A company runs its infrastructure on AWS and has a registered base of 700,000 users for its document management application. The company intends to create a product that converts large .pdf files to .jpg image files. The .pdf files average 5 MB in size. The company needs to store the original files and the converted files. A solutions architect must design a scalable solution to accommodate demand that will grow rapidly over time.
Which solution meets these requirements MOST cost-effectively?
A. Save the .pdf files to Amazon S3. Configure an S3 PUT event to invoke an AWS Lambda function to convert the files to .jpg format and store them back in Amazon S3. B. Save the .pdf files to Amazon DynamoDB. Use the DynamoDB Streams feature to invoke an AWS Lambda function to convert the files to .jpg format and store them back in DynamoDB. C. Upload the .pdf files to an AWS Elastic Beanstalk application that includes Amazon EC2 instances. Amazon Elastic Block Store (Amazon EBS) storage, and an Auto Scaling group. Use a program in the EC2 instances to convert the files to .jpg format. Save the .pdf files and the .jpg files in the EBS store. D. Upload the .pdf files to an AWS Elastic Beanstalk application that includes Amazon EC2 instances, Amazon Elastic File System (Amazon EFS) storage, and an Auto Scaling group. Use a program in the EC2 instances to convert the file to .jpg format. Save the .pdf files and the .jpg files in the EBS store.
A. Save the .pdf files to Amazon S3. Configure an S3 PUT event to invoke an AWS Lambda function to convert the files to .jpg format and store them back in Amazon S3.
Explanation/Reference:
Question 902:
A company allows its developers to attach existing IAM policies to existing IAM roles to enable (aster experimentation and agility However the security operations team is concerned that the developers could attach the existing administrator policy, which would allow the developers to circumvent any other security policies How should a solutions architect address this issue?
A. Create an Amazon SNS topic to send an alert every time a developer creates a new policy B. Use service control policies to disable IAM activity across all accounts in the organizational unit C. Prevent the developers from attaching any policies and assign all IAM duties to the security operations team D. Set an IAM permissions boundary on the developer IAM role that explicitly denies attaching the administrator policy
D. Set an IAM permissions boundary on the developer IAM role that explicitly denies attaching the administrator policy
Question 903:
A Solutions Architect must design a web application that will be hosted on AWS, allowing users to purchase access to premium, shared content that is stored in an S3 bucket. Upon payment, content will be available for download for 14 days before the user is denied access Which of the following would be the LEAST complicated implementation?
A. Use an Amazon CloudFront distribution with an origin access identity (OAI) Configure the distribution with an Amazon S3 origin to provide access to the file through signed URL's Design a Lambda function to remove data that is older than 14 days. B. Use an S3 bucket and provide direct access to the tile Design the application to track purchases in a DynamoDH table Configure a Lambda function to remove data that is older than 14 days based on a query to Amazon DynamoDB C. Use an Amazon CloudFront distribution with an OAI Configure the distribution with an Amazon S3 origin to provide access to the file through signed URLs Design the application to sot an expiration of 14 days for the URL D. Use an Amazon CloudFront distribution with an OAI Configure the distribution with an Amazon S3 origin to provide access to the file through signed URLs Design the application to set an expiration of 60 minutes for the URL and recreate the URL as necessary
C. Use an Amazon CloudFront distribution with an OAI Configure the distribution with an Amazon S3 origin to provide access to the file through signed URLs Design the application to sot an expiration of 14 days for the URL
Question 904:
A solutions architect is designing a solution to access a catalog of images and provide users with the ability to submit requests to customize images Image customization parameters wilt be in every request that is sent to an Amazon API
Gateway API. The solution will generate tie customized images on demand. Users will receive a link that they can use to view or download their customized images. The solution must be highly available for viewing and customizing images
What should the solutions architect do to meet these requirements MOST cost effectively?
A. Use Amazon EC2 instances to manipulate the original images into the requested customizations Store the original and manipulated images in Amazon S3. Configure an Elastic Load Balancer in front. of the EC2 Instances. B. Use AWS Lambda to manipulate the original images into the requested customization.Store the original and manipulated images in Amazon S3. Configure an Amazon CloudFront distribution with the S3 bucket as the origin. C. Use AWS Lambda to manipulate the original images into the requested customizations Store the original images in Amazon S3 Store the manipulated images in Amazon DynamoDB. Provision an Application Load Balancer and Amazon EC2 instances to serve the content. D. Use Amazon EC2 instances to manipulate the original Images Into the requested customizations. Store the original images in Amazon S3. Store the manipulated Images m Amazon DynamoDB Configure an Amazon CloudFront distribution with the S3 bucket as the origin
B. Use AWS Lambda to manipulate the original images into the requested customization.Store the original and manipulated images in Amazon S3. Configure an Amazon CloudFront distribution with the S3 bucket as the origin.
Question 905:
A new employee has joined a company as a deployment engineer. The deployment engineer will be using AWS CloudFormation templates to create multiple AWS resources. A solutions architect wants the deployment engineer to perform job activities. while following the principle of least privilege. Which combination of actions should the solutions architect take to accomplish this goal? (Select TWO.)
A. Have the deployment engineer use AWS account roof user credentials for performing AWS CloudFormation stack operations. B. Create a new IAM user for the deployment engineer and add the IAM user to a group that has the PowerUsers IAM policy attached C. Create a new IAM user for the deployment engineer and add the IAM user to a group that has the Administrate/Access IAM policy attached D. Create a new IAM User for the deployment engineer and add the IAM user to a group that has an IAM policy that allows AWS CloudFormation actions only E. Create an IAM role for the deployment engineer to explicitly define the permissions specific to the AWS CloudFormation stack and launch stacks using Dial IAM role.
D. Create a new IAM User for the deployment engineer and add the IAM user to a group that has an IAM policy that allows AWS CloudFormation actions only E. Create an IAM role for the deployment engineer to explicitly define the permissions specific to the AWS CloudFormation stack and launch stacks using Dial IAM role.
Explanation/Reference:
Question 906:
An online retail company has more than 50 million active customers and receives more than 25,000 orders each day. The company collects purchase data for customers and stores this data in Amazon S3. Additional customer data is stored in Amazon RDS.
The company wants to make all the data available to various teams so that the teams can perform analytics. The solution must provide the ability to manage fine-grained permissions for the data and must minimize operational overhead.
Which solution will meet these requirements?
A. Migrate the purchase data to write directly to Amazon RDS. Use RDS access controls to limit access. B. Schedule an AWS Lambda function to periodically copy data from Amazon RDS to Amazon S3. Create an AWS Glue crawler. Use Amazon Athena to query the data. Use S3 policies to limit access. C. Create a data lake by using AWS Lake Formation. Create an AWS Glue JOBC connection to Amazon RDS. Register the S3 bucket in Lake Formation. Use Lake. D. Formation access controls to limit access. Create an Amazon Redshift cluster Schedule an AWS Lambda function to periodically copy data from Amazon S3 and Amazon RDS to Amazon Redshift. Use Amazon Redshift access controls to limit access.
C. Create a data lake by using AWS Lake Formation. Create an AWS Glue JOBC connection to Amazon RDS. Register the S3 bucket in Lake Formation. Use Lake.
Question 907:
A company runs a three-tier web application in a VPC across multiple Availability Zones Amazon EC2 instances run in an Auto Scaling group tor the application tier
The company needs to make an automated scaling plan that will analyze each resource's daily and weekly historical workload trends The configuration must scale resources appropriately according to both the forecast and live changes in utilization Which scaling strategy should a solutions architect recommend to meet these requirements?
A. Implement dynamic scaling with step scaling based on average CPU utilization from the EC2 instances B. Enable predictive scaling to forecast and scale Configure dynamic scaling with target tracking C. Create an automated scheduled scaling action based on the traffic patterns of the web application D. Set up a simple scaling policy Increase the cool down period based on the EC2 instance start up time
B. Enable predictive scaling to forecast and scale Configure dynamic scaling with target tracking
A company runs a static website through its on-premises data center. The company has multiple servers mat handle all of its traffic, but on busy days, services are interrupted and the website becomes unavailable. The company wants to expand its presence globally and plans to triple its website traffic.
What should a solutions architect recommend to meet these requirements?
A. Migrate the website content to Amazon S3 and host the website on Amazon CloudFront. B. Migrate the website content to Amazon EC2 instances with public Elastic IP addresses in multiple AWS Regions. C. Migrate the website content to Amazon EC2 instances and vertically scale as the load increases. D. Use Amazon Route 53 to distribute the loads across multiple Amazon CloudFront distributions for each AWS Region that exists globally.
D. Use Amazon Route 53 to distribute the loads across multiple Amazon CloudFront distributions for each AWS Region that exists globally.
Explanation/Reference:
Amazon CloudFront is a global Content Delivery Network (CDN), which will host your website on a global network of edge servers, helping users load your website more quickly. When requests for your website content come through, they are automatically routed to the nearest edge location, closest to where the request originated from, so your content is delivered to your end user with the best possible performance.
Question 909:
A gaming company is moving its public scoreboard from a data center to the AWS Cloud. The company uses Amazon EC2 Windows Server instances behind an Application Load Balancer to host its dynamic application. The company needs a highly available storage solution for the application. The application consists of static files and dynamic server-side code.
Which combination of steps should a solutions architect take to meet these requirements? (Select TWO.)
A. Store the static files on Amazon S3. Use Amazon A. CloudFront to cache objects at the edge. B. Store the static files on Amazon S3. Use Amazon ElastiCache to cache objects at the edge. C. Store the server-side code on Amazon Elastic File System (Amazon EFS). Mount the EFS volume on each EC2 instance to share the files. D. Store the server-side code on Amazon FSx for Windows File Server. Mount the FSx for Windows File Server volume on each EC2 instance to share the files. E. Store the server-side code on a General Purpose SSD (gp2) Amazon Elastic Block Store (Amazon EBS) volume. Mount the EBS volume on each EC2 instance to share the files.
A. Store the static files on Amazon S3. Use Amazon A. CloudFront to cache objects at the edge. E. Store the server-side code on a General Purpose SSD (gp2) Amazon Elastic Block Store (Amazon EBS) volume. Mount the EBS volume on each EC2 instance to share the files.
Question 910:
A company is planning to make a series of schema changes to tables on its Amazon Aurora DB cluster A solutions architect needs to test the changes in the most cost-effective manner possible. What should the solutions architect do to meet these requirements?
A. Create a clone of the current Aurora DB cluster. Perform the schema changes on the clone. Once the changes are tested and performance is acceptable, apply the same changes on the original cluster. Delete the clone. B. Create an Amazon RDS for MySQL replica. Perform the schema changes on the replica. Once the changes are tested and performance ius acceptable, apply the same changes on the replica. Once the changes are tested and performance is acceptable, apply the same changes on the primary DB instance. Delete the replica. C. Create an additional Aurora Replica Perform the schema changes on the Aurora Replica. Once the changes are tested and performance is acceptable, apply the same changes on the primary DB instance. Delete the Aurora Replica. D. Take a snapshot of the current Aurora DB cluster. Restore the snapshot of the cluster to a new cluster. Perform the schema changes on the restored cluster. Once the changes are tested and performance is acceptable, apply the same changes on the origin cluster. Delete the restored cluster.
A. Create a clone of the current Aurora DB cluster. Perform the schema changes on the clone. Once the changes are tested and performance is acceptable, apply the same changes on the original cluster. Delete the clone.
Nowadays, the certification exams become more and more important and required by more and more
enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare
for the exam in a short time with less efforts? How to get a ideal result and how to find the
most reliable resources? Here on Vcedump.com, you will find all the answers.
Vcedump.com provide not only Amazon exam questions,
answers and explanations but also complete assistance on your exam preparation and certification
application. If you are confused on your SAA-C02 exam preparations
and Amazon certification application, do not hesitate to visit our
Vcedump.com to find your solutions here.