SOLUTIONS ARCHITECT ASSOCIATE - 5

A company is running a custom application in an Auto Scaling group of Amazon EC2 instances. Several instances are failing due to insufficient swap space. The Solutions Architect has been instructed to troubleshoot the issue and effectively monitor the available swap space of each EC2 instance. Which of the following options fulfills this requirement?. Install the CloudWatch agent on each instance and monitor the SwapUtilization metric. Enable detailed monitoring on each instance and monitor the SwapUtilization metric. Create a CloudWatch dashboard and monitor the SwapUsed metric. Create a new trail in AWS CloudTrail and configure Amazon CloudWatch Logs to monitor your trail logs.

An online events registration system is hosted in AWS and uses ECS to host its front-end tier and an RDS configured with Multi-AZ for its database tier. What are the events that will make Amazon RDS automatically perform a failover to the standby replica? (Select TWO.). Loss of availability in primary Availability Zone. Storage failure on primary. Storage failure on secondary DB instance. In the event of Read Replica failure. Compute unit failure on secondary DB instance.

A company has two On-Demand EC2 instances inside the Virtual Private Cloud in the same Availability Zone but are deployed to different subnets. One EC2 instance is running a database and the other EC2 instance a web application that connects with the database. You need to ensure that these two instances can communicate with each other for the system to work properly. What are the things you have to check so that these EC2 instances can communicate inside the VPC? (Select TWO.). Check if all security groups are set to allow the application host to communicate to the database on the right port and protocol. Check the Network ACL if it allows communication between the two subnets. Check if both instances are the same instance class. Check if the default route is set to a NAT instance or Internet Gateway (IGW) for them to communicate. Ensure that the EC2 instances are in the same Placement Group.

A software company has resources hosted in AWS and on-premises servers. You have been requested to create a decoupled architecture for applications which make use of both resources. Which of the following options are valid? (Select TWO.). Using RDS to utilize both on-premises servers and EC2 instances for your decoupled application. Using DynamoDB to utilize both on-premises servers and EC2 instances for your decoupled application. Using VPC peering to connect both on-premises servers and EC2 instances for your decoupled application. Use SWF to utilize both on-premises servers and EC2 instances for your decoupled application. Use SQS to utilize both on-premises servers and EC2 instances for your decoupled application.

A digital media company shares static content to its premium users around the world and also to their partners who syndicate their media files. The company is looking for ways to reduce its server costs and securely deliver their data to their customers globally with low latency. Which combination of services should be used to provide the MOST suitable and cost-effective architecture? (Select TWO.). Amazon CloudFront. Amazon S3. AWS Fargate. AWS Lambda. AWS Global Accelerator.

An insurance company plans to implement a message filtering feature in their web application. To implement this solution, they need to create separate Amazon SQS queues for each type of quote request. The entire message processing should not exceed 24 hours. As the Solutions Architect of the company, which of the following should you do to meet the above requirement?. Create one Amazon SNS topic and configure the Amazon SQS queues to subscribe to the SNS topic. Set the filter policies in the SNS subscriptions to publish the message to the designated SQS queue based on its quote request type. Create one Amazon SNS topic and configure the Amazon SQS queues to subscribe to the SNS topic. Publish the same messages to all SQS queues. Filter the messages in each queue based on the quote request type. Create multiple Amazon SNS topics and configure the Amazon SQS queues to subscribe to the SNS topics. Publish the message to the designated SQS queue based on the quote request type. Create a data stream in Amazon Kinesis Data Streams. Use the Amazon Kinesis Client Library to deliver all the records to the designated SQS queues based on the quote request type.

A media company hosts large volumes of archive data that are about 250 TB in size on their internal servers. They have decided to move these data to S3 because of its durability and redundancy. The company currently has a 100 Mbps dedicated line connecting their head office to the Internet. Which of the following is the FASTEST and the MOST cost-effective way to import all these data to Amazon S3?. Ordering multiple AWS Snowball devices to upload the files to Amazon S3. Uploading it directly to S3. Establishing an AWS Direct Connect connection then transferring the data over to S3. Using AWS Snowmobile to transfer the data over to S3.

A company plans to migrate its suite of containerized applications running on-premises to a container service in AWS. The solution must be cloud-agnostic and use an open-source platform that can automatically manage containerized workloads and services. It should also use the same configuration and tools across various production environments. What should the Solution Architect do to properly migrate and satisfy the given requirement?. Migrate the application to Amazon Elastic Kubernetes Service with EKS worker nodes. Migrate the application to Amazon Container Registry (ECR) with Amazon EC2 instance worker nodes. Migrate the application to Amazon Elastic Container Service with ECS tasks that use the AWS Fargate launch type. Migrate the application to Amazon Elastic Container Service with ECS tasks that use the Amazon EC2 launch type.

As part of the Business Continuity Plan of your company, your IT Director instructed you to set up an automated backup of all of the EBS Volumes for your EC2 instances as soon as possible. What is the fastest and most cost-effective solution to automatically back up all of your EBS Volumes?. Using Amazon Data Lifecycle Manager (Amazon DLM) to automate the creation of EBS snapshots. For an automated solution, create a scheduled job that calls the "create-snapshot" command via the AWS CLI to take a snapshot of production EBS volumes periodically. Setting your Amazon Storage Gateway with EBS volumes as the data source and storing the backups in your on-premises servers through the storage gateway. Using an EBS-cycle policy in Amazon S3 to automatically back up the EBS volumes.

A company is building a transcription service in which a fleet of EC2 worker instances processes an uploaded audio file and generates a text file as an output. They must store both of these frequently accessed files in the same durable storage until the text file is retrieved by the uploader. Due to an expected surge in demand, they have to ensure that the storage is scalable and can be retrieved within minutes. Which storage option in AWS can they use in this situation, which is both cost-efficient and scalable?. A single Amazon S3 bucket. Multiple Amazon EBS volume with snapshots. Multiple instance stores. Amazon S3 Glacier Deep Archive.

A company has a cryptocurrency exchange portal that is hosted in an Auto Scaling group of EC2 instances behind an Application Load Balancer and is deployed across multiple AWS regions. The users can be found all around the globe, but the majority are from Japan and Sweden. Because of the compliance requirements in these two locations, you want the Japanese users to connect to the servers in the ap-northeast-1 Asia Pacific (Tokyo) region, while the Swedish users should be connected to the servers in the eu-west-1 EU (Ireland) region. Which of the following services would allow you to easily fulfill this requirement?. Setting up an Application Load Balancers that will automatically route the traffic to the proper AWS region. Setting up a new CloudFront web distribution with the geo-restriction feature enabled. Using Route 53 Weighted Routing policy. Use Route 53 Geolocation Routing policy.

An Intelligence Agency developed a missile tracking application that is hosted on both development and production AWS accounts. The Intelligence agency’s junior developer only has access to the development account. She has received security clearance to access the agency’s production account but the access is only temporary and only write access to EC2 and S3 is allowed. Which of the following allows you to issue short-lived access tokens that act as temporary security credentials to allow access to your AWS resources?. Using AWS Cognito to issue JSON Web Tokens (JWT). Using AWS SSO. All of the above. Use AWS STS.

A company runs a messaging application in the ap-northeast-1 and ap-southeast-2 region. A Solutions Architect needs to create a routing policy wherein a larger portion of traffic from the Philippines and North India will be routed to the resource in the ap-northeast-1 region. Which Route 53 routing policy should the Solutions Architect use?. Geoproximity Routing. Geolocation Routing. Latency Routing. Weighted Routing.

An accounting application uses an RDS database configured with Multi-AZ deployments to improve availability. What would happen to RDS if the primary database instance fails?. The IP address of the primary DB instance is switched to the standby DB instance. The primary database instance will reboot. A new database instance is created in the standby Availability Zone. The canonical name record (CNAME) is switched from the primary to standby instance.

A Solutions Architect is working for an online hotel booking firm with terabytes of customer data coming from the websites and applications. There is an annual corporate meeting where the Architect needs to present the booking behavior and acquire new insights from the customers’ data. The Architect is looking for a service to perform super-fast analytics on massive data sets in near real-time. Which of the following services gives the Architect the ability to store huge amounts of data and perform quick and flexible queries on it?. Amazon Redshift. Amazon DynamoDB. Amazon ElastiCache. Amazon RDS.

A company has a dynamic web app written in MEAN stack that is going to be launched in the next month. There is a probability that the traffic will be quite high in the first couple of weeks. In the event of a load failure, how can you set up DNS failover to a static website?. Duplicating the exact application architecture in another region and configuring DNS weight-based routing. Enabling failover to an application hosted in an on-premises data center. Adding more servers in case the application fails. Use Route 53 with the failover option to a static S3 website bucket or CloudFront distribution.

A company has multiple VPCs with IPv6 enabled for its suite of web applications. The Solutions Architect tried to deploy a new Amazon EC2 instance but she received an error saying that there is no IP address available on the subnet. How should the Solutions Architect resolve this problem?. Set up a new IPv4 subnet with a larger CIDR range. Associate the new subnet with the VPC and then launch the instance. Set up a new IPv6-only subnet with a large CIDR range. Associate the new subnet with the VPC then launch the instance. Ensure that the VPC has IPv6 CIDRs only. Remove any IPv4 CIDRs associated with the VPC. Disable the IPv4 support in the VPC and use the available IPv6 addresses.

For data privacy, a healthcare company has been asked to comply with the Health Insurance Portability and Accountability Act (HIPAA). The company stores all its backups on an Amazon S3 bucket. It is required that data stored on the S3 bucket must be encrypted. What is the best option to do this? (Select TWO.). Before sending the data to Amazon S3 over HTTPS, encrypt the data locally first using your own encryption keys. Enable Server-Side Encryption on an S3 bucket to make use of AES-256 encryption. Storing the data on EBS volumes with encryption enabled instead of using Amazon S3. Storing the data in encrypted EBS snapshots. Enabling Server-Side Encryption on an S3 bucket to make use of AES-128 encryption.

A Solutions Architect created a new Standard-class S3 bucket to store financial reports that are not frequently accessed but should immediately be available when an auditor requests them. To save costs, the Architect changed the storage class of the S3 bucket from Standard to Infrequent Access storage class. In Amazon S3 Standard - Infrequent Access storage class, which of the following statements are true? (Select TWO.). It is designed for data that is accessed less frequently. It is designed for data that requires rapid access when needed. It automatically moves data to the most cost-effective access tier without any operational overhead. It provides high latency and low throughput performance. Ideal to use for data archiving.

An application is hosted in AWS Fargate and uses RDS database in Multi-AZ Deployments configuration with several Read Replicas. A Solutions Architect was instructed to ensure that all of their database credentials, API keys, and other secrets are encrypted and rotated on a regular basis to improve data security. The application should also use the latest version of the encrypted credentials when connecting to the RDS database. Which of the following is the MOST appropriate solution to secure the credentials?. Use AWS Secrets Manager to store and encrypt the database credentials, API keys, and other secrets. Enable automatic rotation for all of the credentials. Store the database credentials, API keys, and other secrets to Systems Manager Parameter Store each with a SecureString data type. The credentials are automatically rotated by default. Store the database credentials, API keys, and other secrets to AWS ACM. Store the database credentials, API keys, and other secrets in AWS KMS.