Amazon SAP-C01 Online Practice Questions and Exam Preparation

Amazon SAP-C01 Online Questions & Answers

• Question 211:

  A company provides AWS solutions to its users with AWS CloudFormation templates. Users launch the templates in their accounts to have different solutions provisioned for them. The users want to improve the deployment strategy for solutions while retaining the ability to do the following:

  1.

  Add their own features to a solution for their specific deployments.

  2.

  Run unit tests on their changes.

  3.

  Turn features on and off for their deployments.

  4.

  Automatically update with code changes.

  5.

  Run security scanning tools for their deployments.

  Which strategies should the Solutions Architect use to meet the requirements?

  A. Allow users to download solution code as Docker images. Use AWS CodeBuild and AWS CodePipeline for the CI/CD pipeline. Use Docker images for different solution features and the AWS CLI to turn features on and off. Use AWS CodeDeploy to run unit tests and security scans, and for deploying and updating a solution with changes.
  B. Allow users to download solution code artifacts. Use AWS CodeCommit and AWS CodePipeline for the CI/CD pipeline. Use AWS Amplify plugins for different solution features and user prompts to turn features on and off. Use AWS Lambda to run unit tests and security scans, and AWS CodeBuild for deploying and updating a solution with changes.
  C. Allow users to download solution code artifacts in their Amazon S3 buckets. Use Amazon S3 and AWS CodePipeline for the CI/CD pipelines. Use CloudFormation StackSets for different solution features and to turn features on and off. Use AWS Lambda to run unit tests and security scans, and CloudFormation for deploying and updating a solution with changes.
  D. Allow users to download solution code artifacts. Use AWS CodeCommit and AWS CodePipeline for the CI/CD pipeline. Use the AWS Cloud Development Kit constructs for different solution features, and use the manifest file to turn features on and off. Use AWS CodeBuild to run unit tests and security scans, and for deploying and updating a solution with changes.
  A. Allow users to download solution code as Docker images. Use AWS CodeBuild and AWS CodePipeline for the CI/CD pipeline. Use Docker images for different solution features and the AWS CLI to turn features on and off. Use AWS CodeDeploy to run unit tests and security scans, and for deploying and updating a solution with changes.

• Question 212:

  What RAID method is used on the Cloud Block Storage back-end to implement a very high level of reliability and performance?

  A. RAID 1 (Mirror)
  B. RAID 5 (Blocks striped, distributed parity)
  C. RAID 10 (Blocks mirrored and striped)
  D. RAID 2 (Bit level striping)
  C. RAID 10 (Blocks mirrored and striped)

• Question 213:

  A large company has increased its utilization of AWS over time in an unmanaged way. As such, they have a large number of independent AWS accounts across different business units, projects, and environments. The company has created a Cloud Center of Excellence team, which is responsible for managing all aspects of the AWS Cloud, including their AWS accounts.

  Which of the following should the Cloud Center of Excellence team do to BEST address their requirements in a centralized way? (Choose two.)

  A. Control all AWS account root user credentials. Assign AWS IAM users in the account of each user who needs to access AWS resources. Follow the policy of least privilege in assigning permissions to each user.
  B. Tag all AWS resources with details about the business unit, project, and environment. Send all AWS Cost and Usage reports to a central Amazon S3 bucket, and use tools such as Amazon Athena and Amazon QuickSight to collect billing details by business unit.
  C. Use the AWS Marketplace to choose and deploy a Cost Management tool. Tag all AWS resources with details about the business unit, project, and environment. Send all AWS Cost and Usage reports for the AWS accounts to this tool for analysis.
  D. Set up AWS Organizations. Enable consolidated billing, and link all existing AWS accounts to a master billing account. Tag all AWS resources with details about the business unit, project and environment. Analyze Cost and Usage reports using tools such as Amazon Athena and Amazon QuickSight, to collect billing details by business unit.
  E. Using a master AWS account, create IAM users within the master account. Define IAM roles in the other AWS accounts, which cover each of the required functions in the account. Follow the policy of least privilege in assigning permissions to each role, then enable the IAM users to assume the roles that they need to use.
  A. Control all AWS account root user credentials. Assign AWS IAM users in the account of each user who needs to access AWS resources. Follow the policy of least privilege in assigning permissions to each user.
  D. Set up AWS Organizations. Enable consolidated billing, and link all existing AWS accounts to a master billing account. Tag all AWS resources with details about the business unit, project and environment. Analyze Cost and Usage reports using tools such as Amazon Athena and Amazon QuickSight, to collect billing details by business unit.

• Question 214:

  A user is configuring MySQL RDS with PIOPS. What should be the minimum PIOPS that the user should provision?

  A. 1000
  B. 200
  C. 2000
  D. 500
  A. 1000

• Question 215:

  You want to mount an Amazon EFS file system on an Amazon EC2 instance using DNS names. Which of the following generic form of a mount target's DNS name must you use to mount the file system?

  A. availability-zone.file-system-id.efs.aws-region.amazonaws.com
  B. efs-system-id.availability-zone.file-aws-region.amazonaws.com
  C. $file-system-id.$availability-zone.$efs.aws-region.$amazonaws.com
  D. #aws-region.#availability-zone.#file-system-id.#efs.#amazonaws.com
  A. availability-zone.file-system-id.efs.aws-region.amazonaws.com

• Question 216:

  You have a periodic image analysis application that gets some files in input, analyzes them and tor each file writes some data in output to a ten file the number of files in input per day is high and concentrated in a few hours of the day. Currently you have a server on EC2 with a large EBS volume that hosts the input data and the results. It takes almost 20 hours per day to complete the process.

  What services could be used to reduce the elaboration time and improve the availability of the solution?

  A. S3 to store I/O files. SQS to distribute elaboration commands to a group of hosts working in parallel. Auto scaling to dynamically size the group of hosts depending on the length of the SQS queue
  B. EBS with Provisioned IOPS (PIOPS) to store I/O files. SNS to distribute elaboration commands to a group of hosts working in parallel Auto Scaling to dynamically size the group of hosts depending on the number of SNS notifications
  C. S3 to store I/O files, SNS to distribute evaporation commands to a group of hosts working in parallel. Auto scaling to dynamically size the group of hosts depending on the number of SNS notifications
  D. EBS with Provisioned IOPS (PIOPS) to store I/O files SQS to distribute elaboration commands to a group of hosts working in parallel Auto Scaling to dynamically size the group ot hosts depending on the length of the SQS queue.
  D. EBS with Provisioned IOPS (PIOPS) to store I/O files SQS to distribute elaboration commands to a group of hosts working in parallel Auto Scaling to dynamically size the group ot hosts depending on the length of the SQS queue.

• Question 217:

  In DynamoDB, which of the following allows you to set alarms when you reach a specified threshold for a metric?

  A. Alarm Signal
  B. DynamoDB Analyzer
  C. CloudWatch
  D. DynamoDBALARM
  C. CloudWatch

• Question 218:

  A company has many services running in its on-premises data center. The data center is connected to AWS using AWS Direct Connect (DX) and an IPSec VPN. The service data is sensitive and connectivity cannot traverse the internet. The company wants to expand into a new market segment and begin offering its services to other companies that are using AWS.

  Which solution will meet these requirements?

  A. Create a VPC Endpoint Service that accepts TCP traffic, host it behind a Network Load Balancer, and make the service available over DX.
  B. Create a VPC Endpoint Service that accepts HTTP or HTTPS traffic, host it behind an Application Load Balancer, and make the service available over DX.
  C. Attach an internet gateway to the VPC. and ensure that network access control and security group rules allow the relevant inbound and outbound traffic.
  D. Attach a NAT gateway to the VPC. and ensure that network access control and security group rules allow the relevant inbound and outbound traffic.
  A. Create a VPC Endpoint Service that accepts TCP traffic, host it behind a Network Load Balancer, and make the service available over DX.

• Question 219:

  Dave is the main administrator in Example Corp., and he decides to use paths to help delineate the users in the company and set up a separate administrator group for each path-based division. Following is a subset of the full list of paths he

  plans to use:

  ?/marketing

  ?/sales

  ?/legal

  Dave creates an administrator group for the marketing part of the company and calls it Marketing_Admin.

  He assigns it the /marketing path. The group's ARN is arn:aws:iam::123456789012:group/marketing/Marketing_Admin.

  Dave assigns the following policy to the Marketing_Admin group that gives the group permission to use all IAM actions with all groups and users in the /marketing path. The policy also gives the Marketing_Admin group permission to perform

  any AWS S3 actions on the objects in the portion of the corporate bucket.

  {

  "Version": "2012-10-17",

  "Statement": [

  {

  "Effect": "Deny",

  "Action": "iam:*",

  "Resource": [

  "arn:aws:iam::123456789012:group/marketing/*",

  "arn:aws:iam::123456789012:user/marketing/*"

  ]

  },

  {

  "Effect": "Allow",

  "Action": "s3:*",

  "Resource": "arn:aws:s3:::example_bucket/marketing/*"

  },

  {

  "Effect": "Allow",

  "Action": "s3:ListBucket*",

  "Resource": "arn:aws:s3:::example_bucket",

  "Condition":{"StringLike":{"s3:prefix": "marketing/*"}}

  }

  ]

  }

  A. True
  B. False
  B. False

• Question 220:

  A company is developing a gene reporting device that will collect genomic information to assist researchers will collecting large samples of data from a diverse population. The device will push 8 KB of genomic data every second to a data platform that will need to process and analyze the data and provide information back to researchers. The data platform must meet the following requirements:

  1.

  Provide near-real-time analytics of the inbound genomic data

  2.

  Ensure the data is flexible, parallel, and durable

  3.

  Deliver results of processing to a data warehouse

  Which strategy should a solutions architect use to meet these requirements?

  A. Use Amazon Kinesis Data Firehouse to collect the inbound sensor data, analyze the data with Kinesis clients, and save the results to an Amazon RDS instance.
  B. Use Amazon Kinesis Data Streams to collect the inbound sensor data, analyze the data with Kinesis clients, and save the results to an Amazon Redshift cluster using Amazon EMR.
  C. Use Amazon S3 to collect the inbound device data, analyze the data from Amazon SQS with Kinesis, and save the results to an Amazon Redshift cluster.
  D. Use an Amazon API Gateway to put requests into an Amazon SQS queue, analyze the data with an AWS Lambda function, and save the results to an Amazon Redshift cluster using Amazon EMR.
  A. Use Amazon Kinesis Data Firehouse to collect the inbound sensor data, analyze the data with Kinesis clients, and save the results to an Amazon RDS instance.