A customer is deploying an SSL enabled web application to AWS and would like to implement a separation of roles between the EC2 service administrators that are entitled to login to instances as well as making API calls and the security officers who will maintain and have exclusive access to the appIication's X.509 certificate that contains the private key.
A. Upload the certificate on an S3 bucket owned by the security officers and accessible only by EC2 Role of the web servers. B. Configure the web servers to retrieve the certificate upon boot from an CIoudHSM is managed by the security officers. C. Configure system permissions on the web servers to restrict access to the certificate only to the authority security officers D. Configure IAM policies authorizing access to the certificate store only to the security officers and terminate SSL on an ELB.
D. Configure IAM policies authorizing access to the certificate store only to the security officers and terminate SSL on an ELB.
Question 882:
How is AWS readily distinguished from other vendors in the traditional IT computing landscape?
A. Experienced. Scalable and elastic. Secure. Cost-effective. Reliable B. Secure. Flexible. Cost-effective. Scalable and elastic. Global C. Secure. Flexible. Cost-effective. Scalable and elastic. Experienced D. Flexible. Cost-effective. Dynamic. Secure. Experienced.
C. Secure. Flexible. Cost-effective. Scalable and elastic. Experienced
Question 883:
A company is building a media-sharing application and decides to use Amazon S3 for storage. When a media file is uploaded the company starts a multi-step process to create thumbnails, identify objects in the images, transcode videos into standard formats and resolutions and extract and store the metadata to an Amazon DynamoDB table. The metadata is used for searching and navigation.
The amount of traffic is variable The solution must be able to scale to handle spikes in load without unnecessary expenses.
What should a solutions architect recommend to support this workload?
A. Build the processing into the website or mobile app used to upload the content to Amazon S3 Save the required data to the DynamoDB table when the objects are uploaded B. Trigger AWS Step Functions when an object is stored in the S3 bucket Have the Step Functions perform the steps needed to process the object and then write the metadata to the DynamoDB table C. Trigger an AWS Lambda function when an object is stored in the S3 bucket Have the Lambda function start AWS Batch to perform the steps to process the object Place the object data in the DynamoDB table when complete D. Trigger an AWS Lambda function to store an initial entry in the DynamoDB table when an object is uploaded to Amazon S3. Use a program running on an Amazon EC2 instance in an Auto Scaling group to poll the index for unprocess use the program to perform the processing
C. Trigger an AWS Lambda function when an object is stored in the S3 bucket Have the Lambda function start AWS Batch to perform the steps to process the object Place the object data in the DynamoDB table when complete
Explanation/Reference:
Question 884:
An online retail company needs to run near-real-time analytics on website traffic to analyze top-selling products across different locations. The product purchase data and the user location details are sent to a third-party application that runs
on premises The application processes the data and moves the data into the company's analytics engine.
The company needs to implement a cloud-based solution to make the data available for near-real-time analytics.
Which solution will meet these requirements with the LEAST operational overhead?
A. Use Amazon Kinesis Data Streams to ingest the data Use AWS Lambda to transform the data Configure Lambda to write the data to Amazon Amazon OpenSearch Service (Amazon Elasticsearch Service) B. Configure Amazon Kinesis Data Streams to write the data to an Amazon S3 bucket Schedule an AWS Glue crawler job to enrich the data and update the AWS Glue Data Catalog Use Amazon Athena for analytics C. Configure Amazon Kinesis Data Streams to write the data to an Amazon S3 bucket Add an Apache Spark job on Amazon EMR to enrich the data in the S3 bucket and write the data to Amazon OpenSearch Service (Amazon Elasticsearch Service) D. Use Amazon Kinesis Data Firehose to ingest the data Enable Kinesis Data Firehose data transformation with AWS Lambda Configure Kinesis Data Firehose to write the data to Amazon OpenSearch Service (Amazon Elasticsearch Service).
C. Configure Amazon Kinesis Data Streams to write the data to an Amazon S3 bucket Add an Apache Spark job on Amazon EMR to enrich the data in the S3 bucket and write the data to Amazon OpenSearch Service (Amazon Elasticsearch Service)
Question 885:
A company is automating an order management application. The company's development team has decided to use SFTP to transfer and store the business-critical information files The files must be encrypted and must be highly available. The files also must be automatically deleted a month after they are created.
Which solution meets these requirements with the LEAST operational overhead?
A. Configure an Amazon S3 bucket with encryption enabled. Use AWS transfer for SFTP to securely transfer the files to the S3 bucket Apply an AWS Transfer for SFTP file retention policy to delete the files after a month B. Install an SFTP service on an Amazon EC2 instance Mount an Amazon Elastic File System (Amazon EFS) file share on the EC2 instance. Enable cron to delete the files after a month C. Configure an Amazon Elastic File System (Amazon EFS) file system with encryption enabled. Use AWS Transfer for SFTP to securely transfer the files to the EFS file system. Apply an EFS lifecycle policy to automatically delete the files after a month. D. Configure an Amazon S3 bucket with encryption enabled. Use AWS Transfer for SFTP to securely transfer the files to the S3 bucket. Apply S3 Lifecycle rules to automatically delete the files after a month.
D. Configure an Amazon S3 bucket with encryption enabled. Use AWS Transfer for SFTP to securely transfer the files to the S3 bucket. Apply S3 Lifecycle rules to automatically delete the files after a month.
Explanation/Reference:
Question 886:
A solutions architect is designing a new API using Amazon API Gateway that will receive requests from users The volume of requests is highly variable, several hours can pass without receiving a single request The data processing will take place asynchronously but should be completed within a few seconds after a request is made Which compute service should the solutions architect have the API invoke to deliver the requirements at the lowest cost?
A. An AWS Glue job B. An AWS Lambda function C. A containerized service hosted in Amazon Elastic Kubernetes Service (Amazon EKS) D. A containerized service hosted in Amazon ECS with Amazon EC2
C. A containerized service hosted in Amazon Elastic Kubernetes Service (Amazon EKS)
Question 887:
A company has deployed a database in Amazon RDS for MySQL. Due to increased transactions, the database support team is reporting slow reads against the DB instance and recommends adding a read replica. Which combination of actions should a solutions architect take before implementing this change? {Select TWO.)
A. Enable binlog replication on the RDS primary node. B. Choose a failover priority for the source DB instance. C. Allow long-running transactions to complete on the source DB instance. D. Create a global table and specify the AWS Regions where the table will be available. E. Enable automatic backups on the source instance by setting the backup retention period to a value other than 0.
A. Enable binlog replication on the RDS primary node. E. Enable automatic backups on the source instance by setting the backup retention period to a value other than 0.
A solutions architect is designing a shared storage solution for a web application that is deployed across multiple Availability Zones. The web application runs on Amazon EC2 instances in an Auto Scaling group. The company anticipates making frequent changes to the content, so the solution must have strong consistency Which solution meets these requirements?
A. Create an Amazon S3 bucket to store the web content Use Amazon CloudFront to deliver the content. B. Create an Amazon Elastic File System (Amazon EFS) file system and mount it on the individual EC2 instances. C. Create a shared Amazon Elastic Block Store (Amazon EBS) volume and mount it on the individual EC2 instances. D. Use AWS DataSync to perform continuous synchronization of data between EC2 hosts in the Auto Scaling group.
B. Create an Amazon Elastic File System (Amazon EFS) file system and mount it on the individual EC2 instances.
Question 889:
A solutions architect is designing the cloud architecture for a new application being deployed on AWS The process should run in parallel while adding and removing application nodes as needed based on the number of jobs to be processed The processor application is stateless The solutions architect must ensure that the application is loosely coupled and the job items are durably stored Which design should the solutions architect use?
A. Create an Amazon SNS topic to send the jobs that need to be processed Create an Amazon Machine Image (AMI) that consists of the processor application Create a launch configuration that uses the AMI Create an Auto Scaling group using the launch configuration Set the scaling policy for the Auto Scaling group to add and remove nodes based on CPU usage B. Create an Amazon SQS queue to hold the jobs that need to be processed Create an Amazon Machine Image (AMI) that consists of the processor application Create a launch configuration that uses the AMI Create an Auto Scaling group using the launch configuration Set the scaling policy for the Auto Scaling group to add and remove nodes based on network usage C. Create an Amazon SQS queue to hold the jobs that needs to be processed Create an Amazon Machine Image (AMI) that consists of the processor application Create a launch template that uses the AMI Create an Auto Scaling group using the launch template Set the scaling policy for the Auto Scaling group to add and remove nodes based on the number of items in the SQS queue D. Create an Amazon SNS topic to send the jobs that need to be processed Create an Amazon Machine Image (AMI) that consists of the processor application Create a launch template that uses the AMI Create an Auto Scaling group using the launch template Set the scaling policy for the Auto Scaling group to add and remove nodes based on the number of messages published to the SNS topic.
C. Create an Amazon SQS queue to hold the jobs that needs to be processed Create an Amazon Machine Image (AMI) that consists of the processor application Create a launch template that uses the AMI Create an Auto Scaling group using the launch template Set the scaling policy for the Auto Scaling group to add and remove nodes based on the number of items in the SQS queue
Explanation/Reference:
Amazon Simple Queue Service Amazon Simple Queue Service (SQS) is a fully managed message queuing service that enables you to decouple and scale microservices, distributed systems, and serverless applications. SQS eliminates the complexity and overhead associated with managing and operating message oriented middleware, and empowers developers to focus on differentiating work. Using SQS, you can send, store, and receive messages between software components at any volume, without losing messages or requiring other services to be available. Get started with SQS in minutes using the AWS console, Command Line Interface or SDK of your choice, and three simple commands. SQS offers two types of message queues. Standard queues offer maximum throughput, best-effort ordering, and at-least-once delivery. SQS FIFO queues are designed to guarantee that messages are processed exactly once, in the exact order that they are sent. Scaling Based on Amazon SQS There are some scenarios where you might think about scaling in response to activity in an Amazon SQS queue. For example, suppose that you have a web app that lets users upload images and use them online. In this scenario, each image requires resizing and encoding before it can be published. The app runs on EC2 instances in an Auto Scaling group, and it's configured to handle your typical upload rates. Unhealthy instances are terminated and replaced to maintain current instance levels at all times. The app places the raw bitmap data of the images in an SQS queue for processing. It processes the images and then publishes the processed images where they can be viewed by users. The architecture for this scenario works well if the number of image uploads doesn't vary over time. But if the number of uploads changes over time, you might consider using dynamic scaling to scale the capacity of your Auto Scaling group.
A company is using an Amazon S3 bucket to store data uploaded by different departments from multiple locations During an AWS Well-Architected review the financial manager notices that 10 TB of S3 Standard storage data has been charged each month However, in the AWS Management Console for Amazon S3, using the command to select all files and folders shows a total size of 5 TB What are the possible causes for this difference? (Select TWO )
A. Some files are stored with deduplication B. The S3 bucket has versioning enabled C. There are incomplete S3 multipart uploads D. The S3 bucket has AWS Key Management Service (AWS KMS) enabled E. The S3 bucket has Intelligent-Tiering enabled
A. Some files are stored with deduplication B. The S3 bucket has versioning enabled
Nowadays, the certification exams become more and more important and required by more and more
enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare
for the exam in a short time with less efforts? How to get a ideal result and how to find the
most reliable resources? Here on Vcedump.com, you will find all the answers.
Vcedump.com provide not only Amazon exam questions,
answers and explanations but also complete assistance on your exam preparation and certification
application. If you are confused on your SAA-C02 exam preparations
and Amazon certification application, do not hesitate to visit our
Vcedump.com to find your solutions here.