SAP-C01 Exam Details

  • Exam Code
    :SAP-C01
  • Exam Name
    :AWS Certified Solutions Architect - Professional (SAP-C01)
  • Certification
    :Amazon Certifications
  • Vendor
    :Amazon
  • Total Questions
    :973 Q&As
  • Last Updated
    :Jul 09, 2023

Amazon SAP-C01 Online Questions & Answers

  • Question 101:

    A company is planning a large event where a promotional offer will be introduced. The company's website is hosted on AWS and backed by an Amazon RDS for PostgreSQL DB instance. The website explains the promotion and includes a sign-up page that collects user information and preferences. Management expects large and unpredictable volumes of traffic periodically, which will create many database writes. A solutions architect needs to build a solution that does not change the underlying data model and ensures that submissions are not dropped before they are committed to the database.

    Which solution meets these requirements?

    A. Immediately before the event, scale up the existing DB instance to meet the anticipated demand. Then scale down after the event.
    B. Use Amazon SQS to decouple the application and database layers. Configure an AWS Lambda function to write items from the queue into the database.
    C. Migrate to Amazon DynamoDB and manage throughput capacity with automatic scaling.
    D. Use Amazon ElastiCache for Memcached to increase write capacity to the DB instance.

  • Question 102:

    A solutions architect is designing a publicly accessible web application that is on an Amazon CloudFront distribution with an Amazon S3 website endpoint as the origin. When the solution is deployed, the website returns an Error 403: Access Denied message.

    Which steps should the solutions architect take to correct the issue? (Choose two.)

    A. Remove the S3 block public access option from the S3 bucket.
    B. Remove the requester pays option from the S3 bucket.
    C. Remove the origin access identity (OAI) from the CloudFront distribution.
    D. Change the storage class from S3 Standard to S3 One Zone-Infrequent Access (S3 One Zone-IA).
    E. Disable S3 object versioning.

  • Question 103:

    A company has developed a new release of a popular video game and wants to make it available for public download. The new release package is approximately 5 GB in size. The company provides downloads for existing releases from a Linux-based, publicly facing FTP site hosted in an on-premises data center. The company expects the new release will be downloaded by users worldwide. The company wants a solution that provides improved download performance and low transfer costs, regardless of a user's location.

    Which solutions will meet these requirements?

    A. Store the game files on Amazon EBS volumes mounted on Amazon EC2 instances within an Auto Scaling group. Configure an FTP service on the EC2 instances. Use an Application Load Balancer in front of the Auto Scaling group. Publish the game download URL for users to download the package.
    B. Store the game files on Amazon EFS volumes that are attached to Amazon EC2 instances within an Auto Scaling group. Configure an FTP service on each of the EC2 instances. Use an Application Load Balancer in front of the Auto Scaling group. Publish the game download URL for users to download the package.
    C. Configure Amazon Route 53 and an Amazon S3 bucket for website hosting. Upload the game files to the S3 bucket. Use Amazon CloudFront for the website. Publish the game download URL for users to download the package.
    D. Configure Amazon Route 53 and an Amazon S3 bucket for website hosting. Upload the game files to the S3 bucket. Set Requester Pays for the S3 bucket. Publish the game download URL for users to download the package.

  • Question 104:

    A company has a VPC with two domain controllers running Active Directory in the default configuration. The VPC DHCP options set is configured to use the IP addresses of the two domain controllers. There is a VPC interface endpoint defined; but instances within the VPC are not able to resolve the private endpoint addresses.

    Which strategies would resolve this issue? (Choose two.)

    A. Define an outbound Amazon Route 53 Resolver. Set a conditional forward rule for the Active Directory domain to the Active Directory servers. Update the VPC DHCP options set to AmazonProvidedDNS.
    B. Update the DNS service on the Active Directory servers to forward all non-authoritative queries to the VPC Resolver.
    C. Define an inbound Amazon Route 53 Resolver. Set a conditional forward rule for the Active Directory domain to the Active Directory servers. Update the VPC DHCP options set to AmazonProvidedDNS.
    D. Update the DNS service on the client instances to split DNS queries between the Active Directory servers and the VPC Resolver.
    E. Update the DNS service on the Active Directory servers to forward all queries to the VPC Resolver.

  • Question 105:

    An organization is hosting a scalable web application using AWS. The organization has configured ELB and Auto Scaling to make the application scalable. Which of the below mentioned statements is not required to be followed for ELB when the application is planning to host a web application on VPC?

    A. The ELB and all the instances should be in the same subnet.
    B. Configure the security group rules and network ACLs to allow traffic to be routed between the subnets in the VPC.
    C. The internet facing ELB should have a route table associated with the internet gateway.
    D. The internet facing ELB should be only in a public subnet.

  • Question 106:

    A company wants to send data from its on-premises systems to Amazon S3 buckets. The company created the S3 buckets in three different accounts. The company must send the data privately without the data traveling across the internet. The company has no existing dedicated connectivity to AWS.

    Which combination of steps should a solutions architect take to meet these requirements? (Select TWO.)

    A. Establish a networking account in the AWS Cloud Create a private VPC in the networking account Set up an AWS Direct Connect connection with a private VIF between the on-premises environment and the private VPC
    B. Establish a networking account in the AWS Cloud Create a private VPC in the networking account Set up an AWS Direct Connect connection with a public VIF between the on-premises environment and the private VPC
    C. Create an Amazon S3 interface endpoint in the networking account
    D. Create an Amazon S3 gateway endpoint in the networking account E, Establish a networking account in the AWS Cloud. Create a private VPC in the networking account Peer VPCs from the accounts that host the S3 buckets with the VPC in the network account

  • Question 107:

    Which status represents a failure state in AWS CloudFormation?

    A. ROLLBACK_IN_PROGRESS
    B. DELETE_IN_PROGRESS
    C. UPDATE_COMPLETE_CLEANUP_IN_PROGRESS
    D. REVIEW_IN_PROGRESS

  • Question 108:

    An enterprise runs 103 line-of-business applications on virtual machines in an on-premises data center. Many of the applications are simple PHP, Java, or Ruby web applications, are no longer actively developed, and serve little traffic. Which approach should be used to migrate these applications to AWS with the LOWEST infrastructure costs?

    A. Deploy the applications to single-instance AWS Elastic Beanstalk environments without a load balancer.
    B. Use AWS SMS to create AMIs for each virtual machine and run them in Amazon EC2.
    C. Convert each application to a Docker image and deploy to a small Amazon ECS cluster behind an Application Load Balancer.
    D. Use VM Import/Export to create AMIs for each virtual machine and run them in single-instance AWS Elastic Beanstalk environments by configuring a custom image.

  • Question 109:

    You currently operate a web application. In the AWS US-East region. The application runs on an auto-scaled layer of EC2 instances and an RDS Multi-AZ database. Your IT security compliance officer has tasked you to develop a reliable and durable logging solution to track changes made to your EC2.IAM And RDS resources. The solution must ensure the integrity and confidentiality of your log data.

    Which of these solutions would you recommend?

    A. Create a new CloudTrail trail with one new S3 bucket to store the logs and with the global services option selected. Use IAM roles S3 bucket policies and Multi Factor Authentication (MFA) Delete on the S3 bucket that stores your logs.
    B. Create a new CloudTrail with one new S3 bucket to store the logs Configure SNS to send log file delivery notifications to your management system. Use IAM roles and S3 bucket policies on the S3 bucket mat stores your logs.
    C. Create a new CloudTrail trail with an existing S3 bucket to store the logs and with the global services option selected. Use S3 ACLs and Multi Factor Authentication (MFA). Delete on the S3 bucket that stores your logs.
    D. Create three new CloudTrail trails with three new S3 buckets to store the logs one for the AWS Management console, one for AWS SDKs and one for command line tools. Use IAM roles and S3 bucket policies on the S3 buckets that store your logs.

  • Question 110:

    A Solutions Architect is designing a multi-account structure that has 10 existing accounts. The design must meet the following requirements:

    1.

    Consolidate all accounts into one organization.

    2.

    Allow full access to the Amazon EC2 service from the master account and the secondary accounts.

    3.

    Minimize the effort required to add additional secondary accounts. Which combination of steps should be included in the solution? (Choose two.)

    A. Create an organization from the master account. Send invitations to the secondary accounts from the master account. Accept the invitations and create an OU.
    B. Create an organization from the master account. Send a join request to the master account from each secondary account. Accept the requests and create an OU.
    C. Create a VPC peering connection between the master account and the secondary accounts. Accept the request for the VPC peering connection.
    D. Create a service control policy (SCP) that enables full EC2 access, and attach the policy to the OU.
    E. Create a full EC2 access policy and map the policy to a role in each account. Trust every other account to assume the role.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SAP-C01 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.