AWS-Solution-Architect-Associate Exam - AWS Certified Solutions Architect - Associate

NEW QUESTION 1
All Amazon EC2 instances are assigned two IP addresses at launch, out of which one can only be reached from within the Amazon EC2 network?

• A. Multiple IP address
• B. Public IP address
• C. Private IP address
• D. Elastic I P Address

Answer: C

NEW QUESTION 2
You are running PostgreSQL on Amazon RDS and it seems to be all running smoothly deployed in one availability zone. A database administrator asks you if DB instances running PostgreSQL support MuIti-AZ deployments. What would be a correct response to this QUESTION ?

• A. Yes.
• B. Yes but only for small db instances.
• C. No.
• D. Yes but you need to request the service from AW

Answer: A

Explanation: Amazon RDS supports DB instances running several versions of PostgreSQL. Currently we support PostgreSQL versions 9.3.1, 9.3.2, and 9.3.3. You can create DB instances and DB snapshots,
point-in-time restores and backups.
DB instances running PostgreSQL support MuIti-AZ deployments, Provisioned IOPS, and can be created inside a VPC. You can also use SSL to connect to a DB instance running PostgreSQL.
You can use any standard SQL client application to run commands for the instance from your client computer. Such applications include pgAdmin, a popular Open Source administration and development tool for PostgreSQL, or psql, a command line utility that is part of a PostgreSQL installation. In order to deliver a managed service experience, Amazon RDS does not provide host access to DB instances, and it restricts access to certain system procedures and tables that require advanced prMleges. Amazon RDS supports access to databases on a DB instance using any standard SQL client application. Amazon RDS does not allow direct host access to a DB instance via Telnet or Secure Shell (SSH).
Reference: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.htmI

NEW QUESTION 3
A user has created photo editing software and hosted it on EC2. The software accepts requests from the user about the photo format and resolution and sends a message to S3 to enhance the picture accordingly. Which of the below mentioned AWS services will help make a scalable software with the AWS infrastructure in this scenario?

• A. AWS Simple Notification Service
• B. AWS Simple Queue Service
• C. AWS Elastic Transcoder
• D. AWS Glacier

Answer: B

Explanation: Amazon Simple Queue Service (SQS) is a fast, reliable, scalable, and fully managed message queuing service. SQS provides a simple and cost-effective way to decouple the components of an application. The user can configure SQS, which will decouple the call between the EC2 application and S3. Thus, the application does not keep waiting for S3 to provide the data.
Reference: http://aws.amazon.com/sqs/faqs/

NEW QUESTION 4
A user is planning to make a mobile game which can be played online or offline and will be hosted on EC2.
The user wants to ensure that if someone breaks the highest score or they achieve some milestone they can inform all their colleagues through email. Which of the below mentioned AWS services helps achieve this goal?

• A. AWS Simple Workflow Service.
• B. AWS Simple Email Service.
• C. Amazon Cognito
• D. AWS Simple Queue Servic

Answer: B

Explanation: Amazon Simple Email Service (Amazon SES) is a highly scalable and cost-effective email-sending service for businesses and developers. It integrates with other AWS services, making it easy to send emails from applications that are hosted on AWS.
Reference: http://aws.amazon.com/ses/faqs/

NEW QUESTION 5
Which features can be used to restrict access to data in 53? Choose 2 answers

• A. Set an 53 ACL on the bucket or the object.
• B. Create a Cloud Front distribution for the bucket.
• C. Set an 53 bucket policy.
• D. Enable IAM Identity Federation
• E. Use 53 Virtua I Hosting

Answer: CD

Explanation: Reference:
http://docs.aws.amazon.com/AmazonCioudFront/latest/DeveIoperGuide/private-contentrestricting-access
-to-s3.html

NEW QUESTION 6
What are the Amazon EC2 API tools?

• A. They don't exis
• B. The Amazon EC2 AMI tools, instead, are used to manage permissions.
• C. Command-line tools to the Amazon EC2 web service.
• D. They are a set of graphical tools to manage EC2 instances.
• E. They don't exis
• F. The Amazon API tools are a client interface to Amazon Web Senrice

Answer: B

NEW QUESTION 7
A customer wants to track access to their Amazon Simple Storage Service (53) buckets and also use this information for their internal security and access audits. Which of the following will meet the Customer requirement?

• A. Enable AW5 CIoudTraiI to audit all Amazon 53 bucket access.
• B. Enable server access logging for all required Amazon 53 buckets.
• C. Enable the Requester Pays option to track access via AWS Billing
• D. Enable Amazon 53 event notifications for Put and Pos

Answer: A

NEW QUESTION 8
A 3-tier e-commerce web application is current deployed on-premises and will be migrated to AWS for
greater scalability and elasticity The web server currently shares read-only data using a network distributed file system The app server tier uses a clustering mechanism for discovery and shared session state that depends on I P multicast The database tier uses shared-storage clustering to provide database fail over capability, and uses several read slaves for scaling Data on all sewers and the distributed file system directory is backed up weekly to off-site tapes
Which AWS storage and database architecture meets the requirements of the application?

• A. Web sewers: store read-only data in 53, and copy from 53 to root volume at boot tim
• B. App servers: share state using a combination of DynamoDB and IP unicas
• C. Database: use RDS with multi-AZ deployment and one or more read replica
• D. Backup: web servers, app servers, and database backed up weekly to Glacier using snapshots.
• E. Web sewers: store read-only data in an EC2 NFS server, mount to each web server at boot tim
• F. App servers: share state using a combination of DynamoDB and IP multicas
• G. Database: use RDS with multi-AZ deployment and one or more Read Replica
• H. Backup: web and app servers backed up weekly via AM Is, database backed up via DB snapshots.
• I. Web servers: store read-only data in 53, and copy from 53 to root volume at boot tim
• J. App servers: share state using a combination of DynamoDB and IP unicas
• K. Database: use RDS with multi-AZ deployment and one or more Read Replica
• L. Backup: web and app servers backed up weekly viaAM Is, database backed up via DB snapshots.
• M. Web servers: store read-only data in 53, and copy from 53 to root volume at boot tim
• N. App servers: share state using a combination of DynamoDB and IP unicas
• O. Database: use RDS with multi-AZ deploymen
• P. Backup: web and app sewers backed up weekly via ANI Is, database backed up via DB snapshots.

Answer: C

Explanation: Amazon RDS Multi-AZ deployments provide enhanced availability and durability for Database (DB) Instances, making them a natural fit for production database workloads. When you provision a Multi-AZ DB Instance, Amazon RDS automatically creates a primary DB Instance and synchronously replicates the data to a standby instance in a different Availability Zone (AZ). Each AZ runs on its own physically distinct, independent infrastructure, and is engineered to be highly reliable. In case of an infrastructure failure (for example, instance hardware failure, storage failure, or network disruption), Amazon RDS performs an automatic failover to the standby, so that you can resume database operations as soon as the failover is complete. Since the endpoint for your DB Instance remains the same after a failover, your application can resume database operation without the need for manual administrative intervention.
Benefits
Enhanced Durability
MuIti-AZ deployments for the MySQL, Oracle, and PostgreSQL engines utilize synchronous physical replication to keep data on the standby up-to-date with the primary. MuIti-AZ deployments for the SQL Server engine use synchronous logical replication to achieve the same result, employing SQL
Server-native Mrroring technology. Both approaches safeguard your data in the event of a DB Instance failure or loss of an Availability Zone.
If a storage volume on your primary fails in a Multi-AZ deployment, Amazon RDS automatically initiates a failover to the up-to-date standby. Compare this to a Single-AZ deployment: in case of a Single-AZ database failure, a user-initiated point-in-time-restore operation will be required. This operation can take several hours to complete, and any data updates that occurred after the latest restorable time (typically within the last five minutes) will not be available.
Amazon Aurora employs a highly durable, SSD-backed virtualized storage layer purpose-built for
database workloads. Amazon Aurora automatically replicates your volume six ways, across three Availability Zones. Amazon Aurora storage is fault-tolerant, transparently handling the loss of up to two copies of data without affecting database write availability and up to three copies without affecting read availability. Amazon Aurora storage is also self-healing. Data blocks and disks are continuously scanned for errors and replaced automatically.
Increased Availability
You also benefit from enhanced database availability when running Multi-AZ deployments. If an Availability Zone failure or DB Instance failure occurs, your availability impact is limited to the time automatic failover takes to complete: typically under one minute for Amazon Aurora and one to two minutes for other database engines (see the RDS FAQ for details).
The availability benefits of MuIti-AZ deployments also extend to planned maintenance and backups.
In the case of system upgrades like OS patching or DB Instance scaling, these operations are applied first on the standby, prior to the automatic failover. As a result, your availability impact is, again, only the time required for automatic fail over to complete.
Unlike Single-AZ deployments, 1/0 actMty is not suspended on your primary during backup for MuIti-AZ deployments for the MySOL, Oracle, and PostgreSQL engines, because the backup is taken from the standby. However, note that you may still experience elevated latencies for a few minutes during backups for Mu|ti-AZ deployments.
On instance failure in Amazon Aurora deployments, Amazon RDS uses RDS MuIti-AZ technology to automate failover to one of up to 15 Amazon Aurora Replicas you have created in any of three Availability Zones. If no Amazon Aurora Replicas have been provisioned, in the case of a failure, Amazon RDS will attempt to create a new Amazon Aurora DB instance for you automatically.
No Administrative Intervention
DB Instance failover is fully automatic and requires no administrative intervention. Amazon RDS monitors the health of your primary and standbys, and initiates a failover automatically in response to a variety of failure conditions.
Failover conditions
Amazon RDS detects and automatically recovers from the most common failure scenarios for Multi-AZ deployments so that you can resume database operations as quickly as possible without administrative intervention. Amazon RDS automatically performs a failover in the event of any of the following:
Loss of availability in primary Availability Zone Loss of network connectMty to primary Compute unit failure on primary
Storage failure on primary
Note: When operations such as DB Instance scaling or system upgrades like OS patching are initiated for Multi-AZ deployments, for enhanced availability, they are applied first on the standby prior to an automatic failover. As a result, your availability impact is limited only to the time required for automatic failover to complete. Note that Amazon RDS Multi-AZ deployments do not failover automatically in response to database operations such as long running queries, deadlocks or database corruption errors.

NEW QUESTION 9
You have been asked to design the storage layer for an application. The application requires disk
performance of at least 100,000 IOPS in addition, the storage layer must be able to survive the loss of an indMdual disk. EC2 instance, or Availability Zone without any data loss. The volume you provide must have a capacity of at least 3 TB. Which of the following designs will meet these objectives'?

• A. Instantiate a c3.8x|arge instance in us-east-1. Provision 4x1TB EBS volumes, attach them to the instance, and configure them as a single RAID 5 volum
• B. Ensure that EBS snapshots are performed every 15 minutes.
• C. Instantiate a c3.8xIarge instance in us-east-1. Provision 3xiTB EBS volumes, attach them to the Instance, and configure them as a single RAID 0 volum
• D. Ensure that EBS snapshots are performed every 15 minutes.
• E. Instantiate an i2.8xIarge instance in us-east-I
• F. Create a RAID 0 volume using the four 800GB SSD ephemeral disks provided with the instanc
• G. Provision 3x1TB EBS volumes, attach them to the instance, and configure them as a second RAID 0 volum
• H. Configure synchronous, block-level replication from the ephemeral-backed volume to the EBS-backed volume.
• I. Instantiate a c3.8xIarge instance in us-east-1. Provision an AWS Storage Gateway and configure it for 3 TB of storage and 100,000 IOP
• J. Attach the volume to the instanc
• K. Instantiate an i2.8x|arge instance in us-east-I
• L. Create a RAID 0 volume using the four 800GB SSD ephemeral disks provided with the instanc
• M. Configure synchronous, block- level replication to an identically configured instance inus-east-I

Answer: C

NEW QUESTION 10
When an EC2 instance that is backed by an 53-based AMI is terminated, what happens to the data on the root volume?

• A. Data is automatically saved as an EBS snapshot.
• B. Data is automatically saved as an EBS volume.
• C. Data is unavailable until the instance is restarted.
• D. Data is automatically deleted.

Answer: D

NEW QUESTION 11
What is the durability of 53 RRS?

• A. 99.99%
• B. 99.95%
• C. 99.995%
• D. 99.999999999%

Answer: A

NEW QUESTION 12
When should I choose Provisioned IOPS over Standard RDS storage?

• A. If you have batch-oriented workloads
• B. If you use production online transaction processing (OLTP) workloads.
• C. If you have workloads that are not sensitive to consistent performance

Answer: A

NEW QUESTION 13
A user is storing a large number of objects on AWS S3. The user wants to implement the search functionality among the objects. How can the user achieve this?

• A. Use the indexing feature of S3.
• B. Tag the objects with the metadata to search on that.
• C. Use the query functionality of S3.
• D. Make your own DB system which stores the S3 metadata for the search functionalit

Answer: D

Explanation: In Amazon Web Services, AWS S3 does not provide any query facility. To retrieve a specific object the user needs to know the exact bucket / object key. In this case it is recommended to have an own DB system which manages the S3 metadata and key mapping.
Reference: http://media.amazonwebservices.com/AWS_Storage_Options.pdf

NEW QUESTION 14
The Trusted Advisor service provides insight regarding which four categories of an AWS account?

• A. Security, fault tolerance, high availability, and connectMty
• B. Security, access control, high availability, and performance
• C. Performance, cost optimization, security, and fault tolerance
• D. Performance, cost optimization, access control, and connectMty

Answer: C

NEW QUESTION 15
You would like to create a mirror image of your production environment in another region for disaster recovery purposes. Which of the following AWS resources do not need to be recreated in the second region? (Choose 2 answers)

• A. Route 53 Record Sets
• B. IM Roles
• C. Elastic IP Addresses (EIP)
• D. EC2 Key Pairs
• E. Launch configurations
• F. Security Groups

Answer: AC

Explanation: Reference:
http://tech.com/wp-content/themes/optimize/download/AWSDisaster_Recovery.pdf (page 6)

NEW QUESTION 16
A customer has a single 3-TB volume on-premises that is used to hold a large repository of images and print layout files. This repository is growing at 500 GB a year and must be presented as a single logical volume. The customer is becoming increasingly constrained with their local storage capacity and wants an off-site backup of this data, while maintaining low-latency access to their frequently accessed data. Which AWS Storage Gateway configuration meets the customer requirements?

• A. Gateway-Cached volumes with snapshots scheduled to Amazon 53
• B. Gateway-Stored volumes with snapshots scheduled to Amazon 53
• C. Gateway-Virtual Tape Library with snapshots to Amazon 53
• D. Gateway-Virtual Tape Library with snapshots to Amazon Glacier

Answer: D

NEW QUESTION 17
Is there a limit to the number of groups you can have?

• A. Yes for all users
• B. Yes for all users except root
• C. No
• D. Yes unless special permission granted

Answer: A

NEW QUESTION 18
While signing in REST/ Query requests, for additional security, you should transmit your requests using Secure Sockets Layer (SSL) by using

• A. HTIP
• B. Internet Protocol Security(IPsec)
• C. TLS (Transport Layer Security)
• D. HTIPS

Answer: D

NEW QUESTION 19
After launching an instance that you intend to serve as a NAT (Network Address Translation) device in a public subnet you modify your route tables to have the NAT device be the target of internet bound traffic of your private subnet. When you try and make an outbound connection to the internet from an instance in
the private subnet, you are not successful. Which of the following steps could resolve the issue?

• A. Disabling the Source/Destination Check attribute on the NAT instance
• B. Attaching an Elastic IP address to the instance in the private subnet
• C. Attaching a second Elastic Network Interface (EN I) to the NAT instance, and placing it in the private sub net
• D. Attaching a second Elastic Network Interface (ENI) to the instance in the private subnet, and placing it in the public subnet

Answer: A

Explanation: Reference:http://docs.aws.amazon.com/workspaces/latest/adminguide/gsg_create_vpc.html