A company is relocating its data center and wants to securely transfer 50 TB of data to AWS within 2 weeks The existing data center has a Site-to-Site VPN connection to AWS that is 90% utilized. Which AWS service should a solutions architect use to meet these requirements?
A. AWS DataSync with a VPC endpoint
B. AWS Direct Connect
C. AWS Snowball Edge Storage Optimized
D. AWS Storage Gateway
A company needs to run its external website on Amazon EC2 instances and on-premises virtualized servers The AWS environment has a 1 GB AWS Direct Connect connection to the data center. The application has IP addresses that will not change. The on-premises and AWS servers are able to restart themselves while maintaining the same IP address if a failure occurs Some website users have to add their vendors to an allow list, so the solution must have a fixed IP address The company needs a solution with the lowest operational overhead to handle this split traffic.
What should a solutions architect do to meet these requirements?
A. Deploy an Amazon Route 53 Resolver with rules pointing to the on-premises and AWS IP addresses
B. Deploy a Network Load Balancer on AWS. Create target groups for the on-premises and AWS IP addresses.
C. Deploy an Application Load Balancer on AWS Register the on-premises and AWS IP addresses with the target group.
D. Deploy Amazon API Gateway to direct traffic to the on-premises and AWS IP addresses based on the header of the request.
A company wants to migrate its 1PB on-premises image repository to AWS. The images will be used by a serverless web application Images stored in the repository are rarely accessed, but they must be immediately available. Additionally, the images must be encrypted at rest and protected from accidental deletion.
Which solution meets these requirements?
A. Implement client-side encryption and store the images in an Amazon S3 Glacier vault Set a vault lock to prevent accidental deletion.
B. Store the images in an Amazon S3 bucket in the S3 Standard-Infrequent Access (S3 Standard-IA) storage class Enable versioning: default encryption, and MFA Delete on the S3 bucket
C. Store the images in an Amazon FSx for Windows File Server file share Configure the Amazon FSx file share to use an AWS Key Management Service (AWS KMS) customer master key (CMK) to encrypt the images in the file share Use NTFS permission sets on the images to prevent accidental deletion
D. Store the images in an Amazon Elastic File System (Amazon EFS) file share in the Infrequent Access storage class. Configure the EFS file share to use an AWS Key Management Service (AWS KMS) customer master key (CMK) to encrypt the images in the file share Use NFS permission sets on the images to prevent accidental deletion.
A financial company operates its production AWS environment in the us-east-1 Region and uses Amazon Elastic Block Store (Amazon EBS) snapshots to back up its instances. To meet a compliance requirement, the company must maintain
a secondary copy of all critical data at least 100 miles (160.9 km) away from its primary location.
What is the MOST cost-effective way for the company to meet this requirement?
A. Replicate the EBS snapshots to a different Availability Zone in us-east-1.
B. Replicate the EBS snapshots to us-east-2.
C. Replicate the EBS snapshots to us-west-1.
D. Replicate the EBS snapshots to us-west-2
A solutions architect is investigating AWS file storage solutions that can be used with a company's on- premises Linux servers and applications The company has an existing VPN connection set up between the company's VPC and its on-premises network. Which AWS services should the solutions architect use? (Select TWO )
A. AWS Backup
B. AWS DataSync
C. AWS Snowball Edge
D. AWS Storage Gateway
E. Amazon Elastic File System (Amazon EFS)
A solutions architect needs to host a high performance computing (HPC) workload in the AWS Cloud The workload will run on hundreds of Amazon EC2 instances and will require parallel access to a shared file system to enable distributed processing of large datasets. Datasets will be accessed across multiple instances simultaneously. The workload requires access latency within 1 ms. After processing has completed, engineers will need access to the dataset for manual postprocessing.
Which solution will meet these requirements?
A. Use Amazon Elastic File System (Amazon EFS) as a shared file system Access the dataset from Amazon EFS.
B. Mount an Amazon S3 bucket to serve as the shared file system Perform postprocessing directly from the S3 bucket
C. Use Amazon FSx for Lustre as a shared file system. Link the file system to an Amazon S3 bucket for postprocessing.
D. Configure AWS Resource Access Manager to share an Amazon S3 bucket so that it can be mounted to all instances for processing and postprocessing
A company seeks a storage solution for its application. The solution must be highly available and scalable The solution also must function as a file system, be mountable by multiple Linux instances in AWS and on premises through native
protocols, and have no minimum size requirements. The company has set up a Site-to-Site VPN for access from its on-premises network to its VPC.
Which storage solution meets these requirements?
A. Amazon FSx Multi-AZ deployments
B. Amazon Elastic Block Store (Amazon EBS) Multi-Attach volumes
C. Amazon Elastic File System (Amazon EFS) with multiple mount targets
D. Amazon Elastic File System (Amazon EFS) with a single mount target and multiple access points
The DNS provider that hosts a company's domain name records is experiencing outages that cause service disruption for a website running on AWS The company needs to migrate to a more resilient managed DNS service and wants the service to run on AWS.
What should a solutions architect do to rapidly migrate the DNS hosting service?
A. Create an Amazon Route 53 public hosted zone for the domain name. Import the zone file containing the domain records hosted by the previous provider.
B. Create an Amazon Route 53 private hosted zone for the domain name Import the zone file containing the domain records hosted by the previous provider
C. Create a Simple AD directory in AWS. Enable zone transfer between the DNS provider and AWS Directory Service for Microsoft Active Directory for the domain records.
D. Create an Amazon Route 53 Resolver inbound endpoint in the VPC Specify the IP addresses that the provider's DNS will forward DNS queries to Configure the provider's DNS to forward DNS queries for the domain to the IP addresses that are specified in the inbound endpoint.
A solutions architect needs to allow developers to have SSH connectivity to web servers The requirements are as follows
1.
Limit access to users originating from the corporate network.
2.
Web servers cannot have SSH access directly from the internet.
3.
Web servers reside in a private subnet.
Which combination of steps must the architect complete to meet these requirements? (Select TWO.)
A. Create a bastion host that authenticates users against the corporate directory
B. Create a bastion host with security group rules that only allow traffic from the corporate network.
C. Attach an 1AM role to the bastion host with relevant permissions
D. Configure the web servers' security group to allow SSH traffic from a bastion host.
E. Deny all SSH traffic from the corporate network in the inbound network ACL.
A company wants to monitor its AWS costs for financial review. The cloud operations team is designing an architecture in the AWS Organizations master account to query AWS Cost and Usage Reports for all member accounts. The team must run this query once a month and provide a detailed analysis of the bill.
Which solution is the MOST scalable and cost-effective way to meet these requirements?
A. Enable Cost and Usage Reports in the management account. Deliver reports to Amazon Kinesis. Use Amazon EMR for analysis.
B. Enable Cost and Usage Reports in the management account. Deliver the reports to Amazon S3. Use Amazon Athena for analysis.
C. Enable Cost and Usage Reports for member accounts. Deliver the reports to Amazon S3. Use Amazon Redshift for analysis.
D. Enable Cost and Usage Reports for member accounts. Deliver the reports to Amazon Kinesis. Use Amazon QuickSight for analysis.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SAA-C02 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.