• Home
  • Articles
  • AWS-Solutions-Architect-Professional Braindumps Real Exam Updated on Nov 30, 2021 with 216 Questions [Q63-Q80]

AWS-Solutions-Architect-Professional Braindumps Real Exam Updated on Nov 30, 2021 with 216 Questions [Q63-Q80]

Share

AWS-Solutions-Architect-Professional Braindumps Real Exam Updated on Nov 30, 2021 with 216 Questions

Latest AWS-Solutions-Architect-Professional PDF Dumps & Real Tests Free Updated Today

NEW QUESTION 63
How many cg1.4xlarge on-demand instances can a user run in one region without taking any limit increase approval from AWS?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

Answer: B

Explanation:
Generally AWS EC2 allows running 20 on-demand instances and 100 spot instances at a time.
This limit can be increased by requesting at https://aws.amazon.com/contact-us/ec2-request.
Excluding certain types of instances, the limit is lower than mentioned above. For cg1.4xlarge, the user can run only 2 on-demand instances at a time.
http://docs.aws.amazon.com/general/latest/gr/aws_service_limits.html#limits_ec2

 

NEW QUESTION 64
A large company has increased its utilization of AWS over time in an unmanaged way. As such, they have a large number of independent AWS accounts across different business units, projects, and environments. The company has created a Cloud Center of Excellence team, which is responsible for managing all aspects of the AWS Cloud, including their AWS accounts.
Which of the following should the Cloud Center of Excellence team do to BEST address their requirements in a centralized way? (Select rwo.)

  • A. Tag all AWS resources with details about the business unit, project, and environment. Send all AWS Cost and Usage reports to a central Amazon S3 bucket, and use tools such as Amazon Athena and Amazon QuickSight to collect billing details by business unit.
  • B. Control all AWS account root user credentials. Assign AWS IAM users in the account of each user who needs to access AWS resources. Follow the policy of least privilege in assigning permissions to each user.
  • C. Set up AWS Organizations. Enable consolidated billing, and link all existing AWS accounts to a master billing account. Tag all AWS resources with details about the business unit, project and environment.
    Analyze Cost and Usage reports using tools such as Amazon Athena and Amazon QuickSight to collect billing details by business unit.
  • D. Using a master AWS account, create IAM users within the master account. Define IAM roles in the other AWS accounts, which cover each of the required functions in the account. Follow the policy of least privilege in assigning permissions to each role, then enable the IAM users to assume the roles that they need to use.
  • E. Use the AWS Marketplace to choose and deploy a Cost Management tool. Tag all AWS resources with details about the business unit, project, and environment. Send all AWS Cost and Usage reports for the AWS accounts to this tool for analysis.

Answer: B,C

Explanation:
A: Root access is always the holy grail and needs to be protected at all cost.
B: While this is correct, it is not complete. AWS Organization needs to be used.
C: This is not needed.
D: This has everything we need.
E: While this is correct, it's not as scalable as AWS Organizations.

 

NEW QUESTION 65
A company has decided to move some workloads onto AWS to create a grid environment to run market analytics. The grid will consist of many similar instances, spun-up by a job-scheduling function. Each time a large analytics workload is completed, a new VPC is deployed along with job scheduler and grid nodes.
Multiple grids could be running in parallel.
Key requirements are:

Grid instances must communicate with Amazon S3 retrieve data to be processed.

Grid instances must communicate with Amazon DynamoDB to track intermediate data,

The job scheduler need only to communicate with the Amazon EC2 API to start new grid nodes.
A key requirement is that the environment has no access to the internet, either directly or via the on-premises proxy. However, the application needs to be able to seamlessly communicate to Amazon S3, Amazon DynamoDB, and Amazon EC2 API, without the need for reconfiguration for each new deployment.
Which of the following should the Solutions Architect do to achieve this target architecture? (Choose three.)

  • A. Enable VPC endpoints for Amazon S3 and DynamoDB.
  • B. Enable an interface VPC endpoint for EC2.
  • C. Populate the on-premises DNS server with the private IP addresses of the EC2 endpoint.
  • D. Configure Amazon S3 endpoint policy to permit access only from the grid nodes.
  • E. Disable Private DNS Name Support.
  • F. Configure the application on the grid instances to use the private DNS name of the Amazon S3 endpoint.

Answer: A,B,F

Explanation:
Explanation
https://aws.amazon.com/premiumsupport/knowledge-center/connect-s3-vpc-endpoint/
https://docs.aws.amazon.com/vpc/latest/userguide/vpce-interface.html

 

NEW QUESTION 66
A company is building a sensor data collection pipeline in which thousands o( sensors write data to an Amazon Simple Queue Service (Amazon SQS) queue every minute The queue is processed by an AWS Lambda function that extracts a standard set of metrics from the sensor data The company wants to send the data to Amazon CloudWatch The solution should allow lor viewing individual and aggregate sensor metrics and interactively querying the sensor log data using CloudWatch Logs Insights What is the MOST cost-effective solution that meets these requirements?

  • A. Configure the CloudWatch Logs agent for AWS Lambda Output the metrics for each sensor in statsd format with tags to uniquely identify a sensor Write the processed data to CloudWatch Logs
  • B. Write the processed data to CloudWatch Logs in a structured format. Create a CloudWatch metric filter to parse the logs and publish the metrics to CloudWatch with dimensions to uniquely identify a sensor
  • C. Write the processed data to CloudWatch Logs Then write the data to CloudWatch by using the PutMetricData API call
  • D. Write the processed data to CloudWatch Logs in the CloudWatch embedded metric format

Answer: B

 

NEW QUESTION 67
A retail company has a custom NET web application running on AWS that uses Microsoft SQL Server for the database The application servers maintain a user's session locally.
Which combination of architecture changes are needed ensure all tiers of the solution are highly available?
(Select THREE.)

  • A. Deploy Amazon CloudFront in front of the application tier Configure CloudFront to serve content from healthy application instances only
  • B. Refactor the application to store the user's session in Amazon ElastiCache Use Application Load Balancers to distribute the load between application instances
  • C. Set up the database to generate hourly snapshots using Amazon EBS Configure an Amazon CloudWatch Events rule to launch a new database instance if the primary one fails
  • D. Migrate the database to Amazon RDS tor SQL Server Configure the RDS instance to use a Multi-AZ deployment
  • E. Put the application instances in an Auto Scaling group Configure the Auto Scaling group to create new instances if an instance becomes unhealthy
  • F. Move the NET content to an Amazon S3 bucket Configure the bucket for static website hosting

Answer: A,D,E

 

NEW QUESTION 68
A company has a data center that must be migrated to AWS as quickly as possible. The data center has a 500 Mbps AWS Direct Connect link and a separate, fully available 1 Gbps ISP connection. A Solutions Architect must transfer 20 TB of data from the data center to an Amazon S3 bucket.
What is the FASTEST way transfer the data?

  • A. Upload the data using an 80 TB AWS Snowball device.
  • B. Send the data to AWS using the AWS Import/Export service.
  • C. Upload the data to the S3 bucket using the existing DX link.
  • D. Upload the data to the S3 bucket using S3 Transfer Acceleration.

Answer: D

Explanation:
S3 Transfer Acceleration enables fast, easy, and secure transfers of files over long distances between your client and an S3 bucket, and it takes about 2 days to upload 20TB data via 1Gbps ISP connection.

 

NEW QUESTION 69
A Solutions Architect is designing a system that will collect and store data from 2,000 internet-connected sensors. Each sensor produces 1 KB of data every second. The data must be available for analysis within a few seconds of it being sent to the system and stored for analysis indefinitely.
Which is the MOST cost-effective solution for collecting and storing the data?

  • A. Put each record in Amazon Kinesis Data Streams. Set up Amazon Kinesis Data Firehouse to read records from the stream and group them into objects in Amazon S3. Analyze recent data from Kinesis Data Streams and historical data from Amazon S3.
  • B. Put each record into an object in Amazon S3 with a prefix what organizes the records by hour and hashes the record's key. Use S3 lifecycle management to transition objects to S3 infrequent access storage to reduce storage costs. Analyze recent and historical data by accessing the data in Amazon S3
  • C. Put each record into an Amazon DynamoDB table. Analyze the recent data by querying the table. Use an AWS Lambda function connected to a DynamoDB stream to group records together, write them into objects in Amazon S3, and then delete the record from the DynamoDB table. Analyze recent data from the DynamoDB table and historical data from Amazon S3
  • D. Put each record in Amazon Kinesis Data Streams. Use an AWS Lambda function to write each record to an object in Amazon S3 with a prefix that organizes the records by hour and hashes the record's key.
    Analyze recent data from Kinesis Data Streams and historical data from Amazon S3.

Answer: C

 

NEW QUESTION 70
A solutions architect at an ecommerce company wants to back up application log data to Amazon S3. The solutions architect is unsure how frequently the logs will be accessed or which logs will be accessed the most. The company wants to keep costs as low as possible by using the appropriate S3 storage class.
Which S3 storage class should be implemented to meet these requirements?

  • A. S3 One Zone-Infrequent Access (S3 One Zone-IA)
  • B. S3 Intelligent-Tiering
  • C. S3 Standard-Infrequent Access (S3 Standard-IA)
  • D. S3 Glacier

Answer: B

Explanation:
S3 Intelligent-Tiering
S3 Intelligent-Tiering is a new Amazon S3 storage class designed for customers who want to optimize storage costs automatically when data access patterns change, without performance impact or operational overhead. S3 Intelligent-Tiering is the first cloud object storage class that delivers automatic cost savings by moving data between two access tiers - frequent access and infrequent access - when access patterns change, and is ideal for data with unknown or changing access patterns.
S3 Intelligent-Tiering stores objects in two access tiers: one tier that is optimized for frequent access and another lower-cost tier that is optimized for infrequent access. For a small monthly monitoring and automation fee per object, S3 Intelligent-Tiering monitors access patterns and moves objects that have not been accessed for 30 consecutive days to the infrequent access tier. There are no retrieval fees in S3 Intelligent-Tiering. If an object in the infrequent access tier is accessed later, it is automatically moved back to the frequent access tier. No additional tiering fees apply when objects are moved between access tiers within the S3 Intelligent-Tiering storage class. S3 Intelligent-Tiering is designed for 99.9% availability and
99.999999999% durability, and offers the same low latency and high throughput performance of S3 Standard.
Reference: https://aws.amazon.com/about-aws/whats-new/2018/11/s3-intelligent-tiering/

 

NEW QUESTION 71
In AWS IAM, which of the following predefined policy condition keys checks how long ago (in seconds)
the MFA-validated security credentials making the request were issued using multi-factor authentication
(MFA)?

  • A. aws:MultiFactorAuthAge
  • B. aws:MFAAge
  • C. aws:MultiFactorAuthLast
  • D. aws:MultiFactorAuthPrevious

Answer: A

Explanation:
aws:MultiFactorAuthAge is one of the predefined keys provided by AWS that can be included within a
Condition element of an IAM policy. The key allows to check how long ago (in seconds) the
MFA-validated security credentials making the request were issued using Multi-Factor Authentication
(MFA).
Reference:
http://docs.aws.amazon.com/IAM/latest/UserGuide/AccessPolicyLanguage_ElementDescriptions.html

 

NEW QUESTION 72
A company is using multiple AWS accounts. The DNS records are stored in a private hosted zone for Amazon Route 53 in Account A.
The company's applications and databases are running in Account B.
A solutions architect will deploy a two-tier application in a new VPC. To simplify the configuration, the db.example.com CNAME record set for the Amazon RDS endpoint was created in a private hosted zone for Amazon Route 53 During deployment the application failed to start Troubleshooting revealed that db.example.com is not resolvable on the Amazon EC2 instance. The solutions architect confirmed that the record set was created correctly in Route 53.
Which combination of steps should the solutions architect take to resolve this issue? (Select TWO)

  • A. Deploy the database on a separate EC2 instance in the new VPC Create a record set for the instance's private IP in the private hosted zone
  • B. Use SSH to connect to the application tier EC2 instance Add an RDS endpoint IP address to the
    /etc/resolv conf file
  • C. Associate a new VPC in Account B with a hosted zone in Account A Delete the association authorization in Account A
  • D. Create a private hosted zone for the example com domain in Account B Configure Route 53 replication between AWS accounts
  • E. Create an authorization to associate the private hosted zone in Account A with the new VPC in Account B

Answer: B,E

 

NEW QUESTION 73
Identify a correct statement about the expiration date of the "Letter of Authorization and Connecting Facility Assignment (LOA-CFA)," which lets you complete the Cross Connect step of setting up your AWS Direct Connect.

  • A. If the cross connect is not completed within 90 days, the authority granted by the LOA-CFA expires.
  • B. If the cross connect is not completed within the specified duration from the appropriate provider, the LOA-CFA expires.
  • C. If the cross connect is not completed within a user-defined time, the authority granted by the LOA- CFA expires.
  • D. If the virtual interface is not created within 72 days, the LOA-CFA becomes outdated.

Answer: A

Explanation:
An AWS Direct Connect location provides access to AWS in the region it is associated with. You can establish connections with AWS Direct Connect locations in multiple regions, but a connection in one region does not provide connectivity to other regions. Note: If the cross connect is not completed within 90 days, the authority granted by the LOA-CFA expires.
http://docs.aws.amazon.com/directconnect/latest/UserGuide/Colocation.html

 

NEW QUESTION 74
Which of the following is NOT true of the DynamoDB Console?

  • A. It allows you to view items stored in a tables, add, update, and delete items.
  • B. It allows you to set up alarms to monitor your table's capacity usage.
  • C. It allows you to add local secondary indexes to existing tables.
  • D. It allows you to query a table.

Answer: C

Explanation:
Explanation
The DynamoDB Console lets you do the following: Create, update, and delete tables. The throughput calculator provides you with estimates of how many capacity units you will need to request based on the usage information you provide. View items stored in a tables, add, update, and delete items. Query a table. Set up alarms to monitor your table's capacity usage. View your table's top monitoring metrics on real-time graphs from CloudWatch. View alarms configured for each table and create custom alarms.html.

 

NEW QUESTION 75
A company has multiple AWS accounts and manages these accounts which AWS Organization. A developer was given IAM user credentials to access AWS resources. The developer should have read-only access to all Amazon S3 buckets in the account. However, when the developer tries to access the S3 buckets from the console, they receive an access denied error message with no bucket listed.
A solution architect reviews the permissions and finds that the developer's IAM user is listed as having read-only access to all S3 buckets in the account.
Which additional steps should the solutions architect take to troubleshoot the issue? (Select TWO.)

  • A. Check if an appropriate IAM role is attached to the IAM user.
  • B. Check for the permissions boundaries set for the IAM user.
  • C. Check the ACLs for all S3 buckets
  • D. Check the SCPs set at the organizational units (OUs).
  • E. Check the bucket policies for all S3 buckets.

Answer: A,B

 

NEW QUESTION 76
A large real-estate brokerage is exploring the option of adding a cost-effective location based alert to their existing mobile application. The application backend infrastructure currently runs on AWS. Users who opt in to this service will receive alerts on their mobile device regarding real-estate otters in proximity to their location. For the alerts to be relevant delivery time needs to be in the low minute count the existing mobile app has 5 million users across the US.
Which one of the following architectural suggestions would you make to the customer?

  • A. Use AWS DirectConnect or VPN to establish connectivity with mobile carriers EC2 instances will receive the mobile applications location through carrier connection: RDS will be used to store and relevant offers. EC2 instances will communicate with mobile carriers to push alerts back to the mobile application.
  • B. The mobile application will send device location using SQS. EC2 instances will retrieve the relevant others from DynamoDB. AWS Mobile Push will be used to send offers to the mobile application.
  • C. The mobile application will send device location using AWS Mobile Push EC2 instances will retrieve the relevant offers from DynamoDB. EC2 instances will communicate with mobile carriers/device providers to push alerts back to the mobile application.
  • D. The mobile application will submit its location to a web service endpoint utilizing Elastic Load Balancing and EC2 instances; DynamoDB will be used to store and retrieve relevant offers EC2 instances will communicate with mobile earners/device providers to push alerts back to mobile application.

Answer: B

 

NEW QUESTION 77
A company runs an ordering system on AWS using Amazon SQS and AWS Lambda, with each order received as a JSON message. recently the company had a marketing event that led to a tenfold increase in orders. With this increase, the following undesired behaviors started in the ordering system:
* Lambda failures while processing orders lead to queue backlogs.
* The same orders have been processed multiple times.
A solutions Architect has been asked to solve the existing issues with the ordering system and add the following resiliency features:
* Retain problematic orders for analysis.
* Send notification if errors go beyond a threshold value.
How should the Solutions Architect meet these requirements?

  • A. Receive multiple messages with each Lambda invocation, add error handling to message processing code and delete messages after processing, increase the visibility timeout for the messages, create a delay queue for messages that could not be processed, create an Amazon CloudWatch metric on Lambda errors for notification.
  • B. Receive multiple messages with each Lambda invocation, add error handling to message processing code and delete messages after processing, increase the visibility timeout for the messages, create a dead letter queue for messages that could not be processed, create an Amazon CloudWatch alarm on Lambda errors for notification.
  • C. Receive multiple messages with each Lambda invocation, use long polling when receiving the messages, log the errors from the message processing code using Amazon CloudWatch Logs, create a dead letter queue with AWS Lambda to capture failed invocations, create CloudWatch events on Lambda errors for notification.
  • D. Receive single messages with each Lambda invocation, put additional Lambda workers to poll the queue, delete messages after processing, increase the message timer for the messages, use Amazon CloudWatch Logs for messages that could not be processed, create a CloudWatch alarm on Lambda errors for notification.

Answer: B

 

NEW QUESTION 78
A company is currently using AWS CodeCommit for its source control and AWS CodePipeline for continuous integration. The pipeline has a build stage for building the artifacts which is then staged in an Amazon S3 bucket.
The company has identified various improvement opportunities in the existing process, and a Solutions Architect has been given the following requirement:
* Create a new pipeline to support feature development
* Support feature development without impacting production applications
* Incorporate continuous testing with unit tests
* Isolate development and production artifacts
* Support the capability to merge tested code into production code.
How should the Solutions Architect achieve these requirements?

  • A. Create a separate CodeCommit repository for feature development and use it to trigger the pipeline. Use AWS Lambda for running unit tests. Use AWS CodeBuild to stage the artifacts within different S3 buckets in the same production account.
  • B. Trigger a separate pipeline from CodeCommit feature branches. Use AWS Lambda for running unit tests. Use AWS CodeDeploy to stage the artifacts within an S3 bucket in a separate testing account.
  • C. Trigger a separate pipeline from CodeCommit tags Use Jenkins for running unit tests. Create a stage in the pipeline with S3 as the target for staging the artifacts with an S3 bucket in a separate testing account.
  • D. Trigger a separate pipeline from CodeCommit feature branches. Use AWS CodeBuild for running unit tests. Use CodeBuild to stage the artifacts within an S3 bucket in a separate testing account.

Answer: A

Explanation:
https://docs.aws.amazon.com/codebuild/latest/userguide/how-to-create-pipeline.html

 

NEW QUESTION 79
A Solutions Architect is designing a customer order processing application that will likely have high usage
spikes.
What should the Architect do to ensure that customer orders are not lost before being written to an
Amazon RDS database? (Choose two.)

  • A. Use Elastic Load Balancing with a round-robin routing algorithm.
  • B. Have the orders written into an Amazon SQS queue.
  • C. Have a standby Amazon RDS instance in a separate Availability Zone.
  • D. Scale the number of processing nodes based on pending order volume.
  • E. Use Amazon CloudFront to deliver the application front end.

Answer: A,E

 

NEW QUESTION 80
......

AWS-Solutions-Architect-Professional Dumps With 100% Verified Q&As - Pass Guarantee or Full Refund: https://passguide.validtorrent.com/AWS-Solutions-Architect-Professional-valid-exam-torrent.html

Related Articles

more
Amazon AWS-Solutions-Architect-Professional Certification Practice Exam

Copyright © 2026 ValidTorrent NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy