance share the same role, but different permissions.

All applications on the instance share multiple roles and permissions.

MuItipIe roles are assigned to an EC2 instance at a time.

Only one role can be assigned to an EC2 instance at a tim

Question 18

The following policy can be attached to an IAM group. It lets an IAM user in that group access a "home directory" in AWS S3 that matches their user name using the console.
{
"Version": "2012-10-17",
"Statement": [
{
"Action": ["s3:*"], "Effect": "A||ow",
"Resource": ["arn:aws:s3::zbucket-name"], "Condition":{"StringLike":{"s3:prefix":["home/${aws:username}/*"]}}
}!
{
"Action":["s3:*"], "Effect":"AI|ow",
"Resource": ["arn:aws:s3:::bucket-name/home/${aws:username}/*"]
}
}

True

False

Question 19

An organization is having an application which can start and stop an EC2 instance as per schedule. The organization needs the MAC address of the instance to be registered with its software. The instance is launched in EC2-CLASSIC. How can the organization update the MAC registration every time an instance is booted?

The organization should write a boot strapping script which will get the MAC address from the instance metadata and use that script to register with the application.

The organization should provide a MAC address as a part of the user dat

Thus, whenever the instance is booted the script assigns the fixed MAC address to that instance.

The instance MAC address never change

Thus, it is not required to register the MAC address every time.

AWS never provides a MAC address to an instance; instead the instance ID is used for identifying the instance for any software registration.

Question 20

You want to define permissions for a role in an IAM policy. Which of the following configuration formats should you use?

An XML document written in the IAM Policy Language

An XML document written in a language of your choice

A JSON document written in the IAM Policy Language

A JSON document written in a language of your choice

Question 21

Mike is appointed as Cloud Consultant in ExamKi|Ier.com. ExamKiI|er has the following VPCs set-up in the US East Region:
A VPC with CIDR block 10.10.0.0/16, a subnet in that VPC with CIDR block 10.10.1.0/24 A VPC with CIDR block 10.40.0.0/16, a subnet in that VPC with CIDR block 10.40.1.0/24
ExamKiIIer.com is trying to establish network connection between two subnets, a subnet with CIDR block 10.10.1.0/24 and another subnet with CIDR block 10.40.1.0/24. Which one of the following solutions should lV|ike recommend to ExamKiI|er.com?

Create 2 Virtual Private Gateways and configure one with each VPC.

Create 2 Internet Gateways, and attach one to each VPC.

Create a VPC Peering connection between both VPCs.

Create one EC2 instance in each subnet, assign Elastic IPs to both instances, and configure a set up Site-to-Site VPN connection between both EC2 instances.

Question 22

An organization is planning to host a web application in the AWS VPC. The organization does not want to host a database in the public cloud due to statutory requirements. How can the organization setup in this scenario?

The organization should plan the app server on the public subnet and database in the organization’s data center and connect them with the VPN gateway.

The organization should plan the app server on the public subnet and use RDS with the private subnet for a secure data operation.

The organization should use the public subnet for the app server and use RDS with a storage gateway to access as well as sync the data securely from the local data center.

The organization should plan the app server on the public subnet and database in a private subnet so it will not be in the public cloud.

Question 23

After launching an instance that you intend to serve as a NAT (Network Address Translation) device in a public subnet you modify your route tables to have the NAT device be the target of internet bound traffic of your private subnet. When you try and make an outbound connection to the internet from an instance in the private subnet, you are not successful. Which of the following steps could resolve the issue?

Disabling the Source/Destination Check attribute on the NAT instance

Attaching an Elastic IP address to the instance in the private subnet

Attaching a second Elastic Network Interface (ENI) to the NAT instance, and placing it in the private subnet

Attaching a second Elastic Network Interface (ENI) to the instance in the private subnet, and placing it in the public subnet

Question 24

Your company is getting ready to do a major public announcement of a social media site on AWS. The website is running on EC2 instances deployed across multiple Availability Zones with a MuIti-AZ RDS MySQL Extra Large DB Instance. The site performs a high number of small reads and writes per second and relies on an eventual consistency model. After comprehensive tests you discover that there is read contention on RDS MySQL. Which are the best approaches to meet these requirements? (Choose 2 answers)

Deploy E|astiCache in-memory cache running in each availability zone

Implement sharding to distribute load to multiple RDS lV|ySQL instances

Increase the RDS MySQL Instance size and Implement provisioned IOPS

Add an RDS MySQL read replica in each availability zone

Question 25

The AWS IT infrastructure that AWS provides, complies with the following IT security standards, including:

SOC 1/SSAE 16/ISAE 3402 (formerly SAS 70 Type II), SOC 2 and SOC 3

FISMA, DIACAP, and FedRA|V|P

PCI DSS Level 1, ISO 27001, ITAR and FIPS 140-2

HIPAA, Cloud Security Alliance (CSA) and Motion Picture Association of America (NIPAA)

All of the above

Page: 1 / 33

Total 398 questions Full Exam Access