Amazon SAP-C02 Online Practice Questions and Exam Preparation

Amazon SAP-C02 Online Questions & Answers

• Question 601:

  A company needs to improve the reliability of its ticketing application. The application runs on an Amazon Elastic Container Service (Amazon ECS) cluster. The company uses Amazon CloudFront to serve the application. A single ECS service of the ECS cluster is the CloudFront distribution's origin.

  The application allows only a specific number of active users to enter a ticket purchasing flow. These users are identified by an encrypted attribute in their JSON Web Token (JWT). All other users are redirected to a waiting room module until there is available capacity for purchasing.

  The application is experiencing high loads. The waiting room module is working as designed, but load on the waiting room is disrupting the applications availability. This disruption is negatively affecting the application's ticket sale transactions.

  Which solution will provide the MOST reliability for ticket sale transactions during periods of high load?

  A. Create a separate service in the ECS cluster for the waiting room. Use a separate scaling configuration. Ensure that the ticketing service uses the JWT info-nation and appropriately forwards requests to the waring room service.
  B. Move the application to an Amazon Elastic Kubernetes Service (Amazon EKS) cluster. Split the wailing room module into a pod that is separate from the ticketing pod. Make the ticketing pod part of a StatefuISeL Ensure that the ticketing pod uses the JWT information and appropriately forwards requests to the waiting room pod.
  C. Create a separate service in the ECS cluster for the waiting room. Use a separate scaling configuration. Create a CloudFront function That inspects the JWT information and appropriately forwards requests to the ticketing service or the waiting room service
  D. Move the application to an Amazon Elastic Kubernetes Service (Amazon EKS) cluster. Split the wailing room module into a pod that is separate from the ticketing pod. Use AWS App Mesh by provisioning the App Mesh controller for Kubermetes. Enable mTLS authentication and service-to-service authentication for communication between the ticketing pod and the waiting room pod. Ensure that the ticketing pod uses The JWT information and appropriately forwards requests to the waiting room pod.
  C. Create a separate service in the ECS cluster for the waiting room. Use a separate scaling configuration. Create a CloudFront function That inspects the JWT information and appropriately forwards requests to the ticketing service or the waiting room service

  ---

  Explanation

  Implementing a CloudFront function that inspects the JWT information and appropriately forwards requests either to the ticketing service or the waiting room service within the Amazon ECS cluster enhances reliability during high load periods. This solution segregates the load between the main application and the waiting room, ensuring that the ticketing service remains unaffected by the high load on the waiting room. Using CloudFront functions for request routing based on JWT attributes allows for efficient distribution of user traffic, thereby maintaining the application's availability and performance during peak times.

  References: AWS Documentation on Amazon CloudFront Functions provides guidance on creating and deploying functions that can inspect and manipulate HTTP(S) requests at the edge, close to the users. This approach is in line with best practices for scaling and managing high-traffic web applications.

• Question 602:

  A company has developed a single-page web application in JavaScript. The source code is stored in a single Amazon S3 bucket in the us-east-1 Region. The company serves the web application to a global user base through Amazon CloudFront.

  The company wants to experiment with two versions of the website without informing application users. Each version of the website will reside in its own S3 bucket. The company wants to determine which version is most successful in marketing a new product.

  The solution must send application users that are based in Europe to the new website design. The solution must send application users that are based in the United States to the current website design. However, some exceptions exist. The company needs to be able to redirect specific users to the new website design, regardless of the users' location.

  Which solution meets these requirements?

  A. Configure two CloudFront distributions. Configure a geolocation routing policy in Amazon Route 53 to route traffic to the appropriate CloudFront endpoint based on the location of clients.
  B. Configure a single CloudFront distribution. Create a behavior with different paths for each version of the site. Configure Lambda@Edge on the default path to generate redirects and send the client to the correct version of the website.
  C. Configure a single CloudFront distribution. Configure an alternate domain name on the distribution. Configure two behaviors to route users to the different S3 origins based on the domain name that the client uses in the HTTP request.
  D. Configure a single CloudFront distribution with Lambda@Edge. Use Lambda@Edge to send user requests to different origins based on request attributes.
  A. Configure two CloudFront distributions. Configure a geolocation routing policy in Amazon Route 53 to route traffic to the appropriate CloudFront endpoint based on the location of clients.

  ---

  Explanation

• Question 603:

  An enterprise company is using a multi-account AWS strategy. There are separate accounts for development staging and production workloads. To control costs and improve governance the following requirements have been defined:

  1.The company must be able to calculate the AWS costs for each project.

  2.The company must be able to calculate the AWS costs for each environment development staging and production.

  3.Commonly deployed IT services must be centrally managed.

  4.Business units can deploy pre-approved IT services only.

  5.Usage of AWS resources in the development account must be limited.

  Which combination of actions should be taken to meet these requirements? (Choose three.)

  A. Apply environment, cost center, and application name tags to all taggable resources.
  B. Configure custom budgets and define thresholds using Cost Explorer.
  C. Configure AWS Trusted Advisor to obtain weekly emails with cost-saving estimates.
  D. Create a portfolio for each business unit and add products to the portfolios using AWS CloudFormation in AWS Service Catalog.
  E. Configure a billing alarm in Amazon CloudWatch.
  F. Configure SCPs in AWS Organizations to allow services available using AWS.
  A. Apply environment, cost center, and application name tags to all taggable resources.
  D. Create a portfolio for each business unit and add products to the portfolios using AWS CloudFormation in AWS Service Catalog.
  F. Configure SCPs in AWS Organizations to allow services available using AWS.

  ---

  Explanation

  AWS Service Catalog = Usage of AWS resources in the development account must be limited https://aws.amazon.com/blogs/aws-cloud-financial-management/cost-control-blog-series-2-automate-cost-control-using-aws-service-catalog-aws-budgets/

• Question 604:

  A company has a sales system that stores transactions as .csv files in an Amazon S3 bucket. The S3 bucket is configured to use S3 Intelligent-Tiering. Most of the .csv files are between 64 KB and 100 KB in size. All rows and columns of the .csv files must be read when the data is processed. The company must keep the data for 5 years.

  The company stores several million xsv files every day. The company must minimize the cost of storing and querying the xsv files.

  Which solution will meet these requirements?

  A. Create an AWS Glue job to convert the .csv files into Apache Parquet format. Use Amazon S3 to invoke the AWS Glue job every time a .csv file arrives.
  B. Create an AWS Glue job to compress the .csv files. Schedule the AWS Glue job every hour to compress the files for the previous hour into one .csv file.
  C. Create an AWS Lambda function to convert the .csv files into Apache Parquet format. Use Amazon S3 to invoke the Lambda function every time a .csv file arrives.
  D. Create an AWS Lambda function to compress the .csv files. Use Amazon S3 to invoke the Lambda function every time a .csv file arrives.
  A. Create an AWS Glue job to convert the .csv files into Apache Parquet format. Use Amazon S3 to invoke the AWS Glue job every time a .csv file arrives.

  ---

  Explanation

• Question 605:

  A company is running an application in the AWS Cloud. The application runs on containers in an Amazon Elastic Container Service (Amazon ECS) cluster. The ECS tasks use the Fargate launch type. The application's data is relational and is stored in Amazon Aurora MySQL.

  To meet regulatory requirements, the application must be able to recover to a separate AWS Region in the event of an application failure. In case of a failure, no data can be lost.

  Which solution will meet these requirements with the LEAST amount of operational overhead?

  A. Provision an Aurora Replica in a different Region.
  B. Set up AWS DataSync for continuous replication of the data to a different Region.
  C. Set up AWS Database Migration Service (AWS DMS) to perform a continuous replication of the data to a different Region.
  D. Use Amazon Data Lifecycle Manager {Amazon DLM) to schedule a snapshot every 5 minutes.
  A. Provision an Aurora Replica in a different Region.

  ---

  Explanation

  Provision an Aurora Replica in a different Region will meet the requirement of the application being able to recover to a separate AWS Region in the event of an application failure, and no data can be lost, with the least amount of operational overhead.

• Question 606:

  A company hosts an application that uses several Amazon EC2 instances in an Auto Scaling group behind an Application Load Balancer (ALB). During the initial startup of the EC2 instances, the EC2 instances run user data scripts to download critical content for the application from an Amazon S3 bucket.

  The EC2 instances are launching correctly. However, after a period of time, the EC2 instances are terminated with the following error message: "An instance was taken out of service in response to an ELB system health check failure." EC2 instances continue to launch and be terminated because of Auto Scaling events in an endless loop.

  The only recent change to the deployment is that the company added a large amount of critical content to the S3 bucket. The company does not want to alter the user data scripts in production.

  What should a solutions architect do so that the production environment can deploy successfully?

  A. Increase the size of the EC2 instances.
  B. Increase the health check timeout for the ALB.
  C. Change the health check path for the ALB.
  D. Increase the health check grace period for the Auto Scaling group.
  D. Increase the health check grace period for the Auto Scaling group.

  ---

  Explanation

• Question 607:

  A company is using AWS CloudFormation as its deployment tool for all applications. It stages all application binaries and templates within Amazon S3 buckets with versioning enabled. Developers use an Amazon EC2 instance with IDE

  access to modify and test applications. The developers want to implement CI/CD with AWS CodePipeline with the following requirements:

  Use AWS CodeCommit for source control.

  Automate unit testing and security scanning.

  Alert developers when unit tests fail.

  Toggle application features and allow lead developer approval before deployment.

  Which solution will meet these requirements?

  A. Use AWS CodeBuild for testing and scanning. Use EventBridge and SNS for alerts. Use AWS CDK with a manifest to toggle features. Use a manual approval stage.
  B. Use Lambda for testing and alerts. Use AWS Amplify plugins for feature toggles. Use SES for manual approval.
  C. Use Jenkins and SES for alerts. Use nested CloudFormation stacks for features. Use Lambda for approvals.
  D. Use CodeDeploy for testing and scanning. Use CloudWatch alarms and SNS. Use Docker images for features and AWS CLI for toggles.
  A. Use AWS CodeBuild for testing and scanning. Use EventBridge and SNS for alerts. Use AWS CDK with a manifest to toggle features. Use a manual approval stage.

  ---

  Explanation

  A is correct because AWS CodeBuild is a fully managed build service that supports running tests and security scans. EventBridge can detect test failures and send notifications via SNS. AWS CDK with manifest files is a robust way to manage feature toggles. CodePipeline supports manual approval stages to allow lead developer intervention.

  References: AWS CodePipeline Approvals AWS CDK with feature flags

• Question 608:

  A financial services company receives a regular data feed from its credit card servicing partner Approximately 5.000 records are sent every 15 minutes in plaintext, delivered over HTTPS directly into an Amazon S3 bucket with server-side encryption. This feed contains sensitive credit card primary account number (PAN) data The company needs to automatically mask the PAN before sending the data to another S3 bucket for additional internal processing. The company also needs to remove and merge specific fields, and then transform the record into JSON format Additionally, extra feeds are likely to be added in the future, so any design needs to be easily expandable.

  Which solutions will meet these requirements?

  A. Trigger an AWS Lambda function on file delivery that extracts each record and writes it to an Amazon SQS queue. Trigger another Lambda function when new messages arrive in the SQS queue to process the records, writing the results to a temporary location in Amazon S3. Trigger a final Lambda function once the SQS queue is empty to transform the records into JSON format and send the results to another S3 bucket for internal processing.
  B. Trigger an AWS Lambda function on file delivery that extracts each record and writes it to an Amazon SQS queue. Configure an AWS Fargate container application to automatically scale to a single instance when the SQS queue contains messages. Have the application process each record, and transform the record into JSON format. When the queue is empty, send the results to another S3 bucket for internal processing and scale down the AWS Fargate instance.
  C. Create an AWS Glue crawler and custom classifier based on the data feed formats and build a table definition to match. Trigger an AWS Lambda function on file delivery to start an AWS Glue ETL job to transform the entire record according to the processing and transformation requirements. Define the output format as JSON. Once complete, have the ETL job send the results to another S3 bucket for internal processing.
  D. Create an AWS Glue crawler and custom classifier based upon the data feed formats and build a table definition to match. Perform an Amazon Athena query on file delivery to start an Amazon EMR ETL job to transform the entire record according to the processing and transformation requirements. Define the output format as JSON. Once complete, send the results to another S3 bucket for internal processing and scale down the EMR cluster.
  C. Create an AWS Glue crawler and custom classifier based on the data feed formats and build a table definition to match. Trigger an AWS Lambda function on file delivery to start an AWS Glue ETL job to transform the entire record according to the processing and transformation requirements. Define the output format as JSON. Once complete, have the ETL job send the results to another S3 bucket for internal processing.

  ---

  Explanation

  You can use a Glue crawler to populate the AWS Glue Data Catalog with tables. The Lambda function can be triggered using S3 event notifications when object create events occur. The Lambda function will then trigger the Glue ETL job to transform the records masking the sensitive data and modifying the output format to JSON. This solution meets all requirements.

  Create an AWS Glue crawler and custom classifier based on the data feed formats and build a table definition to match. Trigger an AWS Lambda function on file delivery to start an AWS Glue ETL job to transform the entire record according to the processing and transformation requirements. Define the output format as JSON. Once complete, have the ETL job send the results to another S3 bucket for internal processing. https://docs.aws.amazon.com/glue/latest/dg/trigger-job.html https://d1.awsstatic.com/Products/product-name/diagrams/product-page-diagram_Glue_Event-driven-ETL-Pipelines.e24d59bb79a9e24cdba7f43ffd234ec0482a60e2.png

• Question 609:

  A retail company needs to provide a series of data files to another company. which is its business partner. These files are saved in an Amazon S3 bucket under Account A. which belongs to the retail company. The business partner company wants one of its IAM users User_DataProcessor to access the files from its own AWS account (Account B)

  Which combination of steps must the companies take so that User_DataProcessor can access the S3 bucket successfully? (Select TWO.)

  

  A. Option A
  B. Option B
  C. Option C
  D. Option D
  E. Option E
  C. Option C
  D. Option D

  ---

  Explanation

  https://aws.amazon.com/premiumsupport/knowledge-center/cross-account- access-s3/

• Question 610:

  A company has built a high performance computing (HPC) cluster in AWS for a tightly coupled workload that generates a large number of shared files stored in Amazon EFS. The cluster was performing well when the number of Amazon EC2 instances in the cluster was 100. However, when the company increased the cluster size to 1,000 EC2 instances, overall performance was well below expectations

  Which collection of design choices should a solutions architect make to achieve the maximum performance from the HPC cluster? (Select THREE.)

  A. Ensure the HPC cluster is launched within a single Availability Zone.
  B. Launch the EC2 instances and attach elastic network interfaces in multiples of four.
  C. Select EC2 instance types with an Elastic Fabric Adapter (EFA) enabled
  D. Ensure the cluster is launched across multiple Availability Zones.
  E. Replace Amazon EFS with multiple Amazon EBS volumes in a RAID array.
  F. Replace Amazon EFS with Amazon FSx for Lustre.
  A. Ensure the HPC cluster is launched within a single Availability Zone.
  C. Select EC2 instance types with an Elastic Fabric Adapter (EFA) enabled
  F. Replace Amazon EFS with Amazon FSx for Lustre.

  ---

  Explanation

  A. High performance computing (HPC) workload cluster should be in a single AZ.

  C. Elastic Fabric Adapter (EFA) is a network device that you can attach to your Amazon EC2 instances to accelerate High Performance Computing (HPC)

  F. Amazon FSx for Lustre - Use it for workloads where speed matters, such as

  machine learning, high performance computing (HPC), video processing, and financial modeling.

  Cluster packs instances close together inside an Availability Zone. This strategy enables workloads to achieve the low-latency network performance necessary for tightly-coupled node-to-node communication that is typical of HPC

  applications.

  https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html