ITExambyte

AWS Solution Architect Associate Exam Dumps

0%

AWS Solution Architecture Exam Dumps

Total Questions – 65
Passing Score is 70%

DomainWeigthage%
Design Resilient Architecture26%
Design High Performance Architecture24%
Design Secure Architecture30%
Design Cost Optimized Architecture20%

1 / 65

1. A junior architecture engineer wants to change the default configuration for EBS volume termination. By default, the root volume of an EC2 instance for an EBS-backed AMI is deleted when the instance terminates.

Which option below helps change this default behavior to ensure that the volume persists even after the instance terminates?

2 / 65

2. An Africa-based healthcare firm is building an interactive diagnostic tool for HIV related assessments. The users would be required to capture their personal health records via this tool. As this is sensitive health information, the backup of the user data must be kept encrypted in S3. The startup does not want to provide its own encryption keys but still wants to maintain an audit trail of when an encryption key was used and by whom.

Which of the following is the BEST solution for this use-case?

3 / 65

3. An IT consultant is helping the owner of a small-sized business set up an AWS account. What are the security recommendations he must follow while creating the AWS account root user? (Select two)

4 / 65

4. Which service would you choose to develop a solution with minimal effort if an IT company, utilizing a fleet of EC2 instances for its proprietary application, needs to notify the infrastructure maintenance group via email when CPU utilization exceeds a specified threshold?

5 / 65

5. The IT company employs SQS queues to decouple the different components of its application architecture. To accommodate consuming components that require more time to process SQS messages, the company intends to delay the delivery of new messages to the queue by a few seconds.
As a solutions architect, which of the following solutions would you suggest to the company?

6 / 65

6. What does this IAM policy do?

7 / 65

7. A company operates a microservices architecture and wants to deploy multiple Kubernetes clusters across different AWS regions for high availability and fault tolerance. Which feature of Amazon EKS allows them to achieve this?

8 / 65

8. Within a single AWS Region managed by AWS Organizations, you possess multiple AWS accounts and seek to guarantee private communication among all EC2 instances across these accounts. Among the options presented, which solution offers this capability at the LOWEST cost?

9 / 65

9. A Big Data analytics company wants to set up an AWS cloud architecture that throttles requests in case of sudden traffic spikes. The company is looking for AWS services that can be used for buffering or throttling to handle such traffic variations.

Which of the following services can be used to support this requirement?

10 / 65

10. An E-commerce company has moved its IT infrastructure to AWS Cloud and they have been using Amazon EC2 Auto Scaling for their web servers. This has helped them deal with traffic spikes effectively. But, their MySQL relational database has now become a bottleneck and they urgently need a fully managed auto scaling solution for their relational database to address any unpredictable changes in the traffic.

Can you identify the AWS service that is best suited for this use-case?

11 / 65

11. A logistics company operates a fleet management system and needs to track the real-time location of vehicles. They want to expose APIs to retrieve vehicle location data and update vehicle status. Additionally, they want to ensure that the APIs can handle a high volume of requests from mobile and web applications. Which AWS service should they use to build and manage the APIs?

12 / 65

12. A company has hired you as an AWS Certified Solutions Architect to help with redesigning a real-time data processor. The company wants to build custom applications that process and analyze the streaming data for its specialized needs.

Which aws solution will you recommend to address this use-case?

13 / 65

13. As a solutions architect, you've been assigned the task of enhancing the resilience of a multi-tier gaming application, operating on EC2 instances behind an Application Load Balancer, with instances in an EC2 Auto Scaling group across multiple Availability Zones and an Amazon Aurora database. What would be your recommendations to make the application more robust against periodic spikes in request rates? (Select two)

14 / 65

14. You terminated an instance in the us-west-1a availability zone, and the attached EBS volume is now available for attachment to other instances. An intern launches a new Linux EC2 instance in the us-west-1b availability zone and attempts to attach the EBS volume. The intern informs you that it is not possible and seeks your assistance.

Which of the following explanations would you provide to them?

15 / 65

15. A US startup uses AWS Cloud to manage its IT infrastructure. The DevOps team at the startup wants to perform weekly database rollovers for a MSSQL database server using a serverless cron job that typically takes about 5 minutes to execute the database rollover script written in Node.js. The database rollover will archive the past week’s data from the production database to keep the database small while still keeping its data accessible.

As a solutions architect, which of the following would you recommend as the MOST cost-efficient and reliable solution?

16 / 65

16. Consider the following policy associated with an IAM group containing several users:

17 / 65

17. A gaming analytics organization has been acquired by a leading graphic company. The analytics organization has 15 independent gaming applications with an on-premises data footprint of about 90TB for each application. The CTO of the graphic company has set a timeline of 15 days to carry out the data migration from on-premises data center to AWS Cloud and establish connectivity.

Which of the following are the MOST cost-effective options for establishing connectivity?

18 / 65

18. A Banking services firm has initiated a program to enhance the security of its AWS resources, implementing AWS Shield Advanced across numerous AWS accounts owned by the company. However, upon evaluation, the company discovers that the incurred costs significantly exceed initial expectations.

What could be identified as the root cause for the unexpectedly high costs associated with the AWS Shield Advanced service?

19 / 65

19. An E-commerce company wants to review its security best-practices after an incident was reported where a new intern on the team was assigned full access toS3. The intern accidentally deleted a couple of files from the production environment while building out a new feature.

Which is the MOST effective way to address this issue so that such incidents do not recur?

20 / 65

20. An Indian startup's cloud infrastructure consists of a few Amazon EC2 instances, Amazon RDS instances and Amazon S3 storage. A year into their business operations, the startup is incurring costs that seem too high for their business requirements.

Which of the following options represents a valid cost-optimization solution?

21 / 65

21. As a solutions architect, which of the following approaches would you recommend for addressing message processing failures observed by the engineering team for some customer orders within an e-commerce company using Amazon SQS queues to decouple their application architecture?

22 / 65

22. As a Solutions Architect, you have been hired to work with the engineering team at a tech company to create a REST API using the serverless architecture.

Which of the following solutions will you recommend to move the company to the serverless architecture?

23 / 65

23. The engineering team at a weather tracking company wants to enhance the performance of its relation database and is looking for a caching solution that is simple in design.

As a solutions architect, which of the following solutions will you suggest?

24 / 65

24. An Unix systems administrator at an IT company wants to set up a highly available architecture for a bastion host solution.

As a solutions architect, which of the following options would you recommend as the solution?

25 / 65

25. The DevOps team at an IT company is provisioning a two-tier application in a VPC with a public subnet and a private subnet. The team wants to use either a NAT instance or a NAT gateway in the public subnet to enable instances in the private subnet to initiate outbound IPv4 traffic to the internet but needs some technical assistance in terms of the configuration options available for the NAT instance and the NAT gateway.

As a solutions architect, which of the following options would you identify as CORRECT? (Select three)

26 / 65

26. Which of the following options MOST accurately outlines the capabilities of Amazon S3 relevant to the scenario where a financial services firm, operating a high-frequency trading system, intends to write log files to Amazon S3 and read them in parallel on a near real-time basis while mitigating potential data discrepancies caused by overwriting and subsequent reading of existing log files?

27 / 65

27. A systems administrator has created a private hosted zone and associated it with a Virtual Private Cloud (VPC). However, the DNS queries for the private hosted zone remain unresolved.

As a Solutions Architect, can you identify the Amazon VPC options to be configured in order to get the private hosted zone to work?

28 / 65

28. The DevOps has set up inbound traffic rules for the relevant ports in both the Security Group of the EC2 instance and the Network Access Control List (NACL) of the subnet. Despite this configuration, the DevOps is unable to establish a connection to the service running on the Amazon EC2 instance.

29 / 65

29. The engineering team at an E-commerce company wants to create a daily big data analysis job leveraging Spark for analyzing online/offline sales and customer loyalty data to create customized reports on a client-by-client basis. The big data analysis job needs to read the data from Amazon S3 and output it back to S3.

Which technology do you recommend to run the Big Data analysis job? (Select two)

30 / 65

30. A data analytics company oversees an application storing user data in a DynamoDB table. Occasionally, the development team notices corrupted data being written into the DynamoDB table. Upon detecting the issue, the team urgently needs to remove the corrupted data.

What course of action do you recommend?

31 / 65

31. Which AWS service provides the necessary capabilities for re-engineering the caching layer of the current architecture for the relational database of an online home rental marketplace, with requirements for replication and archival support?

32 / 65

32. How can you migrate an AWS account from AWS Organization A to AWS Organization B? What steps should be taken to accomplish this task?

33 / 65

33. Your application is hosted by a provider on sample.provider.com. You would like to have your users access your application using www.my-application.com, which you own and manage under Route 53.

What Route 53 record should you create?

34 / 65

34. You have an S3 bucket that contains files in two different folders - s3://sample-bucket/videos and s3://sample-bucket/photos. When a video is first uploaded and new, it is viewed several times. But after 45 days, analytics prove that videos files are on average rarely requested, but the photos still are. After 180 days, you would like to archive the videos files and the photos. Overall you would like the solution to remain highly available to prevent disasters happening against a whole AZ.

How can you implement an efficient cost strategy for your S3 bucket? (Select two)

35 / 65

35. A systems administrator is crafting IAM policies and linking them to IAM identities. Having completed the requisite identity-based policies, the administrator is now drafting resource-based policies.

What is the only resource-based policy supported by the IAM service?

36 / 65

36. A social photo-sharing company utilizes Amazon S3 to store images uploaded by users. These images are encrypted in S3 using AWS Key Management Service (KMS), with the company managing its own Customer Master Key (CMK) for encryption purposes. Unfortunately, a member of the DevOps team inadvertently deleted the CMK a day ago, leading to the loss of user photo data. The company has reached out to seek consultation on potential solutions to this crisis.

37 / 65

37. A startup has created a data warehouse using Redshift that is used to analyze data from Amazon S3. From the usage pattern, you have observed that after 30 days, the data is rarely queried in Redshift and it's not "hot data" anymore. You would like to preserve the SQL querying capability on your data and get the queries started immediately. Also, you want to adopt a pricing model that allows you to save the maximum amount of cost on Redshift.

What do you recommend? (Select two)

38 / 65

38. A newly onboarded DevOps engineer within a development team seeks to grasp the replication functionalities of RDS Multi-AZ and RDS Read-replicas. Which of the following accurately outlines these capabilities for the specified database?

39 / 65

39. A company has many VPC in various accounts, that need to be connected in a star network with one another and connected with on-premises networks through Direct Connect.

What do you recommend?

40 / 65

40. A prominent video streaming provider is transitioning to AWS Cloud infrastructure to distribute its content to users globally. The company aims to ensure that the solution can handle a minimum of one million requests per second for its EC2 server farm.
As a solutions architect, which type of Elastic Load Balancer would you recommend as part of the solution stack?

41 / 65

41. A health care startup has created a new web application for users to complete a risk assessment survey for AIDS symptoms via a self-administered questionnaire. The startup has purchased the domain aids-assessment.com using Route 53. The web development team would like to create a Route 53 record so that all traffic for aids-assessment.com is routed to www.aids-assessment.com

As a solutions architect, which of the following is the MOST cost-effective solution that you would recommend to the web development team?

42 / 65

42. Which of the following represents the appropriate placement group configuration for a Big Data consulting company aiming to migrate large distributed and replicated workloads from an on-premises data center to Amazon EC2 instances, while leveraging the placement groups feature to minimize correlated hardware failures?

43 / 65

43. As a Solutions Architect, you've designed an application deployed with an Elastic Load Balancer and an Auto Scaling Group. You've set up CloudWatch alarms with aggressive configurations, causing your Auto Scaling Group (ASG) to rapidly scale in and out, refreshing your Amazon EC2 instance fleet daily. A production bug emerged two days ago, yet the team cannot SSH into the instance to troubleshoot because the instance was terminated by the ASG. The log files are stored on the EC2 instance.
How will you resolve the issue and make sure it doesn't happen again?

44 / 65

44. Which AWS service offers a highly available and fault-tolerant solution for capturing clickstream events from the source and concurrently providing a data stream to downstream applications?

45 / 65

45. A company hires experienced specialists to analyze the customer service calls attended by its call center representatives. Now, the company wants to move to AWS Cloud and is looking at an automated solution to analyze customer service calls for sentiment analysis via ad-hoc SQL queries.

As a Solutions Architect, which of the following solutions would you recommend?

46 / 65

46. Your e-commerce application currently utilizes an RDS PostgreSQL database, which also hosts an analytics workload. However, running the analytics workload adversely impacts the performance of your e-commerce application, leading to reduced sales.

What is the MOST cost-optimal solution to address this issue?

47 / 65

47. A DevOps engineer at an IT company just upgraded an EC2 instance type from t2.nano (0.5G of RAM, 1 vCPU) to u-12tb1.metal (12.3 TB of RAM, 448 vCPUs). How would you categorize this upgrade?

48 / 65

48. The engineering team at an online firm is assessing the best block storage volume type for the EC2 instances hosting its primary application. They require a storage volume with very low latency but do not need to retain the data when the instance terminates. As a solutions architect, you've recommended utilizing Instance Store volumes to fulfill these criteria.

Which of the following would you identify as the key characteristics of the Instance Store volumes? (Select two)

49 / 65

49. A gaming company wants to run their applications on single-tenant hardware to meet regulatory guidelines.

Which of the following is the MOST cost-effective way of isolating their Amazon EC2 instances to a single tenant?

50 / 65

50. The engineering manager overseeing a content management application seeks to establish RDS read replicas to enhance performance and read scalability. The manager aims to comprehend the data transfer charges associated with configuring RDS read replicas.

Which of the following statements accurately describes the data transfer charges for RDS read replicas?

51 / 65

51. You would like to store a database password in a secure place, and enable automatic rotation of that password every 90 days. What do you recommend?

52 / 65

52. As a solutions architect, what recommendations would you propose to address compliance and regulatory guidelines, including safeguarding against accidental deletion of objects, for a healthcare startup storing data in Amazon S3? (Select two)

53 / 65

53. An organization needs to process incoming HTTP requests and invoke AWS Lambda functions based on the request path. Which feature of Amazon API Gateway facilitates this requirement?

54 / 65

54. You have a team of developers in your company, and you aim to facilitate their experimentation with AWS Managed Policies by allowing them to attach these policies to their accounts. However, you also want to prevent them from granting themselves the AdministratorAccess managed policy to avoid privilege escalation. How should you proceed to achieve this?

55 / 65

55. As a Solutions Architect, what solution would you recommend for an e-commerce company seeking high availability as it prepares to migrate its flagship application to a fleet of Amazon EC2 instances, with a requirement for content-based routing in its architecture?

56 / 65

56. As a Solutions Architect, what suggestions would you propose to troubleshoot the issue where the Auto Scaling group (ASG) fails to terminate an unhealthy Amazon EC2 instance? (Select two)

57 / 65

57. What does this CloudFormation snippet do? (Select two)

SecurityGroupIngress:     - IpProtocol: tcp       FromPort: 80       ToPort: 80       CidrIp: 0.0.0.0/0     - IpProtocol: tcp       FromPort: 22       ToPort: 22       CidrIp: 192.168.1.1/32

58 / 65

58. As a solutions architect, what steps would you recommend for an organization looking to delegate access to a group of users from the development environment so they can access resources in the production environment, which is managed under another AWS account?

59 / 65

59. Your firm has implemented a multi-tiered networking structure within the VPC - with two public and two private subnets. The public subnets are used to deploy the Application Load Balancers, while the two private subnets are used to deploy the application on Amazon EC2 instances. The development team wants the EC2 instances to have access to the internet. The solution has to be fully managed by AWS and needs to work over IPv4.

What will you recommend?

60 / 65

60. As a Solutions Architect, you've configured a database on a single EC2 instance with a gp2 EBS volume totaling 300GB. The EC2 instance is an m5.large type. Lately, the database performance has deteriorated, and upon reviewing CloudWatch, you notice that the IOPS on the EBS volume are reaching maximum capacity. Given the licensing constraints, the database's disk size cannot be altered.

How would you troubleshoot this issue?

61 / 65

61. During performance analysis of an e-commerce application, the engineering team observed that database reads are resulting in elevated I/O and introducing latency to the write requests against the Amazon Aurora Multi-AZ deployment database.
As an AWS Certified Solutions Architect Associate, what would you recommend to separate the read requests from the write requests?

62 / 65

62. A Delhi based financial company has a two-tier architecture using EC2 instances for its flagship application. The web servers (listening on port 443), which have been assigned security group A, are in public subnets across two Availability Zones and the MS-SQL based database instances (listening on port 1433), which have been assigned security group B, are in two private subnets across two Availability Zones. The Security team wants to review the security configurations of the application architecture.

63 / 65

63. A company is looking for a technology that allows its mobile app users to connect through a Google login and have the capability to turn on MFA (Multi-Factor Authentication) to have maximum security. Ideally, the solution should be fully managed by AWS.

Which technology do you recommend for managing the users' accounts?

64 / 65

64. In a bid to enhance the application's performance and security, the engineering team at a company has established a CloudFront distribution with an Application Load Balancer as the custom origin. Additionally, the team has implemented a Web Application Firewall (WAF) alongside the CloudFront distribution. However, the security team at the company has detected an increase in malicious attacks originating from a specific IP address aimed at stealing sensitive data stored on the EC2 instances.

As a solutions architect, which of the following actions would you recommend to stop the attacks?

65 / 65

65. A movie production studio is looking at transferring their existing digital media assets of around 25PB to AWS Cloud in the shortest possible timeframe.

Which of the following is an optimal solution for this requirement, given that the studio's data centers are located at a remote location?

Your score is

The average score is 3%

0%

Exit