80 likes | 89 Views
Now you can show great performance in your final IT paper with the help of SAP-C01 Dumps. Many study materials out there, but Amazondumps.com have created the most valid by seeking help from skilled professionals. You can download this PDF study material for a fast education skill. You can pass your IT test with a relaxed hand. All the final paper questions can easily be replied if you are well prepared with AWS Certified Solutions Architect - Professional Online Test Engine. We are also providing a free version of sample questions that will say something about the original PDF file. Furthermore, a very suitable price has been marked with complete material. A Money-back guarantee is an additional offer because professionals are very much assured about your marks. SAP-C01 Dumps Study Material can show enhanced results with the use of the Online Practice Test. From Coupon code "AD30NY21" you can get flat 30% Discount offer on all examu2019s certification till 1st week of January in the ecstasy of New Year.
E N D
Amazon SAP-C01 Dumps AWS Certified Solutions Architect - Professional
Question #:1 A company has an application that generates a weather forecast that is updated every 15 minutes with an output resolution of 1 billion unique positions, each approximately 20 bytes in size (20 Gigabytes per forecast). Every hour, the forecast data is globally accessed approximately 5 million times (1,400 requests per second), and up to 10 times more during weather events. The forecast data is overwritten every update. Users of the current weather forecast application expect responses to queries to be returned in less than two seconds for each request. Which design meets the required request rate and response time? A. Store forecast locations in an Amazon ES cluster. Use an Amazon CloudFront distribution targeting an Amazon API Gateway endpoint with AWS Lambda functions responding to queries as the origin. Enable API caching on the API Gateway stage with a cache-control timeout set for 15 minutes. B. Store forecast locations in an Amazon EFS volume. Create an Amazon CloudFront distribution that targets an Elastic Load Balancing group of an Auto Scaling fleet of Amazon EC2 instances that have mounted the Amazon EFS volume. Set the set cache-control timeout for 15 minutes in the CloudFront distribution. C. Store forecast locations in an Amazon ES cluster. Use an Amazon CloudFront distribution targeting an API Gateway endpoint with AWS Lambda functions responding to queries as the origin. Create an Amazon Lambda@Edge function that caches the data locally at edge locations for 15 minutes. D. Store forecast locations in an Amazon S3 as individual objects. Create an Amazon CloudFront distribution targeting an Elastic Load Balancing group of an Auto Scaling fleet of EC2 instances, querying the origin of the S3 object. Set the cache-control timeout for 15 minutes in the CloudFront distribution. Answer: A Explanation https://aws.amazon.com/blogs/networking-and-content-delivery/lambdaedge-design-best-practices/ Question #:2 A financial company is using a high-performance compute cluster running on Amazon EC2 instances to perform market simulations A DNS record must be created in an Amazon Route 53 private hosted zone when instances start The DNS record must be removed after instances are terminated. Currently the company uses a combination of Amazon CtoudWatch Events and AWS Lambda to create the DNS record. The solution worked well in testing with small clusters, but in production with clusters containing thousands of instances the company sees the following error in the Lambda logs: HTTP 400 error (Bad request). The response header also includes a status code element with a value of "Throttling" and a status message element with a value of "Rate exceeded " 1 of 7
Which combination of steps should the Solutions Architect take to resolve these issues? (Select THREE) A. Configure an Amazon SOS FIFO queue and configure a CloudWatch Events rule to use this queue as a target. Remove the Lambda target from the CloudWatch Events rule B. Configure an Amazon Kinesis data stream and configure a CloudWatch Events rule to use this queue as a target Remove the Lambda target from the CloudWatch Events rule C. Update the CloudWatch Events rule to trigger on Amazon EC2 "Instance Launch Successful" and "Instance Terminate Successful" events for the Auto Scaling group used by the cluster D. Configure a Lambda function to retrieve messages from an Amazon SQS queue Modify the Lambda function to retrieve a maximum of 10 messages then batch the messages by Amazon Route 53 API call type and submit Delete the messages from the SQS queue after successful API calls. E. Configure an Amazon SQS standard queue and configure the existing CloudWatch Events rule to use this queue as a target Remove the Lambda target from the CloudWatch Events rule. F. Configure a Lambda function to read data from the Amazon Kinesis data stream and configure the batch window to 5 minutes Modify the function to make a single API call to Amazon Route 53 with all records read from the kinesis data stream Answer: B E F Question #:3 A company hosts a blog post application on AWS using Amazon API Gateway. Amazon DynampDB, and AWS Lambda. The application currently does not use API keys to authorize requests. The API model is as follows: GET/posts/[postid] to get post details GET/users[userid] to get user details GET /comments/[commentid] to get comments details The company has noticed are actively discussing topics in the comments section, and the company wants to increase use engagement by marking the comments appears in real time. Which design should be used to reduce comment latency and improve user experience? A. Use adge-optimized API with Amazon CloudFront to cache API responses. B. Modify the blog application code to request GET comment {commented} every 10 seconds. C. Use AWS AppSync and leverage WebSockts to deliver comments D. Change the concurrency limit of the Lambda functions to lower the API response time. 2 of 7
Answer: D Question #:4 A solutions architect has an operational workload deployed on Amazon EC2 instances in an Auto Scaling group The VPC architecture spans two Availability Zones (AZ) with a subnet in each that the Auto Scaling group is targeting The VPC is connected to an on-premises environment and connectivity cannot be interrupted The maximum size of the Auto Scaling group is 20 instances in service The VPC IPv4 addressing is as follows: VPC CIDR 10 0 0 0/23 AZ1 subnet CIDR 10 0 0 0/24 AZ2 subnet CIDR 10 0 10/24 Since deployment a third AZ has become available in the Region The solutions architect wants to adopt the new AZ without adding additional IPv4 address space and without service downtime Which solution will meet these requirements? A. Update the Auto Scaling group to use the AZ2 subnet only Delete and re-create the AZ1 subnet using half the previous address space Adjust the Auto Scaling group to also use the new AZ1 subnet When the instances are healthy adjust the Auto Scaling group to use the AZ1 subnet only Remove the current AZ2 subnet Create a new AZ2 subnet using the second half of the address space from the original. AZ1 subnet Create a new AZ3 subnet using halt the original AZ2 subnet address space then update the Auto Scaling group to target all three new subnets B. Terminate the EC2 instances m the AZ1 subnet Delete and re-create the AZ1 subnet using half the address space Update the Auto Scaling group to use this new subnet Repeat this for the second AZ Define a new subnet in AZ3 then update the Auto Scaling group to target all three new subnets C. Create a new VPC with the same IPv4 address space and define three subnets with one for each AZ Update the existing Auto Scaling group to target the new subnets in the new VPC D. Update the Auto Scaling group to use the AZ2 subnet only Update the AZ1 subnet to have half the previous address space Adjust the Auto Scaling group to also use the AZ1 subnet again When the instances are healthy, adjust the Auto Scaling group to use the AZ1 subnet only Update the current A22 subnet and assign the second half of the address space from the original AZ1 subnet Create a new AZ3 subnet using half the original AZ2 subnet address space then update the Auto Scaling group to target all three new subnets Answer: A Question #:5 A company is migrating an application to AWS. It wants to use fully managed services as much as possible 3 of 7
during the migration. The company needs to store large, important documents within the application with the following requirements: The data must be highly durable and available. The data must always be encrypted at rest and in transit. The encryption key must be managed by the company and rotated periodically. Which of the following solutions should the Solutions Architect recommend? A. Deploy the storage gateway to AWS in file gateway mode. Use Amazon EBS volume encryption using an AWS KMS key to encrypt the storage gateway volumes. B. Use Amazon S3 with a bucket policy to enforce HTTPS for connections to the bucket and to enforce server-side encryption and AWS KMS for object encryption. C. Use Amazon DynamoDB with SSL to connect to DynamoDB. Use an AWS KMS key to encrypt DynamoDB objects at rest. D. Deploy instances with Amazon EBS volumes attached to store this data. Use EBS volume encryption using an AWS KMS key to encrypt the data. Answer: B Explanation https://aws.amazon.com/blogs/security/how-to-use-bucket-policies-and-apply-defense-in-depth-to-help-secure-your-amazon-s3-data/ Question #:6 A company is running multiple applications on Amazon EC2. Each application is deployed and managed by multiple business units. All applications are deployed on a single AWS account but on different virtual private clouds (VPCs). The company uses a separate VPC in the same account for test and development purposes. Production applications suffered multiple outages when users accidentally terminated and modified resources that belonged to another business unit. A Solutions Architect has been asked to improve the availability of the company applications while allowing the Developers access to the resources they need. Which option meets the requirements with the LEAST disruption? A. Create an AWS account for each business unit. Move each business unit’s instances to its own account and set up a federation to allow users to access their business unit’s account. B. Set up a federation to allow users to use their corporate credentials, and lock the users down to their own VPC. Use a network ACL to block each VPC from accessing other VPCs. C. Implement a tagging policy based on business units. Create an IAM policy so that each user can terminate instances belonging to their own business units only. D. 4 of 7
D. Set up role-based access for each user and provide limited permissions based on individual roles and the services for which each user is responsible. Answer: C Explanation https://aws.amazon.com/blogs/security/resource-level-permissions-for-ec2-controlling-management-access-on-specific-instances/ Question #:7 A solutions architect needs to define a reference architecture for a solution for three-tier applications with web, application, and NoSQL data layers. The reference architecture must meet the following requirements: • High availability within an AWS Region • Able to fail over in 1 minute to another AWS Region for disaster recovery • Provide the most efficient solution while minimizing the impact on the user experience Which combination of steps will meet these requirements? (Select THREE.) A. Use an Amazon Route 53 weighted routing policy set to 100/0 across the two selected Regions. Set Time to Live (TTL) to 1 hour. B. Use an Amazon Route 53 failover routing policy for failover from the primary Region to the disaster recovery Region. Set Time to Live (TTL) to 30 seconds. C. Use a global table within Amazon DynamoDB so data can be accessed in the two selected Regions. D. Back up data from an Amazon DynamoDB table in the primary Region every 60 minutes and then write the data to Amazon S3. Use S3 cross-Region replication to copy the data from the primary Region to the disaster recovery Region. E. Have a script import the data into DynamoDB in a disaster recovery scenario. Implement a hot standby model using Auto Scaling groups for the web and application layers across multiple Availability Zones in the Regions. Use zonal Reserved Instances for the minimum number of servers and On-Demand Instances for any additional resources. F. Use Auto Scaling groups for the web and application layers across multiple Availability Zones in the Regions. Use Spot Instances for the required resources. Answer: A D E Question #:8 An enterprise company is building an infrastructure services platform for its users. The company has the 5 of 7
following requirements: • Provide least privilege access to users when launching AWS infrastructure so users cannot provision unapproved services • Use a central account to manage the creation of infrastructure services • Provide the ability to distribute infrastructure services to multiple accounts in AWS Organizations • Provide the ability to enforce tags on any infrastructure that is started by users Which combination of actions using AWS services will meet these requirements? (Select THREE.) A. Develop infrastructure services using AWS Cloud Formation templates Add the templates to a central Amazon S3 bucket and add the-IAM rotes or users that require access to the S3 bucket policy B. Develop infrastructure services using AWS Cloud For matron templates Upload each template as an AWS Service Catalog product to portfolios created in a central AWS account Share these portfolios with the Organizations structure created for the company C. Allow user IAM roles to have AWSCIoudFormationFullAccess and AmazonS3ReadOnlyAccess permissions Add an Organizations SCP at the AWS account root user level to deny all services except AWS CloudFormation and Amazon S3. D. Allow user IAM roles to have ServiceCatalogEndUserAccess permissions only Use an automation script to import the central portfolios to local AWS accounts, copy the TagOption assign users access and apply launch constraints E. Use the AWS Service Catalog TagOption Library to maintain a list of tags required by the company Apply the TagOption to AWS Service Catalog products or portfolios F. Use the AWS CloudFormation Resource Tags property to enforce the application of tags to any CloudFormation templates that will be created for users Answer: B D F Question #:9 A company is using AWS Organizations to manage multiple AWS accounts. For security purposes, the company requires the creation of an Amazon Simple Notification Service (Amazon SNS) topic that enables integration with a third-party alerting system in all the Organizations member accounts. A solutions architect used an AWS CloudFormation template to create the SNS topic and stack sets to automate the deployment of CloudFormation attacks. Trusted access has been enabled in Organizations. What should the solutions architect do to deploy the CloudFormation StackSets in all AWS accounts? A. Create a stack set in the Organizations member accounts. Use service-managed permissions. Set deployment options to deploy to an organization. Use CloudFormation StackSets drift detection. 6 of 7
B. Create stacks in the Organizations member accounts. Use self-service permissions. Set deployment options to deploy to an organization. Enable the CloudFormation StackSets automatic deployment. C. Create stacks in the Organizations master account. Use service-managed permissions. Set deployment options to deploy to the organization. Enable CloudFormation StackSets automatic deployment. D. Create stacks in the Organization master account. Use service-managed permissions. Set deployment options to deploy to the organization. Enable CloudFormation StackSets drift detection. Answer: C Question #:10 A company uses AWS Organizations to manage more than 1,000 AWS accounts. The company has creates a new developer organization. There are 540 developer member in that must be moved to the new developer organization. All accounts are set up with all the required information so that each account can be operated as a standalone account. Which combination of steps should a solutions architect take to move all of the developer accounts to the new developer organization? (Select THREE) A. Call the MoveAccount operation in the Organizations API from the old organization’s master account to migrate the developer accounts to the new developer organization B. From the master account, remove each developer account from the old organization using the RemoveAccountFromOrganization operation in the Organizations API C. From each developer account, remove the account from the old organization using the RemoveAccountFromOrganization operation In the Organization API. D. Sign in to the new developer organization's master account and create a placeholder member account that acts as a target for the developer account migration. E. Call the InviteAccountToOrganization operation in the Organizations API from the new developer organization's master account to send invitations to the developer accounts. F. Have each developer sign in to their account and confirm to join the new developer organization. Answer: B D E For More: SAP-C01 Dumps 7 of 7