Amazon SAP-C01 Online Practice Questions and Exam Preparation

Amazon SAP-C01 Online Questions & Answers

• Question 861:

  A company wants to analyze log data using date ranges with a custom application running on AWS. The application generates about 10 GB of data every day, which is expected to grow. A Solutions Architect is tasked with storing the data in Amazon S3 and using Amazon Athena to analyze the data.

  Which combination of steps will ensure optimal performance as the data grows? (Choose two.)

  A. Store each object in Amazon S3 with a random string at the front of each key.
  B. Store the data in multiple S3 buckets.
  C. Store the data in Amazon S3 in a columnar format, such as Apache Parquet or Apache ORC.
  D. Store the data in Amazon S3 in objects that are smaller than 10 MB.
  E. Store the data using Apache Hive partitioning in Amazon S3 using a key that includes a date, such as dt=2019-02.
  B. Store the data in multiple S3 buckets.
  C. Store the data in Amazon S3 in a columnar format, such as Apache Parquet or Apache ORC.

• Question 862:

  A flood monitoring agency has deployed more than 10.000 water-level monitoring sensors. Sensors send continuous data updates, and each update Is less than 1 MB in size. The agency has a fleet of on-premises application servers. These

  servers receive updates from the sensors, convert the raw data into a human readable format, and write the results to an on-premises relational database server Data analysts then use simple SQL queries to monitor the data.

  The agency wants to increase overall application availability and reduce the effort that is required to perform maintenance tasks. These maintenance tasks, which include updates and patches to the application servers, cause downtime. While

  an application server is down, data is lost from sensors because the remaining servers cannot handle the entire workload.

  The agency wants a solution that optimizes operational overhead and costs. A solutions architect recommends the use of AWS loT Core to collect the sensor data. What else should the solutions architect recommend to meet these requirements?

  A. Send the sensor data to Amazon Kinesis Data Firehose. Use an AWS Lambda function to read the Kinesis Data Firehose data, convert it to .csv format, and insert it into an Amazon Aurora MySQL DB Instance. Instruct the data analysts to query the data directly from the DB Instance.
  B. Send the sensor data to Amazon Kinesis Data Firehose. Use an AWS Lambda function to read the Kinesis Data Firehose data, convert it to Apache Parquet format, and save it to an Amazon S3 bucket. Instruct the data analysts to query the data by using Amazon Athena.
  C. Send the sensor data to an Amazon Kinesis Data Analytics application to convert the data to csv format and store it in an Amazon S3 bucket. Import the data Into an Amazon Aurora MySQL DB instance. Instruct the data analysts to query the data directly from the DB instance
  D. Send the sensor data to an Amazon Kinesis Data Analytics application to convert the data to Apache Parquet format and store it in an Amazon S3 bucket. Instruct the data analysts to query the data by using Amazon Athena.
  B. Send the sensor data to Amazon Kinesis Data Firehose. Use an AWS Lambda function to read the Kinesis Data Firehose data, convert it to Apache Parquet format, and save it to an Amazon S3 bucket. Instruct the data analysts to query the data by using Amazon Athena.

• Question 863:

  A company is planning the migration of several lab environments used for software testing. An assortment of custom tooling is used to manage the test runs for each lab. The labs use immutable infrastructure for the software test runs, and the results are stored in a highly available SQL database cluster. Although completely rewriting the custom tooling is out of scope for the migration project, the company would like to optimize workloads during the migration.

  Which application migration strategy meets this requirement?

  A. Re-host
  B. Re-platform
  C. Re-factor/re-architect
  D. Retire
  B. Re-platform

• Question 864:

  You are looking to migrate your Development (Dev) and Test environments to AWS. You have decided to use separate AWS accounts to host each environment. You plan to link each accounts bill to a Master AWS account using Consolidated Billing. To make sure you keep within budget you would like to implement a way for administrators in the Master account to have access to stop, delete and/or terminate resources in both the Dev and Test accounts.

  Identify which option will allow you to achieve this goal.

  A. Create IAM users in the Master account with full Admin permissions. Create cross-account roles in the Dev and Test accounts that grant the Master account access to the resources in the account by inheriting permissions from the Master account.
  B. Create IAM users and a cross-account role in the Master account that grants full Admin permissions to the Dev and Test accounts.
  C. Create IAM users in the Master account. Create cross-account roles in the Dev and Test accounts that have full Admin permissions and grant the Master account access.
  D. Link the accounts using Consolidated Billing. This will give IAM users in the Master account access to resources in the Dev and Test accounts
  C. Create IAM users in the Master account. Create cross-account roles in the Dev and Test accounts that have full Admin permissions and grant the Master account access.

• Question 865:

  A developer reports receiving an Error 403: Access Denied message when they try to download an object from an Amazon S3 bucket. The S3 bucket is accessed using an S3 endpoint inside a VPC. and is encrypted with an AWS KMS key. A solutions architect has verified that (he developer is assuming the correct IAM role in the account that allows the object to be downloaded. The S3 bucket policy and the NACL are also valid.

  Which additional step should the solutions architect take to troubleshoot this issue?

  A. Ensure that blocking all public access has not been enabled in the S3 bucket.
  B. Verify that the IAM rote has permission to decrypt the referenced KMS key.
  C. Verify that the IAM role has the correct trust relationship configured.
  D. Check that local firewall rules are not preventing access to the S3 endpoint.
  A. Ensure that blocking all public access has not been enabled in the S3 bucket.

• Question 866:

  A company is running an application in the AWS Cloud. The company's security team must approve the creation of all new IAM users. When a new 1AM user is created, all access for the user must be removed automatically. The security team must then receive a notification to approve the user. The company has a multi-Region AWS CloudTrail trail In the AWS account.

  Which combination of steps will meet these requirements? (Select THREE.)

  A. Create an Amazon EventBridge (Amazon CloudWatch Events) rule. Define a pattern with the detail-type value set to AWS API Call via CloudTrail and an eventName of CreateUser.
  B. Configure CloudTrail to send a notification for the CreateUser event to an Amazon Simple Notification Service (Amazon SNS) topic.
  C. Invoke a container that runs in Amazon Elastic Container Service (Amazon ECS) with AWS Fargate technology to remove access
  D. Invoke an AWS Step Functions state machine to remove access.
  E. Use Amazon Simple Notification Service (Amazon SNS) to notify the security team.
  F. Use Amazon Pinpoint to notify the security team.
  A. Create an Amazon EventBridge (Amazon CloudWatch Events) rule. Define a pattern with the detail-type value set to AWS API Call via CloudTrail and an eventName of CreateUser.
  B. Configure CloudTrail to send a notification for the CreateUser event to an Amazon Simple Notification Service (Amazon SNS) topic.
  E. Use Amazon Simple Notification Service (Amazon SNS) to notify the security team.

• Question 867:

  A company has asked a Solutions Architect to design a secure content management solution that can be accessed by API calls by external customer applications. The company requires that a customer administrator must be able to submit an API call and roll back changes to existing files sent to the content management solution, as needed.

  What is the MOST secure deployment design that meets all solution requirements?

  A. Use Amazon S3 for object storage with versioning and bucket access logging enabled, and an IAM role and access policy for each customer application. Encrypt objects using SSE-KMS. Develop the content management application to use a separate AWS KMS key for each customer.
  B. Use Amazon WorkDocs for object storage. Leverage WorkDocs encryption, user access management, and version control. Use AWS CloudTrail to log all SDK actions and create reports of hourly access by using the Amazon CloudWatch dashboard. Enable a revert function in the SDK based on a static Amazon S3 webpage that shows the output of the CloudWatch dashboard.
  C. Use Amazon EFS for object storage, using encryption at rest for the Amazon EFS volume and a customer managed key stored in AWS KMS. Use IAM roles and Amazon EFS access policies to specify separate encryption keys for each customer application. Deploy the content management application to store all new versions as new files in Amazon EFS and use a control API to revert a specific file to a previous version.
  D. Use Amazon S3 for object storage with versioning and enable S3 bucket access logging. Use an IAM role and access policy for each customer application. Encrypt objects using client-side encryption, and distribute an encryption key to all customers when accessing the content management application.
  A. Use Amazon S3 for object storage with versioning and bucket access logging enabled, and an IAM role and access policy for each customer application. Encrypt objects using SSE-KMS. Develop the content management application to use a separate AWS KMS key for each customer.

• Question 868:

  A company has loT sensors that monitor traffic patterns throughout a large city. The company wants to read and collect data from the sensors and perform aggregations on the data.

  A solutions architect designs a solution in which the loT devices are streaming to Amazon Kinesis Data Streams. Several applications are reading from the stream. However, several consumers are experiencing throttling and are periodically

  encountering a ReadProvisionedThroughputExceeded error.

  Which actions should the solutions architect take to resolve this issue? (Select THREE.)

  A. Reshard the stream to increase the number of shards in the stream.
  B. Use the Kinesis Producer Library (KPL). Adjust the polling frequency.
  C. Use consumers with the enhanced fan-out feature.
  D. Reshard the stream to reduce the number of shards in the stream.
  E. Use an error retry and exponential backoff mechanism in the consumer logic.
  F. Configure the stream to use dynamic partitioning.
  A. Reshard the stream to increase the number of shards in the stream.
  C. Use consumers with the enhanced fan-out feature.
  D. Reshard the stream to reduce the number of shards in the stream.

• Question 869:

  What is the maximum length for an instance profile name in AWS IAM?

  A. 512 characters
  B. 128 characters
  C. 1024 characters
  D. 64 characters
  B. 128 characters

• Question 870:

  A company is running a critical application that uses an Amazon RDS for MySQL database to store data.

  The RDS DB instance is deployed in Multi-AZ mode.

  A recent RDS database failover test caused a 40-second outage to the application A solutions architect needs to design a solution to reduce the outage time to less than 20 seconds.

  Which combination of steps should the solutions architect take to meet these requirements? (Select THREE.)

  A. Use Amazon ElastiCache for Memcached in front of the database
  B. Use Amazon ElastiCache for Redis in front of the database.
  C. Use RDS Proxy in front of the database
  D. Migrate the database to Amazon Aurora MySQL
  E. Create an Amazon Aurora Replica
  F. Create an RDS for MySQL read replica
  A. Use Amazon ElastiCache for Memcached in front of the database
  B. Use Amazon ElastiCache for Redis in front of the database.
  F. Create an RDS for MySQL read replica