A company has a popular gaming platform running on AWS. The application is sensitive to latency because latency can impact the user experience and Introduce unfair advantages to some prayers. The application la deployed In a very AWS Region. It runs on Amazon FC2 Instances Vial are part of Auto Scaling groups configured behind Application Load Balancers (ALBs) A solutions architect needs to implement a mechanism to monitor the hearth of the application and redirect traffic to healthy endpoints.
Which solution meets these requirements?
A. Configure an accelerator In AWS Global Accelerator Add a listens for the port that the application listens on. and attach it to a Regional endpoint m each Region Add the ALB as the endpoint
B. Create an Amazon CloudFron4t distribution and specify the ALB as the origin server Configure the cache behaviour to use origin cache headers Use AWS Lambda functions to optimize the traffic
C. Create an Amazon CloudFront distribution and specify Amazon S3 as the origin server. Configure tie cache behaviour to use origin cache headers Use AWS Lambda functions to optimize the traffic
D. Configure an Amazon DynamoDB database to serve as the data store tor the application Create a DynamoDB Accelerator (DAX) cluster to act as the m-memory cache for DynamoDB hosting the application data
A company wants to enforce strict security guidelines on accessing AWS Cloud resources as the company migrates production workloads from its data centers. Company management wants all users to receive permissions according to their job roles and functions.
Which solution meets these requirements with the LEAST operational overhead?
A. Create an AWS Single Sign-On deployment. Connect to the on-premises Active Directory to centrally manage users and permissions across the company
B. Create an 1AM role for each job function. Require each employee to call the stsiAssumeRole action in the AWS Management Console to perform their job role.
C. Create individual 1AM user accounts for each employee Create an 1AM policy for each job function, and attach the policy to all 1AM users based on their job role.
D. Create individual 1AM user accounts for each employee. Create 1AM policies for each job function. Create 1AM groups, and attach associated policies to each group. Assign the 1AM users to a group based on their Job role.
A company is using a VPC peering strategy to connect its VPCs in a single Region to allow for cross-communication. A recent increase in account creations and VPCs has made it difficult to maintain the VPC peering strategy, and the company expects to grow to hundreds of VPCs. There are also new requests to create site-to-site VPNs some of the VPCs. A solution architect has been tasked with creating a centrally managed networking setup for multiple account, VPCs and VPNs.
Which networking solution these requirements?
A. Configure shared VPCs and VPNs and share to each other.
B. Configure a hub-and-spoke VPC and route all traffic through VPC peering.
C. Configure an AWS Direct Connect connection between al VPCs and VPNs.
D. Configure a transit gateway with Transit Gateway and connect all VPCs and VPNs.
A solutions architect is designing a multi-Region disaster recovery solution (or an application that will provide public API access The application will use Amazon EC2 instances with a userdata script to load application code and an Amazon RDS for MySQL database The Recovery Time Objective (RTO) is 3 hours and the Recovery Point Objective (RPO) is 24 hours
Which architecture would meet these requirements at the LOWEST cost/?
A. Use an Application Load Balancer for Region failover Deploy new EC2 instances with the userdata script Deploy separate RDS instances in each Region
B. Use Amazon Route 53 for Region failover Deploy new EC2 instances with the userdata script Create a read replica of the RDS instance in a backup Region
C. Use Amazon API Gateway tor the public APIs and Region failover Deploy new EC2 instances with the userdata script Create a MySQL read replica of the RDS instance in a backup Region
D. Use Amazon Route 53 for Region failover Deploy new EC2 instances with the userdata script for APIs, and create a snapshot of the RDS instance daily for a backup Replicate the snapshot to a backup Region
An airline that is based in the United States provides services for routes in North America and Europe. The airline is developing a new read-intensive application that customers can use to find flights on either continent.
The application requires strong read consistency and needs scalable database capacity to accommodate changes in user demand. The airline needs the database service to synchronize with the least possible latency between the two continents and to provide a simple failover mechanism to a second AWS Region.
Which solution will meet these requirements?
A. Deploy Microsoft SQL Server on Amazon EC2 instances in a Region in North America. Use SOL Server binary log replication on an EC2 instance in a Region in Europe.
B. Create an Amazon DynamoDB global table Add a Region from North America and a Region from Europe to the table. Query data with strongly consistent reads.
C. Use an Amazon Aurora MySQL global database. Deploy the read-write node in a Region in North America, and deploy read-only endpoints in Regions in North America and Europe. Query data with global read consistency.
D. Create a subscriber application that uses Amazon Kinesis Data Steams for an Amazon Redshift cluster in a Region in North America. Create a second subscriber application for the Amazon Redshift cluster in a Region in Europe. Process all database modifications through Kinesis Data Streams.
A company runs an internet-facing web application on AWS. The company uses Amazon Route 53 for DNS management and has a public hosted zone lo route traffic from the internet to the application. The company wants to tog DNS response codes to help system administrators perform any root cause analysis in the future.
Which solution will meet these requirements?
A. Use Route 53 to configure query togging
B. Use AWS CloudTrail lo record ail Route 53 queries
C. Use Amazon CloudWatch to record and process Route 53 metrics
D. Use AWS Trusted Advisor to perform on-demand root cause analysis
A startup company is using me AWS Cloud to develop a traffic control monitoring system for a large city The system must be highly available and must provide near-real-time results for residents and city officials even during peak events
Gigabytes of data will come in daily from loT devices that run at intersections and freeway ramps across the city The system must process the data sequentially to provide the correct timeline However results need to show only what has
happened in the last 24 hours.
Which solution will meet these requirements MOST cost-effectively?
A. Deploy Amazon Kinesis Data Firehose to accept incoming data from the loT devices and write the data to Amazon S3 Build a web dashboard to display the data from the last 24 hours
B. Deploy an Amazon API Gateway API endpoint and an AWS Lambda function to process incoming data from the loT devices and store the data in Amazon DynamoDB Build a web dashboard to display the data from the last 24 hours
C. Deploy an Amazon API Gateway API endpoint and an Amazon Simple Notification Service (Amazon SNS) tope to process incoming data from the loT devices Write the data to Amazon Redshift Build a web dashboard to display the data from the last 24 hours
D. Deploy an Amazon Simple Queue Service (Amazon SQS) FIFO queue and an AWS Lambda function to process incoming data from the loT devices and store the data in an Amazon RDS DB instance Build a web dashboard to display the data from the last 24 hours
A company is running a highly sensitive application on Amazon EC2 backed by an Amazon RDS database Compliance regulations mandate that all personally identifiable information (Pll) be encrypted at rest. Which solution should a solutions architect recommend to meet this requirement with the LEAST amount of changes to the infrastructure?
A. Deploy AWS Certificate Manager to generate certificates Use the certificates to encrypt the database volume
B. Deploy AWS CloudHSM, generate encryption keys, and use the customer master key (CMK) to encrypt database volumes
C. Configure SSL encryption using AWS Key Management Service customer master keys (AWS KMS CMKs) to encrypt database volumes.
D. Configure Amazon Elastic Block Store (Amazon EBS) encryption and Amazon RDS encryption with AWS Key Management Service (AWS KMS) keys to encrypt instance and database volumes
A company needs to save the results from a medical trial to an Amazon S3 repository. The repository must allow a few scientists to add new dies and must restrict all other users to read-only access No users can have the ability to modify or delete any files in the repository. The company must heap every lie in the repository for a minimum of 1 year after its creation date.
Which solution will meet these requirements?
A. Use S3 Object Lock In governance mode with a legal hold of 1 year
B. Use S3 Object Lock in compliance mode with a retention period of 365 days.
C. Use an IAM role to restrict all users from deleting or changing objects in the S3 bucket Use an S3 bucket policy to only allow the IAM role
D. Configure the S3 bucket to invoke an AWS Lambda function every tune an object is added Configure the function to track the hash of the saved object to that modified objects can be marked accordingly
A solutions architect is designing a solution to access a catalog of images and provide users with the ability to submit requests to customize images Image customization parameters wilt be in every request that is sent to an Amazon API Gateway API. The solution will generate tie customized images on demand. Users will receive a link that they can use to view or download their customized images. The solution must be highly available for viewing and customizing images
What should the solutions architect do to meet these requirements MOST cost effectively?
A. Use Amazon EC2 instances to manipulate the original images into the requested customizations Store the original and manipulated images in Amazon S3. Configure an Elastic Load Balancer in front. of the EC2 Instances.
B. Use AWS Lambda to manipulate the original images into the requested customization.Store the original and manipulated images in Amazon S3. Configure an Amazon CloudFront distribution with the S3 bucket as the origin.
C. Use AWS Lambda to manipulate the original images into the requested customizations Store the original images in Amazon S3 Store the manipulated images in Amazon DynamoDB. Provision an Application Load Balancer and Amazon EC2 instances to serve the content.
D. Use Amazon EC2 instances to manipulate the original Images Into the requested customizations. Store the original images in Amazon S3. Store the manipulated Images m Amazon DynamoDB Configure an Amazon CloudFront distribution with the S3 bucket as the origin
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Amazon exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SAA-C02 exam preparations and Amazon certification application, do not hesitate to visit our Vcedump.com to find your solutions here.