A company slops a cluster of Amazon EC2 instances over a weekend. The costs decrease, but they do not drop to zero Which resources could still be generating costs? (Select TWO.)
A. Elastic IP addresses
B. Data transfer out
C. Regional data transfers
D. Amazon Elastic Block Store (Amazon EBS) volumes
E. AWS Auto Scaling
A company is designing a cloud communications platform trial is driven by APIs. The application is hosted on Amazon EC2 instances behind a Network Load Balancer (NLB). The company uses Amazon API Gateway to provide external users with access to the application through APIs. The company wants to protect the platform against web exploits like SQL Injection and also wants to detect and mitigate large, sophisticated DDoS attacks
Which combination of solutions provides the MOST protection? (Select TWO.)
A. Use AWS WAF to protect the NLB
B. Use AWS Shield Advanced with the NLB
C. Use AWS WAF to protect Amazon API Gateway
D. Use Amazon GuardDuty with AWS Shield Standard
E. Use AWS Shield Standard with Amazon API Gateway
A company receives data (rem different sources and implements multiple applications to consume this data
There are many short-running jobs that run only on the weekend The data arrives in batches rather than throughout the entire weekend. The company needs an environment on AWS to ingest and process this data while maintaining the order
of the transactions.
Which combination of AWS services meets these requirements in the MOST cost-effective manner?
A. Amazon Kinesis Data Streams with AWS Lambda
B. Amazon Kinesis Data Streams with Amazon EC2 Auto Scaling
C. Amazon Simple Queue Service (Amazon SQS) with AWS Lambda
D. Amazon Simple Queue Service (Amazon SQS) with Amazon EC2 Auto Scaling
A company needs to use its on-premises LDAP directory service to authenticate its users to the AWS Management Console. The directory service is not compatible with Security Assertion Markup Language (SAML) Which solution meets these requirements?
A. Enable AWS Single Sign-On between AWS and the on-premises LDAP
B. Create an 1AM policy mat uses AWS credentials and integrate the policy into LDAP
C. Set up a process that rotates the IAM credentials whenever LDAP credentials are updated.
D. Develop an on-premises custom identity broker application of process mat uses AWS Security Token Service (AWS STS) to get short-lived credentials
An application running on AWS generates audit logs of operational activities Compliance requirements mandate that the application retain the logs for 5 years How can these requirements be met?
A. Save the togs in an Amazon S3 bucket and enable MFA Delete on the bucket
B. Save the togs In an Amazon Elastic File System (Amazon EFS) volume and use Network File System version 4 (NFSv4) locking with the volume
C. Save the togs in an Amazon S3 Glacier vault and define a vault lock policy
D. Save the logs in an Amazon Elastic Block Store (Amazon EBS) volume and take monthly snapshots
A company's security policy requires that alt AWS API activity in its AWS accounts be recorded tor periodic auditing. The company needs to ensure that AWS CloudTrail is enabled on all of its current and future AWS accounts using AWS Organizations.
Which solution is MOST secure?
A. At the organization's root define and attach a service control policy (SCP) that permits enabling CloudTrail only
B. Create 1AM groups in the organization's master account as needed Define and attach an 1AM policy to the groups that prevents users from disabling CloudTrail
C. Organize accounts into organizational units (OUs) At the organization's root, define and attach a service control policy (SCP) that prevents users from disabling CloudTrail
D. Add all existing accounts under the organization's root Define and attach a service control policy (SCP) to every account that prevents users from disabling CloudTrail
A company sells ringtones created from clips of popular songs. The files containing the ringtones are stored in Amazon S3 Standard and are at least 123 KB m size The company has millions of files but downloads are infrequent for ringtones older than 90 days The company needs to save money on storage while keeping the most accessed files readily available for its users. Which action should the company take to meet these requirements MOST cost-effectively?
A. Configure S3 Standard-infrequent Access (S3 Standard-IA) storage for the initial storage tier of the objects
B. Move the files to S3 Intelligent-Tiering and configure it to move objects to a less expensive storage tier after 90 days
C. Configure S3 inventory to manage objects and move them to S3 Standard-infrequent Access (S3 Standard-IA) after 90 days
D. Implement an S3 Lifecycle policy that moves the objects from S3 Standard to S3 Standard- Infrequent Access (S3 Standard-IA) after 90 days
A company is using Amazon DynamoDB to stage its product catalog which is 1 GB. Since a product entry on average consists of100 KB of data, and the average traffic is about 250 requests per second, the database administrator has provisioned 3.000 RCUs of read capacity throughput However, some products are very popular and users are experiencing delays or timeouts due to throttling What improvement offers a long-term solution to this problem?
A. Increase the throughput provisioning to 6.000 read capacity units (RCUs)
B. Use Amazon DynamoDB Accelerator to maintain the frequently read items
C. Augment Amazon DynamoDB by storing only the key product attributes, with the details stored on Amazon S3
D. Change the partition key to consist of a hash of product key and product type instead of just the product key
A company has thousands of edge devices that collectively generate 1 TB of status alerts each day Each alert is approximately 2 KB in size A solutions architect needs to implement a solution to ingest and store the alerts for future analysis. The company wants a highly available solution However the company needs to minimize costs and does not want to manage additional infrastructure Additionally, the company wants to keep 14 days of data available for immediate analysis and archive any data older than 14 days What is the MOST operationally efficient solution that meets these requirements?
A. Create an Amazon Kinesis Data Firehose delivery stream to ingest the alerts Configure the Kinesis Data Firehose stream to deliver the alerts to an Amazon S3 bucket Set up an S3 LifecycJe configuration to transition data to Amazon S3 Glacier after 14 days
B. Launch Amazon EC2 instances across two Availability Zones and place them behind an Elastic Load Balancer to ingest the alerts Create a script on the EC2 instances that will store the alerts in an Amazon S3 bucket Set up an S3 Lifecycle configuration to transition data to Amazon S3 Glacier after 14 days
C. Create an Amazon Kinesis Data Firehose delivery stream to ingest the alerts Configure the Kinesis Data Firehose stream to deliver the alerts to an Amazon Elasticsearch Service (Amazon ES) cluster Set up the Amazon ES cluster to take manual snapshots every day and delete data from the cluster that is older than 14 days
D. Create an Amazon Simple Queue Service (Amazon SQS) standard queue to ingest the alerts and set the message retention penod to 14 days Configure consumers to poll the SQS queue check the age of the message and analyze the message data as needed if the message is 14 days old, the consumer should copy the message to an Amazon S3 bucket and delete the message from the SQS queue
A solutions architect is designing a highly available website that is served by multiple web servers hosted outside of AWS. If an instance becomes unresponsive, the architect needs to remove it from the rotation. What is the MOST efficient way to fulfill this requirement?
A. Use Amazon CloudWatch to monitor utilization.
B. Use Amazon API Gateway to monitor availability.
C. Use an Amazon Elastic Load Balancer.
D. Use Amazon Route 53 health checks.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SAA-C02 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.