SAP-C01 Practice Exam Tests Latest Updated on Dec-2021

Pass SAP-C01 Exam in First Attempt Guaranteed Dumps!

Understanding functional and technical aspects of AWS Certified SAP - Solutions Architect Exam Cost Control

The following will be dicussed in AMAZON SAP C01 dumps:

• Identify cost-effective storage solutions

Selecting the most cost-effective data storage possibilities based on specifications, and implementing automated processes to guarantee that data over time is stored on storage tiers that reduce costs

• Identify cost-effective compute and database services

Selecting the most cost-effective Amazon EC2 billing options for each aspect of the workload, determining the most cost-effective database options based on specifications, selecting suitable scaling strategies from a cost viewpoint, selecting and size compute resources that are optimally suited for the workload, determining possibilities to decrease total cost of ownership (TCO) by managed services and serverless architectures

• Design cost-optimized network architectures

Identifying when the content transfer can be used to decrease costs, determining strategies to decrease data transfer costs within Amazon Web Services, determining the most cost-effective connectivity choices between AWS and on-premises environments

AWS SAP-C01 Exam Certification Details:

Schedule Exam	PEARSON VUE
Passing Score	750 / 1000
Recommended Training / Books	Advanced Architecting on AWS
Exam Code	SAP-C01
Exam Price	$300 USD
Number of Questions	75
Sample Questions	AWS SAP-C01 Sample Questions
Duration	180 minutes
Exam Name	AWS Solutions Architect Professional (AWS-SAP)

AWS Certified SAP - Solutions Architect Exam Certified Professional salary

The estimated average salary of AWS Certified SAP - Solutions Architect Exam is listed below:

• Europe: 122,755 EURO
• England: 105,649 POUND
• India: 10,893,118 INR
• United States: 149,446 USD

 

NEW QUESTION 32
An online retail company hosts its stateful web-based application and MySQL database in an on-premises data center on a single server. The company wants to increase its customer base by conducting more marketing campaigns and promotions. In preparation, the company wants to migrate its application and database to AWS to increase the reliability of its architecture.
Which solution should provide the HIGHEST level of reliability?

• A. Migrate the database to an Amazon RDS MariaDB Multi-AZ DB instance. Deploy the application in an Auto Scaling group on Amazon EC2 instances behind an Application Load Balancer. Store sessions in Amazon ElastiCache for Memcached.
• B. Migrate the database to Amazon DocumentDB (with MongoDB compatibility). Deploy the application in an Auto Scaling group on Amazon EC2 instances behind a Network Load Balancer. Store sessions in Amazon Kinesis Data Firehose.
• C. Migrate the database to an Amazon RDS MySQL Multi-AZ DB instance. Deploy the application in an Auto Scaling group on Amazon EC2 instances behind an Application Load Balancer. Store sessions in Amazon Neptune.
• D. Migrate the database to Amazon Aurora MySQL. Deploy the application in an Auto Scaling group on Amazon EC2 instances behind an Application Load Balancer. Store sessions in an Amazon ElastiCache for Redis replication group.

Answer: C

 

NEW QUESTION 33
If I write the below command, what does it do?
ec2-run ami-e3a5408a -n 20 -g appserver

• A. Start 20 security groups
• B. Creates 20 rules in the security group named appserver
• C. Terminate twenty instances as members of appserver group.
• D. Start twenty instances as members of appserver group.

Answer: D

 

NEW QUESTION 34
A company is storing data on premises on a Windows file server. The company produces 5 GB of new data daily.
The company migrated part of its Windows-based workload to AWS and needs the data to be available on a file system in the cloud. The company already has established an AWS Direct Connect connection between the on-premises network and AWS.
Which data migration strategy should the company use?

• A. Use the file gateway option in AWS Storage Gateway to replace the existing Windows file server, and point the existing file share to the new file gateway.
• B. Use AWS DataSync to schedule a daily task lo replicate data between the on-premises Windows file server and Amazon Elastic File System (Amazon EFS),
• C. Use AWS DataSync to schedule a daily task to replicate data between the on-premises Windows file server and Amazon FSx.
• D. Use AWS Data Pipeline to schedule a daily task to replicate data between the on-premises Windows file server and Amazon Elastic File System (Amazon EFS).

Answer: C

 

NEW QUESTION 35
A group of research institutions and hospitals are in a partnership to study 2 PBs of genomic data. The institute that owns the data stores it in an Amazon S3 bucket and updates it regularly. The institute would like to give all of the organizations in the partnership read access to the data. All members of the partnership are extremely cost-conscious, and the institute that owns the account with the S3 bucket is concerned about covering the costs for requests and data transfers from Amazon S3.
Which solution allows for secure datasharing without causing the institute that owns the bucket to assume all the costs for S3 requests and data transfers?

• A. Ensure that all organizations in the partnership have AWS accounts. Create a bucket policy on the bucket that owns the data. The policy should allow the accounts in the partnership read access to the bucket. Enable Requester Pays on the bucket. Have the organizations use their AWS credentials when accessing the data.
• B. Ensure that all organizations in the partnership have AWS accounts. Configure buckets in each of the accounts with a bucket policy that allows the institute that owns the data the ability to write to the bucket. Periodically sync the data from the institute's account to the other organizations. Have the organizations use their AWS credentials when accessing the data using their accounts.
• C. Ensure that all organizations in the partnership have AWS accounts. In the account with the S3 bucket, create a cross-account role for each account in the partnership that allows read access to the data. Have the organizations assume and use that read role when accessing the data.
• D. Ensure that all organizations in the partnership have AWS accounts. In the account with the S3 bucket, create a cross-account role for each account in the partnership that allows read access to the data. Enable Requester Pays on the bucket. Have the organizations assume and use that read role when accessing the data.

Answer: C

 

NEW QUESTION 36
A company has multiple lines of business (LOBs) that roll up to the parent company. The company has asked its solutions architect to develop a solution with the following requirements:
* Produce a single AWS invoice for all of the AWS accounts used by its LOBs
* The costs for each LOB account should be broken out on the invoice
* Provide the ability to restrict services and features in the LOB accounts, as defined by the company's governance policy
* Each LOB account should be delegated full administrator permissions, regardless of the governance policy Which combination of steps should the solutions architect take to meet these requirements? (Select TWO.)

• A. Use AWS Organizations to create a single organization in the parent account Then, invite each LOB's AWS account to pin the organization
• B. Create an SCP that allows only approved services and features, then apply the policy to the LOB accounts
• C. Implement service quotas to define the services and features that are permitted and apply the quotas to each LOB. as appropriate
• D. Enable consolidated billing in the parent account's billing console and link the LOB accounts
• E. Use AWS Organizations to create an organization in the parent account for each LOB Then invite each LOB account to the appropriate organization

Answer: B,D

 

NEW QUESTION 37
A photo-sharing and publishing company receives 10,000 to 150,000 images daily. The company receives the images from multiple suppliers and users registered with the service. The company is moving to AWS and wants to enrich the existing metadata by adding data using Amazon Rekognition.
The following is an example of the additional data:

As part of the cloud migration program, the company uploaded existing image data to Amazon S3 and told users to upload images directly to Amazon S3.
What should the Solutions Architect do to support these requirements?

• A. Use Amazon Kinesis to stream data based on an S3 event. Use an application running in Amazon EC2 to extract metadata from the images. Then store the data on Amazon DynamoDB and Amazon CloudSearch and create an index. Use a web front-end with search capabilities backed by CloudSearch.
• B. Trigger AWS Lambda based on an S3 event notification to create additional metadata using Amazon Rekognition. Use Amazon DynamoDB to store the metadata and Amazon ES to create an index. Use a web front-end to provide search capabilities backed by Amazon ES.
• C. Trigger AWS Lambda based on an S3 event notification to create additional metadata using Amazon Rekognition. Use Amazon RDS MySQL Multi-AZ to store the metadata information and use Lambda to create an index. Use a web front-end with search capabilities backed by Lambda.
• D. Start an Amazon SQS queue based on S3 event notifications. Then have Amazon SQS send the metadata information to Amazon DynamoDB. An application running on Amazon EC2 extracts data from Amazon Rekognition using the API and adds data to DynamoDB and Amazon ES. Use a web front-end to provide search capabilities backed by Amazon ES.

Answer: B

Explanation:
Explanation
https://github.com/aws-samples/lambda-refarch-imagerecognition

 

NEW QUESTION 38
A company is designing a new highly available web application on AWS. The application requires consistent and reliable connectivity from the application servers in AWS to a backend REST API hosted in the company's on-premises environment. The backend connection between AWS and on-premises will be routed over an AWS Direct Connect connection through a private virtual interface. Amazon Route 53 will be used to manage private DNS records for the application to resolve the IP address on the backend REST API.
Which design would provide a reliable connection to the backend API?

• A. Create an IPSec VPN connection routed over the public internet from the on-premises data center to AWS and attach it to the same virtual private gateway as the Direct Connect connection.
• B. Implement at least two backend endpoints for the backend REST API, and use Route 53 health checks to monitor the availability of each backend endpoint and perform DNS-level failover.
• C. Install a second cross connect for the same Direct Connect connection from the same network carrier, and join both connections to the same link aggregation group (LAG) on the same private virtual interface.
• D. Install a second Direct Connect connection from a different network carrier and attach it to the same virtual private gateway as the first Direct Connect connection.

Answer: A

Explanation:
Explanation
https://docs.aws.amazon.com/directconnect/latest/UserGuide/virtualgateways.html 1 VGW by DX

 

NEW QUESTION 39
A company has an application that generates a weather forecast that is updated every 15 minutes with an output resolution of 1 billion unique positions, each approximately 20 bytes in size (20 Gigabytes per forecast). Every hour, the forecast data is globally accessed approximately 5 million times (1,400 requests per second), and up to 10 times more during weather events. The forecast data is overwritten every update. Users of the current weather forecast application expect responses to queries to be returned in less than two seconds for each request.
Which design meets the required request rate and response time?

• A. Store forecast locations in an Amazon EFS volume. Create an Amazon CloudFront distribution that targets an Elastic Load Balancing group of an Auto Scaling fleet of Amazon EC2 instances that have mounted the Amazon EFS volume. Set the set cache-control timeout for 15 minutes in the CloudFront distribution.
• B. Store forecast locations in an Amazon ES cluster. Use an Amazon CloudFront distribution targeting an API Gateway endpoint with AWS Lambda functions responding to queries as the origin. Create an Amazon Lambda@Edge function that caches the data locally at edge locations for 15 minutes.
• C. Store forecast locations in an Amazon ES cluster. Use an Amazon CloudFront distribution targeting an Amazon API Gateway endpoint with AWS Lambda functions responding to queries as the origin. Enable API caching on the API Gateway stage with a cache-control timeout set for 15 minutes.
• D. Store forecast locations in an Amazon S3 as individual objects. Create an Amazon CloudFront distribution targeting an Elastic Load Balancing group of an Auto Scaling fleet of EC2 instances, querying the origin of the S3 object. Set the cache-control timeout for 15 minutes in the CloudFront distribution.

Answer: C

Explanation:
https://aws.amazon.com/blogs/networking-and-content-delivery/lambdaedge-design-best-practices/

 

NEW QUESTION 40
A travel company built a web application that uses Amazon Simple Email Service (Amazon SES) to send email notifications to users. The company needs to enable logging to help troubleshoot email delivery issues.
The company also needs the ability to do searches that are based on recipient, subject, and time sent.
Which combination of steps should a solutions architect take to meet these requirements? (Select TWO.)

• A. Create an Amazon CloudWatch log group. Configure Amazon SES to send logs to the log group.
• B. Use Amazon Athena to query the logs in Amazon CloudWatch for recipient, subject, and time sent.
• C. Create an Amazon SES configuration set with Amazon Kinesis Data Firehose as the destination. Choose to send logs to an Amazon S3 bucket.
• D. Enable AWS CloudTrail logging. Specify an Amazon S3 bucket as the destination for the logs.
• E. Use Amazon Athena to query the logs in the Amazon S3 bucket for recipient, subject, and time sent.

Answer: D,E

 

NEW QUESTION 41
A government client needs you to set up secure cryptographic key storage for some of their extremely confidential data. You decide that the AWS CloudHSM is the best service for this.
However, there seem to be a few pre-requisites before this can happen, one of those being a security group that has certain ports open.
Which of the following is correct in regards to those security groups?

• A. A security group that has only port 3389 (for RDP) open to your network.
• B. A security group that has port 22 (for SSH) or port 3389 (for RDP) open to your network.
• C. A security group that has no ports open to your network.
• D. A security group that has only port 22 (for SSH) open to your network.

Answer: B

Explanation:
Explanation
AWS CloudHSM provides secure cryptographic key storage to customers by making hardware security modules (HSMs) available in the AWS cloud.
AWS CloudHSM requires the following environment before an HSM appliance can be provisioned. A virtual private cloud (VPC) in the region where you want the AWS CloudHSM service. One private subnet (a subnet with no Internet gateway) in the VPC. The HSM appliance is provisioned into this subnet.
One public subnet (a subnet with an Internet gateway attached). The control instances are attached to this subnet.
An AWS Identity and Access Management (IAM) role that delegates access to your AWS resources to AWS CloudHSM.
An EC2 instance, in the same VPC as the HSM appliance, that has the SafeNet client software installed. This instance is referred to as the control instance and is used to connect to and manage the HSM appliance.
A security group that has port 22 (for SSH) or port 3389 (for RDP) open to your network. This security group is attached to your control instances so you can access them remotely.

 

NEW QUESTION 42
A company is creating a REST API to share information with six of Its partners based m the United States.
The company has created an Amazon API Gateway Regional endpoint Each of the six partners will access the API once per day to post daily sales figures.
After Initial deployment the company observes 1,000 requests per second originating from 500 different IP addresses around the world. The company believes this traffic is originating from a botnet end wants to secure its API while minimizing cost.
Which approach should the company take to secure its API?

• A. Create an AWS WAF web ACL with a rule to allow access to the IP addresses used by the six partners Associate the web ACL with the API Create a resource policy with a request limit and associate it with the API Configure the API to require an API key on the POST method
• B. Create an AWS WAF web ACL with a rule to allow access to the IP addresses used by the six partners Associate the web ACL with the API Create a usage plan with a request limit and associate it with the API. Create an API key and add it to the usage plan.
• C. Create an Amazon CloudFront distribution with the API as the origin Create an AWS WAF web ACL with a rule to block clients that submit more than five requests per day. Associate the web ACL with the CloudFront distribution Add a custom header to the CloudFront distribution populated with an API key Configure the API to require an API key on the POST method
• D. Create an Amazon CloudFront distribution with the API as the origin Create an AWS WAF web ACL with a rule to block clients that submit more than five requests per day. Associate the web ACL with the CloudFront distribution Configure CloudFront with an origin access identity (OAI) and associate it with the distribution Configure API Gateway to ensure only the OAI can execute the POST method

Answer: B

 

NEW QUESTION 43
A Development team is deploying new APIs as serverless applications within a company. The team is currently using the AWS Management Console to provision Amazon API Gateway, AWS Lambda, and Amazon DynamoDB resources. A Solutions Architect has been tasked with automating the future deployments of these serverless APIs.
How can this be accomplished?

• A. Use the AWS Serverless Application Model to define the resources. Upload a YAML template and application files to the code repository. Use AWS CodePipeline to connect to the code repository and to create an action to build using AWS CodeBuild. Use the AWS CloudFormation deployment provider in CodePipeline to deploy the solution.
• B. Commit the application code to the AWS CodeCommit code repository. Use AWS CodePipeline and connect to the CodeCommit code repository. Use AWS CodeBuild to build and deploy the Lambda functions using AWS CodeDeploy. Specify the deployment preference type in CodeDeploy to gradually shift traffic over to the new version.
• C. Use AWS CloudFormation with a Lambda-backed custom resource to provision API Gateway. Use the AWS::DynamoDB::Table and AWS::Lambda::Function resources to create the Amazon DynamoDB table and Lambda functions. Write a script to automate the deployment of the CloudFormation template.
• D. Use AWS CloudFormation to define the serverless application. Implement versioning on the Lambda functions and create aliases to point to the versions. When deploying, configure weights to implement shifting traffic to the newest version, and gradually update the weights as traffic moves over.

Answer: A

 

NEW QUESTION 44
A company is running a high-user-volume media-sharing application on premises. It currently hosts about 400 TB of data with millions of video files. The company is migrating this application to AWS to improve reliability and reduce costs.
The Solutions Architecture team plans to store the videos in an Amazon S3 bucket and use Amazon CloudFront to distribute videos to users. The company needs to migrate this application to AWS 10 days with the least amount of downtime possible. The company currently has 1 Gbps connectivity to the Internet with 30 percent free capacity.
Which of the following solutions would enable the company to migrate the workload to AWS and meet all of the requirements?

• A. Request multiple AWS Snowball devices to be delivered to the data center. Load the data concurrently into these devices and send it back. Have AWS download that data to the Amazon S3 bucket. Sync the new data that was generated while migration was in flight.
• B. Use an Amazon S3 client to transfer data from the data center to the Amazon S3 bucket over the Internet. Use the throttling feature to ensure the Amazon S3 client does not use more than 30 percent of available Internet capacity.
• C. Request an AWS Snowmobile with 1 PB capacity to be delivered to the data center. Load the data into Snowmobile and send it back to have AWS download that data to the Amazon S3 bucket. Sync the new data that was generated while migration was in flight.
• D. Use a multi-part upload in Amazon S3 client to parallel-upload the data to the Amazon S3 bucket over the Internet. Use the throttling feature to ensure that the Amazon S3 client does not use more than 30 percent of available Internet capacity.

Answer: A

 

NEW QUESTION 45
A software company hosts an application on AWS with resources in multiple AWS accounts and Regions The application runs on a group of Amazon EC2 instances m an application VPC located in the us-east-1 Region with an IPv4 CIDR block of 10.10.0.0/16. In a different AWS account, a shared services VPC is located in the us-east-2 Region with an IPv4 CIDR block of 10.10.10.0/24. When a cloud engineer uses AWS CloudFormation to attempt to peer the application VPC with the shared services VPC. an error message indicates a peering failure.
Which factors could cause this error? (Select TWO )

• A. One of the VPCs was not shared through AWS Resource Access Manager.
• B. One or both accounts do not have access to an internet gateway
• C. The IPv4 CIDR ranges of the tv/o VPCs overlap
• D. The VPCs are not in the same Region
• E. The IAM role in the peer accepter account does not have the correct permissions.

Answer: C,D

 

NEW QUESTION 46
Do you need to use Amazon Cognito to use the Amazon Mobile Analytics service?

• A. No. However, it is recommend by AWS to use Amazon Cognito for security best practices.
• B. Yes. You need to use it only if you have IAM root access.
• C. Yes. It is recommended by AWS to use Amazon Cognito to use Amazon Mobile Analytics service.
• D. No. You cannot use it at all, and you need to use AWS IAM accounts.

Answer: A

Explanation:
Explanation
You can initialize Amazon Mobile Analytics using AWS IAM accounts. AWS recommend using Amazon Cognito for security best practices.
http://aws.amazon.com/mobileanalytics/faqs/

 

NEW QUESTION 47
An enterprise company wants to allow its developers to purchase third-party software through AWS Marketplace. The company uses an AWS Organizations account structure with full features enabled, and has a shared services
46 account in each organizational unit (OU) that will be used by procurement managers. The procurement team's policy indicates that developers should be able to obtain third-party software from an approved list only and use Private Marketplace in AWS Marketplace to achieve this requirement. The procurement team wants administration of Private Market procurement managers. Other 1AM users, groups, roles, and account administrators in the company should be denied Private Marketplace administrative access.
What is the MOST efficient way to design an architecture to meet these requirements?

• A. Create an 1AM role named procurement-manager-role in all AWS accounts in the organization. Add the AdministratorAccess managed policy to the role. Define a permissions boundary with the AWSPrivateMarketplaceAdminFullAccess managed policy and attach it to all the developer roles.
• B. Create an 1AM role named procurement-manager-role in all the shared services accounts in the organization. Add the AWSPrivateMarketplaceAdminFullAccess managed policy to the role. Create an organization root- level SCP to deny permissions to administer Private Marketplace to everyone except the role named procurement-manage named procurement-manager-role to everyone in the organization.
• C. Create an 1AM role named procurement-manager-role in the AWS accounts that will be used by developers. Add the AWSPrivateMarketplaceAdminFullAccess managed policy to the role. Create an SCP in Organizations to deny permissions to administer Private Marketplace to everyone except the role named procurement
• D. Create an 1AM role named procurement-manager-role in all AWS accounts in the organization. Add the PowerUserAccess managed policy to the role. Apply an inline policy to all 1AM users and roles in every AWS account to deny permissions on the AWSPrivateMarketplaceAdminFullAccess managed policy.

Answer: C

 

NEW QUESTION 48
A company has an organization in AWS Organizations that has a large number of AWS accounts. One of the AWS accounts is designated as a transit account and has a transit gateway that is shared with all of the other AWS accounts AWS Site-to-Site VPN connections are configured between all of the company's global offices and the transit account. The company has AWS Config enacted on all of its accounts.
The company's networking team needs to centrally manage a list of internal IP address ranges that belong to the global offices. Developers will reference this list to gain access to their applications Securely.
Which solution meets these requirements with the LEAST amount of operational overhead?

• A. Create a new AWS Config managed rule that contains all of the internal IP address ranges. Use the rule to check the security groups in each of the accounts to ensure compliance with the list of IP address ranges. Configure the rule to automatically remediate any noncompliant security group that is detected.
• B. Create a JSON file that is hosted in Amazon S3 and that lists all of the internal IP address ranges.
  Configure ar Amazon Simple Notification Service (Amazon SNS) topic in each of the accounts that can be invoked when the JSON file is updated Subscribe an AWS Lambda function to the SNS topic to update all relevant security group rules with the updated IP address
• C. In the transit account, create a VPC prefix list with all of the internal IP address ranges Use AWS Resource Access Manage* to share the prefix list with all of the other accounts Use the snored prefix list to configure security group rules in the other accounts.
• D. In the transit account, create a security group with all of the internal IP address ranges Configure the security groups in the other accounts to reference the transit account's security group by using a nested security group reference of "<transit-account-id>/sg-1a2b3c4d".

Answer: C

 

NEW QUESTION 49
A company is planning the migration of several lab environments used for software testing. An assortment of custom tooling is used to manage the test runs for each lab. The labs use immutable infrastructure for the software test runs, and the results are stored in a highly available SQL database cluster. Although completely rewriting the custom tooling is out of scope for the migration project, the company would like to optimize workloads during the migration.
Which application migration strategy meets this requirement?

• A. Retire
• B. Re-platform
• C. Re-host
• D. Re-factor/re-architect

Answer: B

Explanation:
Explanation
https://aws.amazon.com/blogs/enterprise-strategy/6-strategies-for-migrating-applications-to-the-cloud/

 

NEW QUESTION 50
ABC has created a multi-tenant Learning Management System (LMS). The application is hosted for five different tenants (clients) in the VPCs of the respective AWS accounts of the tenant. ABC wants to setup a centralized server which can connect with the LMS of each tenant upgrade if required. ABC also wants to ensure that one tenant VPC should not be able to connect to the other tenant VPC for security reasons.
How can ABC setup this scenario?

• A. ABC has to setup one centralized VPC which will peer in to all the other VPCs of the tenants.
• B. ABC should setup all the VPCs with the same CIDR but have a centralized VPC. This way only the centralized VPC can talk to the other VPCs using VPC peering.
• C. ABC should setup VPC peering with all the VPCs peering each other but block the IPs from CIDR of the tenant VPCs to deny them.
• D. ABC should setup all the VPCs meshed together with VPC peering for all VPCs.

Answer: A

Explanation:
Explanation
A Virtual Private Cloud (VPC) is a virtual network dedicated to the user's AWS account. It enables the user to launch AWS resources into a virtual network that the user has defined. A VPC peering connection allows the user to route traffic between the peer VPCs using private IP addresses as if they are a part of the same network.
This is helpful when one VPC from the same or different AWS account wants to connect with resources of the other VPC. The organization wants to setup that one VPC can connect with all the other VPCs but all other VPCs cannot connect among each other. This can be achieved by configuring VPC peering where one VPC is peered with all the other VPCs, but the other VPCs are not peered to each other. The VPCs are in the same or a separate AWS account and should not have overlapping CIDR blocks.
http://docs.aws.amazon.com/AmazonVPC/latest/PeeringGuide/peering-configurations-full-access.html#many-vp

 

NEW QUESTION 51
..........
What should the solutions architect do to collect dependency information from the on-premises servers to guide the order of migration?

• A. Deploy the AWS Agentless Discovery Connector OVA file in the VMware environment
• B. Deploy the AWS Server Migration Connector OVA file in the VMware environment
• C. Deploy AWS Management Portal for vCenter in the VMware environment
• D. Deploy the AWS Application Discovery Agent to all servers in the VMware environment

Answer: A

 

NEW QUESTION 52
A company has a photo sharing social networking application.
To provide a consistent experience for users, the company performs some image processing on the photos uploaded by users before publishing on the application.
The image processing is implemented using a set of Python libraries.
The current architecture is as follows:
* The image processing Python code runs in a single Amazon EC2 instance and stores the processed images in an Amazon S3 bucket named ImageBucket.
* The front-end application, hosted in another bucket, loads the images from ImageBucket to display to users.
With plans for global expansion, the company wants to implement changes in its existing architecture to be able to scale for increased demand on the application and reduce management complexity as the application scales.
Which combination of changes should a solutions architect make? (Select TWO.)

• A. Use AWS Lambda to run the image processing tasks.
• B. Use Amazon CloudFront in front of ImageBucket.
• C. Deploy the applications in an Amazon ECS cluster and apply Service Auto Scaling.
• D. Place the image processing EC2 instance into an Auto Scaling group.
• E. Use Amazon Rekognition for image processing.

Answer: A,E

 

NEW QUESTION 53
A company that designs multiplayer online games wants to expand its user base outside of Europe. The company transfers a significant amount of UDP traffic to keep all the live and interactive sessions of the games. The company has plans for rapid expansion and wants to build its architecture to provide an optimized online experience to its users.
Which architecture will meet these requirements with the LOWEST latency for users?

• A. Set up environments in multiple AWS Regions. Create an accelerator in AWS Global Accelerator, and add endpoints from different Regions to it.
• B. Set up a Multi-AZ environment in a single AWS Region. Use AWS Lambda@Edge to update sessions closer to the users.
• C. Set up environments in multiple AWS Regions. Use Amazon Route 53, and select latency-based routing.
• D. Set up a Multi-AZ environment in a single AWS Region. Use Amazon CloudFront to cache user sessions.

Answer: A

 

NEW QUESTION 54
A company uses an Amazon EMR cluster to process data once a day. The raw data comes from Amazon S3, and the resulting processed data is also stored in Amazon S3. The processing must complete within 4 hours; currently, it only takes 3 hours. However, the processing time is taking 5 to 10 minutes. longer each week due to an increasing volume of raw data.
The team is also concerned about rising costs as the compute capacity increases. The EMR cluster is currently running on three m3.xlarge instances (one master and two core nodes).
Which of the following solutions will reduce costs related to the increasing compute needs?

• A. Add additional task nodes, but use instance fleets with the master node in Spot mode and a mix of On-Demand and Spot Instances for the core and task nodes. Purchase enough scheduled Reserved Instances to offset the cost of running any On-Demand instances.
• B. Add additional task nodes, but use instance fleets with the master node in On-Demand mode and a mix of On-Demand and Spot Instances for the core and task nodes. Purchase a standard all-upfront Reserved Instance for the master node.
• C. Add additional task nodes, but have the team purchase an all-upfront convertible Reserved Instance for each additional node to offset the costs.
• D. Add additional task nodes, but use instance fleets with the master node in on-Demand mode and a mix of On-Demand and Spot Instances for the core and task nodes. Purchase a scheduled Reserved Instances for the master node.

Answer: D

Explanation:
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-scheduled-instances.html

 

NEW QUESTION 55
......

AWS Certified Solutions Architect  Free Certification Exam Material from VCE4Dumps with 228 Questions: https://www.vce4dumps.com/SAP-C01-valid-torrent.html

SAP-C01 Dumps Full Questions - Exam Study Guide: https://drive.google.com/open?id=1XUavLGCT-3JD_YBo2tFFZMEgq0r4rFIw