A solutions architect is creating a new Amazon CloudFront distribution for an application Some of the information submitted by users is sensitive The application uses HTTPS but needs another layer of security. The sensitive information
should be protected throughout the entire application stack, and access to the information should be restricted to certain applications.
Which action should the solutions architect take?
A. Configure a CloudFront signed URL B. Configure a CloudFront signed cookie. C. Configure a CloudFronl field-level encryption profile. D. Configure CloudFront and set the Origin Protocol Policy setting to HTTPS Only for the Viewer Protocol Pokey
D. Configure CloudFront and set the Origin Protocol Policy setting to HTTPS Only for the Viewer Protocol Pokey
Explanation/Reference:
Question 452:
A company is preparing to migrate its on-premises application to AWS The application consists of application servers and a Microsoft SQL Server database The database cannot be migrated to a different engine because SQL Server features are used in the application's NET code. The company wants to attain the greatest availability possible while minimizing operational and management overhead
What should a solutions architect do to accomplish this?
A. Install SQL Server on Amazon EC2 in a Multi-AZ deployment B. Migrate the data to Amazon RDS for SQL Server in a Multi-AZ deployment. C. Deploy the database on Amazon RDS for SQL Server with Multi-AZ Replicas. D. Migrate the data to Amazon RDS for SQL Server in a cross Region Multi-AZ deployment
B. Migrate the data to Amazon RDS for SQL Server in a Multi-AZ deployment.
Explanation/Reference:
Question 453:
A company runs a web-based portal that provides users with global breaking news, local alerts, and weather updates The portal delivers each user a personalized view by using a mixture of static and dynamic content Content is served over HTTPS through an API server running on an Amazon EC2 instance behind an Application Load Balancer (ALB). The company wants the portal to provide this content to its users across the world as quickly as possible.
How should a solutions architect design the application to ensure the LEAST amount of latency for all users?
A. Deploy the application stack in a single AWS Region Use Amazon CloudFront to serve all static and dynamic content by specifying the ALB as an origin B. Deploy the application stack in two AWS Regions Use an Amazon Route 53 latency routing policy to serve all content from the ALB in the closest Region. C. Deploy the application stack in a single AWS Region Use Amazon CloudFront to serve the static content Serve the dynamic content directly from the ALB. D. Deploy the application stack in two AWS Regions Use an Amazon Route 53 geolocation routing policy to serve all content from the ALB in the closest Region.
A. Deploy the application stack in a single AWS Region Use Amazon CloudFront to serve all static and dynamic content by specifying the ALB as an origin
Explanation/Reference:
Question 454:
A company wants to experiment with individual AWS accounts tor its engineer team The company wants to be notified as soon as the Amazon EC2 instance usage for a given month exceeds a specific threshold for each account.
What should a solutions architect do to meet this requirement MOST cost-effectively?
A. Use Cost Explorer to create a daily report of costs by service. Filter the report by EC2 instances. Configure Cost Explorer to send an Amazon Simple Email Service (Amazon SES) notification when a threshold is exceeded B. Use Cost Explorer to create a monthly report of costs by service. Filter the report by EC2 instances Configure Cost Explorer to send an Amazon Simple Email Service (Amazon SES) notification when a threshold is exceeded C. Use AWS Budgets to create a cost budget for each account Set the period to monthly Set the scope to EC2 instances Set an alert threshold for the budget Configure an Amazon Simple Notification Service (Amazon SNS) topic to receive a notification when a threshold is exceeded. D. Use AWS Cost and Usage Reports to create a report with hourly granularity. Integrate the report data with Amazon Athena. Use Amazon EventBridge (Amazon CloudWatch Events) to schedule an Athena query Configure an Amazon Simple Notifiication Service (Amazon SNS) topic lo receive a notification when a threshold is exceeded
B. Use Cost Explorer to create a monthly report of costs by service. Filter the report by EC2 instances Configure Cost Explorer to send an Amazon Simple Email Service (Amazon SES) notification when a threshold is exceeded
Question 455:
A database is on an Amazon RDS MYSQL 5.6 Multi-AZ DB instance that experience highly dynamic reads. Application developers notice a significant slowdown when testing read performance from a secondary AWS Region. The developers want a solution that provides less than 1 second of read replication latency.
What should the solutions architect recommend?
A. Install MySQL on Amazon EC2 in the secondary Region. B. Migrate the database to Amazon Aurora with cross-Region replicas. C. Create another RDS for MySQL read replica in the secondary. D. Implement Amazon ElastiCache to improve database query performance.
B. Migrate the database to Amazon Aurora with cross-Region replicas.
Explanation/Reference:
Question 456:
A company is preparing to deploy a new serverless workload. A solutions architect needs to configure permissions for invoking an AWS Lambda function. The function will be triggered by an Amazon EventBridge (Amazon CloudWatch
Events) rule. Permissions should be configured using the principle of least privilege.
Which solution will meet these requirements?
A. Add an execution role to the function with lambda;lnvokeFunction as the action and * as the principal. B. Add an execution rote to the function with lambda;lnvokeFunction as the action and Service:eventsamazonaws.com as the principal. C. Add a resource-based policy to the function with lambda;' as the action and Service:events.amazonaws.com as the principal. D. Add a resource-based policy to the function with lambda;InvokeFunction as the action and Service: events.amazonaws.com as the principal.
B. Add an execution rote to the function with lambda;lnvokeFunction as the action and Service:eventsamazonaws.com as the principal.
Explanation/Reference:
Question 457:
A company is hosting an application in its own data center The application uses Amazon S3 for data storage The application transfers several hundred terabytes of data every month to and from Amazon S3 The company needs to minimize the cost of this data transfer.
Which solution meets this requirement?
A. Establish an AWS Direct Connect connection between the AWS Region in use and the company's data center Route traffic to Amazon S3 over the Direct Connect connection B. Establish an AWS Site-to-Site VPN connection between the company's data center and a VPC in the AWS Region in use Create a VPC endpoint for Amazon S3 in the VPC Route traffic to Amazon S3 over the VPN connection to the S3 endpoint. C. Create an AWS Storage Gateway file gateway Deploy the software appliance in the company's data center Configure the application to use the file gateway to store and retrieve files D. Create an FTPS server by using AWS Transfer Family Configure the application to use the FTPS server to store and retrieve files
C. Create an AWS Storage Gateway file gateway Deploy the software appliance in the company's data center Configure the application to use the file gateway to store and retrieve files
Question 458:
A web application must send order data to Amazon S3 to support near-time processing. A solutions architect needs to create an architecture that is scalable and fault tolerant.
Which solutions meet these requirements? (Select TWO.)
A. Write the order event to an Amazon DynamoDB table DynamoDB table. Use Amazon DynamoDB A. Streams to invoke an AWS Lambda function that parses the payload and writes the data to Amazon S3. B. Write the order event to an Amazon Simple Queue Service (Amazon SQS) queue. Use the queue to invoke an AWS Lambda function that parses the payload and writes the data to Amazon S3. C. Write the order event to an Amazon Simple Queue (Amazon SQS) queue. Use an Amazon EventBridge ( Amazon CloudWatch Events) rule to invoke an AWS C. Lambda function that parses the payload and writes the data to Amazon S3. D. Write the order event to an Amazon Simple Notification Service (Amazon SNS) topic. Use an Amazon EventBridge (Amazon CloudWatch Events) rule to invoke an AWS Lambda function that parses the payload and writes the data to Amazon S3.
A. Write the order event to an Amazon DynamoDB table DynamoDB table. Use Amazon DynamoDB A. Streams to invoke an AWS Lambda function that parses the payload and writes the data to Amazon S3. B. Write the order event to an Amazon Simple Queue Service (Amazon SQS) queue. Use the queue to invoke an AWS Lambda function that parses the payload and writes the data to Amazon S3.
Explanation/Reference:
Question 459:
A company has a legacy application that processes data in two parts. The second part of the process takes longer than the first, so the company has decided to rewrite the application as two microservices running on Amazon ECS that can scale independently How should a solutions architect integrate the microservices?
A. Implement code in microservice 1 to send data to an Amazon S3 bucket. Use S3 event notifications to invoke microservice 2 B. Implement code in microservice 1 to publish data to an Amazon SNS topic. Implement code In microservice 2 to subscribe to this topic. C. Implement code in microservice 1 to send data to Amazon Kinesis Data Firehose. Implement code in microservice 2 to read from Kinesis Data Firehose. D. Implement code in microservice 1 to send data to an Amazon SQS queue. Implement code in microservice 2 to process messages from the queue.
D. Implement code in microservice 1 to send data to an Amazon SQS queue. Implement code in microservice 2 to process messages from the queue.
Explanation/Reference:
Decoupling of two task/Microservice SQS is best option. Some time pay more attention toward question because SQS will not trigger some service have to poll message from SQS.
Question 460:
A company expects its user base to increase five times over one year. Its application is hosted in one region and uses an Amazon RDS for MySQL database, an Application Load Balance Amazon Elastic Container Service (Amazon ECS) to host the website and its microservices. Which design changes should a solutions architect recommend to support the expected growth? (SelectTWO.)
A. Move static files from Amazon ECS to Amazon S3 B. Use an Amazon Route 53 geolocation routing policy. C. Scale the environment based on real-time AWS CloudTrail logs. D. Create a dedicated Elastic Load Balancer for each microservice. E. Create RDS lead replicas and change the application to use these replicas.
A. Move static files from Amazon ECS to Amazon S3 E. Create RDS lead replicas and change the application to use these replicas.
Nowadays, the certification exams become more and more important and required by more and more
enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare
for the exam in a short time with less efforts? How to get a ideal result and how to find the
most reliable resources? Here on Vcedump.com, you will find all the answers.
Vcedump.com provide not only Amazon exam questions,
answers and explanations but also complete assistance on your exam preparation and certification
application. If you are confused on your SAA-C02 exam preparations
and Amazon certification application, do not hesitate to visit our
Vcedump.com to find your solutions here.