A company has an application that scans millions of connected devices for security threats and pushes the scan logs to an Amazon S3 bucket. A total of 70 GB of data is generated each week, and the company needs to store 3 years of data
for historical reporting. The company must process, aggregate, and enrich the data from Amazon S3 by performing complex analytical queries and joins in the least amount of time. The aggregated dataset is visualized on an Amazon
QuickSight dashboard.
What should a solutions architect recommend to meet these requirements?
A. Create and run an ETL job in AWS Glue to process the data from Amazon S3 and load it into Amazon Redshift. Perform the aggregation queries on Amazon Redshift. B. Use AWS Lambda functions based on S3 PutObject event triggers to copy the incremental changes to Amazon DynamoDB. Perform the aggregation queries on DynamoDB. C. Use AWS Lambda functions based on S3 PutObject event triggers to copy the incremental changes to Amazon Aurora MySQL Perform the aggregation queries on Aurora MySQL D. Use AWS Glue to catalog the data in Amazon S3. Perform the aggregation queries on the cataloged tables by using Amazon Athena. Query the data directly from Amazon S3.
A. Create and run an ETL job in AWS Glue to process the data from Amazon S3 and load it into Amazon Redshift. Perform the aggregation queries on Amazon Redshift.
Question 762:
A company is hosting a website behind multiple Application Load Balancers. The company has different distribution rights for its content around the world. A solutions architect needs to ensure that users are served the correct content without violating distribution rights. Which configuration should the solutions architect choose to meet these requirements?
A. Configure Amazon CloudFront with AWS WAF. B. Configure Application Load Balancers with AWS WAF. C. Configure Amazon Route 53 with a geolocation policy. D. Configure Amazon Route 53 with a geoproximity routing policy.
B. Configure Application Load Balancers with AWS WAF.
A company has a three-tier image-sharing application it uses an Amazon EC2 instance for the front- end layer, another for the backend tier, and a third for the MySQL database A solutions architect has been tasked with designing a solution
that is highly available, and requires the least amount of changes to the application.
Which solution meets these requirements?
A. Use Amazon S3 to host the front-end layer and AWS Lambda functions for the backend layer Move the database to an Amazon DynamoDB table and use Amazon S3 to store and serve users' images B. Use load-balanced Multi-AZ AWS Elastic Beanstalk environments for the front-end and backend layers Move the database to an Amazon RDS instance with multiple read replicas to store and serve users' images. C. Use Amazon S3 to host the front-end layer and a fleet of Amazon EC2 instances in an Auto Scaling group for the backend layer Move the database to a memory optimized instance type to store and serve users' images D. Use load-balanced Multi-AZ AWS Elastic Beanstalk environments for the front-end and backend layers Move the database to an Amazon RDS instance with a Multi-AZ deployment Use Amazon S3 to store and serve users' images
D. Use load-balanced Multi-AZ AWS Elastic Beanstalk environments for the front-end and backend layers Move the database to an Amazon RDS instance with a Multi-AZ deployment Use Amazon S3 to store and serve users' images
Question 764:
A solutions architect is planning the deployment of a new static website. The solution must minimize costs and provide at least 99% availability.
Which solution meets these requirements?
A. Deploy the application to an Amazon S3 bucket in one AWS Region that has versioning disabled. B. Deploy the application to Amazon EC2 instances that run in two AWS Regions and two Availability Zones. C. Deploy the application to an Amazon S3 bucket that has versioning and cross-Region replication enabled. D. Deploy the application to an Amazon EC2 instance that runs in one AWS Region and one Availability Zone.
A. Deploy the application to an Amazon S3 bucket in one AWS Region that has versioning disabled.
Explanation/Reference:
Question 765:
A solution architect is designing the infrastructure for an application. The application must have a managed MySQL database mat is highly available. The database will be (censed only by resources in the same VPC. The database also must have auto scaling for storage and compute Which solution meets these requirements?
A. Amazon RDS tor MySQL B. Amazon Aurora with MySQL compatibility C. Amazon Aurora Serverless with MySQL compatibility D. MySQL on Amazon EC2 instances with Amazon Elastic File System (Amazon EFS)
A. Amazon RDS tor MySQL
Question 766:
A company has a mobile chat application with a data store based in Amazon DynamoDB. Users would like new messages to be read with as little latency as possible. A solutions architect needs to design an optimal solution that requires
minimal application changes.
Which method should the solutions architect select?
A. Configure Amazon DynamoDB Accelerator (DAX) for the new messages table. Update the code to use the DAX endpoint. B. Add DynamoDB read replicas to handle the increased read load. Update the application to point to the read endpoint for the read replicas. C. Double the number of read capacity units for the new messages table in DynamoDB. Continue to use the existing DynamoDB endpoint. D. Add an Amazon ElastiCache for Redis cache to the application stack. Update the application to point to the Redis cache endpoint instead of DynamoDB.
A. Configure Amazon DynamoDB Accelerator (DAX) for the new messages table. Update the code to use the DAX endpoint.
A company needs to create an Amazon Elastic Kubernetes Service (Amazon EKS) cluster to host a digital media streaming application. The EKS cluster will use a managed node group that is backed by Amazon Elastic Block Store (Amazon EBS) volumes for storage. The company must encrypt all data at rest by using a customer managed key that is stored in AWS Key Management Service (AWS KMS)
Which combination of actions will meet this requirement with the LEAST operational overhead? (Select TWO.)
A. Use a Kubernetes plugin that uses the customer managed key to perform data encryption. B. After creation of the EKS cluster, locate the EBS volumes. Enable encryption by using the customer managed key. C. Enable EBS encryption by default in the AWS Region where the EKS cluster will be created. Select the customer managed key as the default key. D. Create the EKS cluster Create an 1AM role that has cuwlicy that grants permission to the customer managed key. Associate the role with the EKS cluster. E. Store the customer managed key as a Kubernetes secret in the EKS cluster. Use the customer managed key to encrypt the EBS volumes.
A. Use a Kubernetes plugin that uses the customer managed key to perform data encryption. D. Create the EKS cluster Create an 1AM role that has cuwlicy that grants permission to the customer managed key. Associate the role with the EKS cluster.
Question 768:
A company is implementing a new business application The application runs on two Amazon EC2 instances and uses an Amazon S3 bucket for document storage A solutions architect needs to ensure that the EC? instances can access the S3 bucket
What should the solutions architect do to moot this requirement?
A. Create an IAM role that grants access to the S3 bucket. Attach the role to the EC2 Instances. B. Create an IAM policy that grants access to the S3 bucket Attach the policy to the EC2 Instances C. Create an IAM group that grants access to the S3 bucket Attach the group to the EC2 instances D. Create an IAM user that grants access to the S3 bucket Attach the user account to the EC2 Instances
A. Create an IAM role that grants access to the S3 bucket. Attach the role to the EC2 Instances.
Explanation/Reference:
Question 769:
A company's website runs on Amazon EC2 instances behind an Application Load Balancer (ALB) The website has a mix of dynamic and static content Users around the globe are reporting that the website is slow Which set of actions will improve website performance for users worldwide?
A. Create an Amazon CloudFront distribution and configure the ALB as an origin Then update the Amazon Route 53 record to point to the CloudFront distribution B. Create a latency-based Amazon Route 53 record for the ALB Then launch new EC2 instances with larger instance sizes and register the instances with the ALB C. Launch nev. EC2 instances hosting the same web application in different Regions closer to the users. Then register the instances with the same ALB using cross-Region VPC peering D. Host the website in an Amazon S3 bucket in the Regions closest to the users and delete the ALB and EC2 instances Then update an Amazon Route 53 record to point to the S3 buckets
A. Create an Amazon CloudFront distribution and configure the ALB as an origin Then update the Amazon Route 53 record to point to the CloudFront distribution
Explanation/Reference:
What Is Amazon CloudFront? Amazon CloudFront is a web service that speeds up distribution of your static and dynamic web content, such as .html, .css, .js, and image files, to your users. CloudFront delivers your content through a worldwide network of data centers called edge locations. When a user requests content that you're serving with CloudFront, the user is routed to the edge location that provides the lowest latency (time delay), so that content is delivered with the best possible performance. Routing traffic to an Amazon CloudFront web distribution by using your domain name If you want to speed up delivery of your web content, you can use Amazon CloudFront, the AWS content delivery network (CDN). CloudFront can deliver your entire website--including dynamic, static, streaming, and interactive content--by using a global network of edge locations. Requests for your content are automatically routed to the edge location that gives your users the lowest latency. To use CloudFront to distribute your content, you create a web distribution and specify settings such as the Amazon S3 bucket or HTTP server that you want CloudFront to get your content from, whether you want only selected users to have access to your content, and whether you want to require users to use HTTPS. When you create a web distribution, CloudFront assigns a domain name to the distribution, such as d111111abcdef8.cloudfront.net. You can use this domain name in the URLs for your content, for example: http://d111111abcdef8.cloudfront.net/logo.jpg Alternatively, you might prefer to use your own domain name in URLs, for example: http://example.com/logo.jpg If you want to use your own domain name, use Amazon Route 53 to create an alias record that points to your CloudFront distribution. An alias record is a Route 53 extension to DNS. It's similar to a CNAME record, but you can create an alias record both for the root domain, such as example.com, and for subdomains, such as www.example.com. (You can create CNAME records only for subdomains.) When Route 53 receives a DNS query that matches the name and type of an alias record, Route 53 responds with the domain name that is associated with your distribution.
A company hosts an application on AWS. The application uses AWS Lambda functions and stores data in Amazon DynamoDB tables. The Lambda functions are connected to a VPC that does not have internet access.
The traffic to access DynamoDB must not travel across the internet. The application must have write access to only specific DynamoDB tables.
Which combination of steps should a solutions architect take to meet these requirements? (Select TWO.)
A. Attach a VPC endpoint policy for DynamoDB to allow write access to only the specific DynamoDB tables. B. Attach a security group to the interface VPC endpoint to allow write access to only the specific DynamoDB tables. C. Create a resource-based 1AM policy to grant write access to only the specific DynamoDB tables. Attach the policy to the DynamoDB tables. D. Create a gateway VPC endpoint for DynamoDB that is associated with the Lambda VPC. Ensure that the Lambda execution role can access the gateway VPC endpoint. E. Create an interface VPC endpoint for DynamoDB that is associated with the Lambda VPC. Ensure that the Lambda execution role can access the interface VPC endpoint.
A. Attach a VPC endpoint policy for DynamoDB to allow write access to only the specific DynamoDB tables. E. Create an interface VPC endpoint for DynamoDB that is associated with the Lambda VPC. Ensure that the Lambda execution role can access the interface VPC endpoint.
Nowadays, the certification exams become more and more important and required by more and more
enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare
for the exam in a short time with less efforts? How to get a ideal result and how to find the
most reliable resources? Here on Vcedump.com, you will find all the answers.
Vcedump.com provide not only Amazon exam questions,
answers and explanations but also complete assistance on your exam preparation and certification
application. If you are confused on your SAA-C02 exam preparations
and Amazon certification application, do not hesitate to visit our
Vcedump.com to find your solutions here.