A company is working with an external vendor that requires write access to the company's Amazon Simple Queue Service (Amazon SQS) queue. The vendor has its own AWS account. What should a solutions architect do to implement least privilege access?
A. Update the permission policy on the SQS queue to give write access to the vendor's AWS account.
B. Create an IAM user with write access to the SQS queue and share the credentials for the IAM user.
C. Update AWS Resource Access Manager to provide write access to the SQS queue from the vendor's AWS account.
D. Create a cross-account role with access to all SQS queues and use the vendor's AWS account in the trust document for the role
A company is running a three-tier web application to process credit card payments. The front-end user interface consists of static webpages. The application tier can have long-running processes The database tier uses MySQL.
The application is currently running on a single, general purpose large Amazon EC2 instance A solutions architect needs to decouple the services to make the web application highly available.
Which solution would provide the HIGHEST availability?
A. Move static assets to Amazon CloudFront Leave the application in EC2 in an Auto Scaling group.Move the database to Amazon RDS to deploy Multi-AZ.
B. Move static assets and the application into a medium EC2 instance. Leave the database on the large instance. Place both instances in an Auto Scaling group.
C. Move static assets to Amazon S3. Move the application to AWS Lambda with the concurrency limit set. Move the database to Amazon DynamoDB with on-demand enabled.
D. Move static assets to Amazon S3. Move the application to Amazon Elastic Container Service (Amazon ECS) containers with Auto Scaling enabled. Move the database to Amazon RDS to deploy Multi-AZ
A company is planning to migrate a commercial off-the-shelf application from its on-premises data center to AWS. The software has a software licensing model using sockets and cores with predictable capacity and uptime requirements. The
company wants to use its existing licenses, which were purchased earlier this year.
Which Amazon EC2 pricing option is the MOST cost-effective?
A. Dedicated Reserved Hosts
B. Dedicated On-Demand Hosts
C. Dedicated Reserved Instances
D. Dedicated On-Demand Instances
A company has an image processing workload running on Amazon Elastic Container Service (Amazon ECS) in two private subnets. Each private subnet uses a NAT instance for internet access. All images are stored in Amazon S3 buckets
The company is concerned about the data transfer costs between Amazon ECS and Amazon S3.
What should a solutions architect do to reduce costs?
A. Configure a NAT gateway to replace the NAT instances.
B. Configure a gateway endpoint for traffic destined to Amazon S3.
C. Configure an interface endpoint for traffic destined to Amazon S3
D. Configure Amazon CloudFront for the S3 bucket storing the images
A company operates an ecommerce website on Amazon EC2 instances behind an Application Load Balancer (ALB) in an Auto Scaling group. The site is experiencing performance issues related to a high request rate from illegitimate external systems with changing IP addresses. The security team is worried about potential DDoS attacks against the website The company must block the illegitimate incoming requests in a way that has a minimal impact on legitimate users What should a solutions architect recommend?
A. Deploy Amazon Inspector and associate it with the ALB.
B. Deploy AWS WAF, associate it with cthe ALB, and configure a rate-limiting rule.
C. Deploy rules to the network ACLs associated with the ALB to block the incoming traffic.
D. Deploy Amazon GuardDuty and enable rate-limiting protection when configuring GuardDuty
A company is creating a web application that will store a large number of images in Amazon S3 The images will be accessed by users over variable periods of time. The company wants to:
1.
Retain all the images
2.
Incur no cost for retrieval.
3.
Have minimal management overhead.
4.
Have the images available with no impact on retrieval time.
Which solution meets these requirements?
A. Implement S3 Intelligent-Tiering
B. Implement S3 storage class analysis
C. Implement an S3 Lifecycle policy to move data to S3 Standard-Infrequent Access (S3 Standard-IA).
D. Implement an S3 Lifecycle policy to move data to S3 One Zone-Infrequent Access (S3 One Zone-IA).
A company wants to move a multi-tiered application from on premises to the AWS Cloud to improve the application's performance. The application consists of application tiers that communicate with each other by way of RESTful services.
Transactions are dropped when one tier becomes overloaded A solutions architect must design a solution that resolves these issues and modernizes the application.
Which solution meets these requirements and is the MOST operationally efficient?
A. Use Amazon API Gateway and direct transactions to the AWS Lambda functions as the application layer Use Amazon Simple Queue Service (Amazon SQS) as the communication layer between application services.
B. Use Amazon CloudWatch metrics to analyze the application performance history to determine the servers' peak utilization during the performance failures Increase the size of the application server's Amazon EC2 instances to meet the peak requirements.
C. Use Amazon Simple Notification Service (Amazon SNS) to handle the messaging between application servers running on Amazon EC2 in an Auto Scaling group Use Amazon CloudWatch to monitor the SNS queue length and scale up and down as required
D. Use Amazon Simple Queue Service (Amazon SQS) to handle the messaging between application servers running on Amazon EC2 in an Auto Scaling group Use Amazon CloudWatch to monitor the SQS queue length and scale up when communication failures are detected
A company wants to improve the availability and performance of its stateless UDP-based workload.
The workload is deployed on Amazon EC2 instances in multiple AWS Regions What should a solutions architect recommend to accomplish this?
A. Place the EC2 instances behind Network Load Balancers (NLBs) in each Region Create an accelerator using AWS Global Accelerator. Use the NLBs as endpoints for the accelerator
B. Place the EC2 instances behind Application Load Balancers (ALBs) in each Region. Create an accelerator using AWS Global Accelerator Use the ALBs as endpoints for the accelerator
C. Place the EC2 instances behind Network Load Balancers (NLBs) in each Region. Create an Amazon CloudFront distribution with an origin that uses Amazon Route 53 latency-based routing to route requests to the NLBs
D. Place the EC2 instances behind Application Load Balancers (ALBs) in each Region Create an Amazon CloudFront distribution with an origin that uses Amazon Route 53 latency-based routing to route requests to the ALBs.
A three-tier web application processes orders from customers. The web tier consists of Amazon EC2 instances behind an Application Load Balancer, a middle tier of three EC2 instances decoupled from the web tier using Amazon SQS. and an Amazon DynamoDB backend. At peak times, customers who submit orders using the site have to wait much longer than normal to receive confirmations due to lengthy processing times. A solutions architect needs to reduce these processing times.
Which action will be MOST effective in accomplishing this?
A. Replace the SQS queue with Amazon Kinesis Data Firehose.
B. Use Amazon ElastiCache for Redis in front of the DynamoDB backend tier.
C. Add an Amazon CloudFront distribution to cache the responses for the web tier.
D. Use Amazon EC2 Auto Scaling to scale out the middle tier instances based on the SQS queue depth.
A financial services company has a web application that serves users in the United States and Europe The application consists of a database tier and a web server tier The database tier consists of a MySQL database hosted in us-east-1 Amazon Route 53 geoproximity routing is used to direct traffic to instances in the closest Region A performance review of the system reveals that European users are not receiving the same level of query performance as those in the United States Which changes should be made to the database tier to improve performance?
A. Migrate the database to Amazon RDS for MySQL Configure Multi-AZ in one of the European Regions
B. Migrate the database to Amazon DynamoDB Use DynamoDB global tables to enable replication to additional Regions
C. Deploy MySQL instances in each Region Deploy an Application Load Balancer in front of MySQL to reduce the load on the primary instance
D. Migrate the database to an Amazon Aurora global database in MySQL compatibility mode Configure read replicas in one of the European Regions
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SAA-C02 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.