AWS-Solution-Architect-Associate Dumps Top 30 Real Exam Questions

AWS-Solution-Architect-Associate Dumps Top 30 Real Exam Questions

AWS-Solution-Architect-Associate Dumps Top 30 Real Exam Questions 

1.  You have a web portal composed of two services. Each service must scale independently. Both services should be served under the same domain.Which configuration allows this? 

·     Use two AWS Application Load Balancers: one for each service. Assign the same CNAME to both. 
·        Use one AWS Classic Load Balancer. Create a redirect in the web server based on users' source IP's. 
·        Use two AWS Classic Load Balancers: one for each service. Assign the same CNAME to both. 
·        Use one AWS Application Load Balancer. Specify listener rules to route requests to each service. 

2.  You are tasked with setting up a Linux bastion host for access to Amazon EC2 instances running in your UPC. Only clients connecting from the corporate external public IP address should have SSH access to the host. Which option will meet the customer requirement? 

·        Security Group Inbound Rule: Protocol - TCP. Port Range - 22. Source 
·        Security Group Inbound Rule: Protocol - UDP. Port Range - 22. Source 
·        Network ACL Inbound Rule: Protocol - UDP. Port Range - 22. Source 
·        Network ACL Inbound Rule: Protocol - TCP. Port Range - 27. Source 

3.  A photo-sharing service stores pictures in Amazon Simple Storage Service (S3) and allows application sign-in using an OpenID Connect-compatible identity provider. Which AWS Security Token Service approach to temporary access should you use for the Amazon S3 operations? 

·        SAML-based Identity Federation 
·        Cross-Account 
·        Access AWS Identity and Access Management roles 
·        Web Identity Federation 

4.  You need a solution to distribute traffic evenly across all of the containers for a task running on Amazon ECS. Your task definitions define dynamic host port mapping for your containers. What AWS feature provides this functionality? 

·        Application Load Balancers support dynamic host port mapping. 
·        Cloud Front custom origins support dynamic host port mapping. 
·        All Elastic Load Balancing instances support dynamic host port mapping 
·        Classic load Balancers support dynamic host port mapping 

5.  Which features can be used to restrict access to data in S3? (Select TWO) 

·        Create a Cloud Front distribution for the bucket. 
·        Set an S3 bucket policy. 
·        Use S3 Virtual Hosting. 
·        Set an S3 ACL on the bucket or the object. 
·        Enable IAM Identity Federation. 

6.  You are migrating an existing enterprise application to AWS. It requires standard file system access from multiple instances. It also requires high storage throughput with consistently low latencies. You are looking for a storage solution that will grow and shrink capacity automatically. How can you accomplish this in AWS? 

·        Create an Amazon S3 bucket that the application can use for its storage requirements. 
·        Create an Amazon EFS the system and mount It on all of the application instances. 
·        Launch an EBS-backed EC2 instance. Create and share an NFS mount with the application. 
·        Launch an Amazon Red shaft cluster with dense storage nodes to use with the application. 

7.  A customer wants to leverage Amazon Simple Storage Service (S3) and Amazon Glacier as part of their backup and archive infrastructure. The customer plans to use third-party software to support this integration. Which approach will limit the access of the third party software to only the Amazon S3 bucket named "company-backup"? 

·        A custom bucket policy limited to the Amazon S3 API in the Amazon Glacier archive "company-backup"
·        A custom bucket policy limited to the Amazon S3 API in "company-backup" 
·        A custom IAM user policy limited to the Amazon S3 API for the Amazon Glacier archive "company-backup". 
·        A custom IAM user policy limited to the Amazon S3 API in "company-backup". 

8.  You are working with a customer who is using Chef Configuration management in their data center. Which service is designed to let the customer Leverage existing Chef Recipes in AWS? 

·        Amazon Simple Workflow Service 
·        AWS Elastic Beanstalk 
·        AWS Cloud Formation 
·        AWS OpsWorks 

9.  Which Auto Scaling features allow you to scale ahead of expected increases in load? (Select TWO.) 

·        Cool down period 
·        Lifecycle hooks 
·        Desired capacity
·        Scheduled scaling 
·        Health check grace period 
·        Metric-based scaling 

10. A company is deploying a new two-tier web application in AWS. The company has limited staff and requires high availability, and the application requires complex queries and table joins. Which configuration provides the solution for the company's requirements? 

·        MySQL installed on two Amazon EC2 instances in a single Availability Zone 
·        Amazon RDS for MySQL with Multi-AZ 
·        Amazon Elastic Cache 
·        Amazon Dynamo DB 

11. You have been asked to design a fault tolerant and scalable web application across three Availability Zones. The presentation logic will reside on web servers behind an ELB Classic Load Balancer, and the application logic will reside on a set of app servers behind a second load balancer. How should you use Auto Scaling groups? 

·        Deploy one Auto Scaling group that includes all the web and app servers across all Availability Zones. 
·        Deploy three Auto Scaling groups: one for each Availability Zone that includes both web and app servers. 
·        Deploy two Auto Scaling groups: one for the web servers in all Availability Zones and one for the app server’s on all Availability Zones. 
·        Deploy six Auto Scaling groups: a web server group in each Availability Zone and an app server group in each Availability Zone. 

12. You are designing a scalable web application with stateless web servers. Which service or feature is well suited to store user session information? 

·        Amazon EBS 
·        Amazon Dynamo DB 
·        Amazon EC2 instance 
·        Amazon SQS 

13. Your Amazon EC2 instances must access the AWS API, so you created a NAT gateway in an existing subnet when you try to access the AWS API, you are unsuccessful. What could be preventing access? 

·        The NAT gateway subnet does not have a route to an Internet gateway. 
·        The instances need an IAM role granting access to the NAT gateway. 
·        The NAT gateway does not have a route to the virtual private gateway. 
·        The instances are not in the same subnet as the NAT gateway. 

14. A company has a workflow that uploads video files from their data center to AWS for transcoding. They use Amazon EC2 worker instances that pull transcoding jobs from SQS. Why is SQS an appropriate service for this scenario? 

  • ·        SQS can accommodate message payloads of any size. 
  • ·        SQS checks the health of the worker instances. 
  • ·        SQS synchronously provides transcoding output. 
  • ·        SQS decouples the transcoding task from the upload. 

15. Your existing web application requires a persistent key-value store database that must service 50,000 reads/second. Your company is looking at 10% growth in traffic and data volume month over month for the next several years. Which service meets these requirements? 

·        Amazon Redshift
·        Amazon Dynamo DB 
·        Amazon SQS 
·        Amazon RDS 

16. You have been tasked with choosing a data store to persist GPS coordinates for a new app. The service needs consistent, single-digit-millisecond latency at any scale. Which AWS service meets your requirements? 

·        Amazon Redstart 
·        Amazon DynamoDB 
·        Amazon S3 
·        Amazon RDS 

17.          What are characteristics of Amazon S3? (Select TWO.) 

·        Objects are directly accessible via a URL. 
·        S3 allows you to <tore objects of virtually unlimited size. 
·        S3 offers Provisioned IOPS.
·        S3 should be used to host a relational database. 
·        S3 allows you to store unlimited amounts of data. 

18. An application on an Amazon EC2 instance routinely stops responding to requests and requires a reboot to recover. The application logs are already exported into Amazon Cloud Watch, and you notice that the problem consistently follows the appearance of a specific message in the log. The application team is working to address the bug, but has not provided a date for the fix. What workaround can you implement to automate recovery of the instance until the fix is deployed? 

·        Create an Amazon CloudWatch alarm on an Amazon CloudWatch Logs biter for that message, based on that alarm, trigger an Amazon CloudWatch action to reboot the instance.
·        Create an AWS CloudTrail alarm on low CPU: based on that alarm. Trigger an Amazon SNS message to the Operations team. 
·        Create an Amazon CloudWatch alarm on instance memory usage; based on that alarm, trigger an Amazon CloudWatch action to reboot the instance. 
·        Create an AWS Cloudfrail alarm to detect the deadlock: based on that alarm, trigger an Amazon SNS message to the Operations team. 

19. You originally built a VPC for a two-tier application. The subnets for the web and data tiers use all the IP address space in the VPC. Now you want to add subnets for an application tier. How can you accommodate the new subnets in your VPC? 

·        Reduce the CIDR block ranges of the existing subnets to make room for the new subnets. 
·        Build a new VPC that can accommodate all the sublets, and migrate the application to the new VPC. 
·        Change the CIDR block for the VPC to create enough free address spare for the new subnets. 
·        Create the new subnets on the VPC: the VPC will automatically scale to accommodate the new subnets

20. You are designing a web application that will be backed by a relational database. The application will be read-heavy, and database queries will be computationally intensive. How can you improve overall application response for users? 

·        Use ElastiCache to store critical pieces of data in memory for low-latency access. 
·        Use Amazon SQS to distribute messages among workers that are less busy. 
·        Use an Auto Scaling group and ELB Classic Load Balancer for the application tier. 
·        Use Data Pipeline to replicate your relational data across all of your web tier nodes. 

21. A client application requires operating system privileges on a relational database server. What is an appropriate configuration for a highly available database architecture? 

·        A standalone Amazon EC2 instance 
·        Amazon RDS in a Multi-AZ configuration 
·        Amazon EC2 instances in a replication configuration utilizing a single Availability Zone 
·        Amazon EC2 instances in a replication configuration utilizing two different Availability Zones 

22. An Auto-Scaling group spans 3 AZs and currently has 4 running EC2 instances. When Auto Scaling needs to terminate an EC2 instance, by default Auto Scaling will: (Select TWO.) 

·        Terminate the instance with the least active network connections. If multiple instances meet this cntenon one van be randomly selected 
·        Terminate an instance in the AZ which currently has 2 running EC2 instances. send an SNS notification. if configured to do so. 
·        Randomly select one of the 3 AZz, and then terminate an instance in that AZ. 
·        Allow at least five minutes for Windows/Linux shutdown scripts to complete, before terminating the instance. 

23. You are working with a customer who has 10 TB of archival data that they want to migrate to Amazon Glacier. The customer has a 1-Mbps connection to the Internet.
Which service or feature provide the fastest method of getting the data into Amazon Glacier? 

·        Amazon Glacier multipart upload 
·        AWS Storage Gateway 
·        VM Import/Export 
·        AWS Import/Export 

24. Which of the following are characteristics of Amazon VPC subnets? (Select TWO.) 

·        Each subnet spans at least 2 Availability Zones to provide a high availability environment. 
·        Each subnet maps to a single Availability Zone. 
·        A CIDR block mask of /25 is the smallest range supported. 
·        By default, all subnets can route between each other. Whether they are private or public.
·        Instances in a private subnet can communicate with the Internet only if they have an Elastic IP. 

25. Your Amazon VPC has a public subnet with a route that sends all Internet traffic to the Internet gateway. An Amazon EC2 instance in the public subnet has an assigned private IP address. The instance belongs to a security group set to allow all outbound traffic. The instance cannot access the Internet. Why could the Internet be unreachable from this instance? 

·        The instance does not have a public IP address. 
·        The Internet gateway security group mint allow all outbound traffic. 
·        The Instance security group must allow all inbound traffic. 
·        The instance 'Source/Destination check' property must be enabled 

26. You are launching an application in an Auto Scaling group. To store the user session state, you need a structured tor service with durability and low latency. Which service meets your needs? 

·        Amazon ElastiCache 
·        Amazon S3 
·        Amazon EC2 instance storage 
·        Amazon DynamoDB

27. You're building an API backend available at The API is implemented with API Gateway and Lambda. You successfully tested the API using curl. You implemented Javascript to call the API from a webpage on your corporate website, When you access that page in your browser, you get the following error: The same origin policy disallows reading the remote resource" Flow can you allow your corporate webpages to invoke the API? 

·        Disable CORS in the API Gateway. 
·        Disable CORS in the JavaScript frontend. 
·        Enable CORS in the API Gateway. 
·        Enable CORS in the JavaScript frontend. 

28. A company needs to deploy services to an AWS region, which they have not previously used. The company currently has an AWS Identity and Access Management (IAM) role for their Amazon EC2 instances. Which permits the instance to have access to Amazon Dynamo DB. The company wants their EC2 instances in the new region to have the same privileges. How should the company achieve this? 

·        Create a new IAM role and associated policies within the new region 
·        Assign the existing IAM role to the Amazon EC2 instances in the new region 
·        Copy the IAM role, associated policies to the new region, and attach it to the instances 
·        Create an Amazon Machine Image (AMI) of the instance and copy it to the desired region using the AMI Copy feature 

No comments