Skip to content
Home » AWS Solutions Architect Questions and Answers Part-10

AWS Solutions Architect Questions and Answers Part-10

    AWS Solutions Architect Questions and Answers Part-10

    Get ready to excel in your AWS Solutions Architect certification with this comprehensive collection of questions and answers. Covering critical topics like cloud architecture design, AWS services, security best practices, and cost optimization, these Q&A sessions will help you gain a deep understanding of AWS concepts and prepare effectively for the exam. Whether you are a beginner or an experienced professional, these answers provide clear explanations and practical examples to solidify your AWS knowledge and boost your confidence.

     

    1.Your company currently has a 2-tier web application running in an on-premises data center. You have experienced several infrastructure failures in the past two months resulting in significant financial losses. Your CIO is strongly agreeing to move the application to AWS. While working on achieving buy-in from the other company executives, he asks you to develop a disaster recovery plan to help improve Business continuity in the short term. He specifies a target Recovery Time Objective (RTO) of 4 hours and a Recovery Point Objective (RPO) of 1 hour or less. He also asks you to implement the solution within 2 weeks. Your database is 200GB in size and you have a 20Mbps Internet connection. How would you do this while minimizing costs?

           

           A.Create an EBS backed private AMI which includes a fresh install or your                        application. Setup a script in your data center to backup the local database                  every 1 hour and to encrypt and copy the resulting file to an S3 bucket using                multi-part upload.

            b.Install your application on a compute-optimized EC2 instance capable of                       supporting the application’s average load synchronously replicate transactions             from your on-premises database to a database instance in AWS across a                       secure Direct Connect connection.

            C.Deploy your application on EC2 instances within an Auto Scaling group across               multiple availability zones asynchronously replicate transactions from your on-             premises database to a database instance in AWS across a secure VPN                         connection.

             D.Create an EBS backed private AMI that includes a fresh install of your                       application. Develop a Cloud Formation template which includes your AMI and               the required EC2. Auto-Scaling and ELB resources to support deploying the                   application across Multiple-Ability Zones. Asynchronously replicate transactions           from your on-premises database to a database instance in AWS across a secure           VPN connection.

     D.Create an EBS backed private AMI which includes a fresh install of your application. Develop a CloudFormation template which includes your AMI and the required EC2, AutoScaling, and ELB resources to support deploying the application across Multiple- Availability-Zones. Asynchronously replicate transactions from your on-premises database to a database instance in AWS across a secure VPN connection.

    Click to know answer Collapse

     

    2.You currently operate a web application In the AWS US-East region The application runs on an auto-scaled layer of EC2 instances and an RDS Multi-AZ database Your IT security compliance officer has tasked you to develop a reliable and durable logging solution to track changes made to your EC2.IAM And RDS resources. The solution must ensure the integrity and confidentiality of your log data. Which of these solutions would you recommend?

           

            A.Create a new CloudTrail trail with one new S3 bucket to store the logs and with             the global services option selected Use IAM roles S3 bucket policies and Multi             Factor Authentication (MFA) Delete on the S3 bucket that stores your logs.

     
            B.Create a new CloudTrail with one new S3 bucket to store the logs Configure                   SNS  to send log file delivery notifications to your management system Use                   IAM  roles and S3 bucket policies on the S3 bucket mat stores your logs.
     
            C.Create a new CloudTrail trail with an existing S3 bucket to store the logs and               with the global services option selected Use S3 ACLs and Multi Factor                           Authentication (MFA) Delete on the S3 bucket that stores your logs.
     
            D.Create three new CloudTrail trails with three new S3 buckets to store the logs               one for the AWS Management console, one for AWS SDKs and one for command             line tools Use IAM roles and S3 bucket policies on the S3 buckets that store                 your logs.

     

    A.Create a new CloudTrail trail with one new S3 bucket to store the logs and with the global services option selected. Use IAM roles S3 bucket policies and Multi Factor Authentication (MFA) Delete on the S3 bucket that stores your logs.

    Click to know answer Collapse

    3.A large real-estate brokerage is exploring the option o( adding a cost-effective location based alert to their existing mobile application The application backend infrastructure currently runs on AWS Users who opt in to this service will receive alerts on their mobile device regarding real-estate otters in proximity to their location. For the alerts to be relevant delivery time needs to be in the low minute count the existing mobile app has 5 million users across the us Which one of the following architectural suggestions would you make to the customer?

           
           A.The mobile application will submit its location to a web service endpoint                      utilizing Elastic Load Balancing and EC2 instances: DynamoDB will be used to              store and retrieve relevant otters EC2 instances will communicate with mobile              earners/device providers to push alerts back to mobile application.
     
           B.Use AWS DirectConnect or VPN to establish connectivity with mobile carriers                EC2 instances will receive the mobile applications ‘ location through carrier                  connection: ROS will be used to store and relevant relevant offers EC2                          instances will communicate with mobile carriers to push alerts back to the                    mobile application
     
           C.The mobile application will send device location using SQS. EC2 instances will              retrieve the relevant others from DynamoDB AWS Mobile Push will be used to                send offers to the mobile application
     
           D.The mobile application will send device location using AWS Mobile Push EC2                instances will retrieve the relevant offers from DynamoDB EC2 instances will                communicate with mobile carriers/device providers to push alerts back to the              mobile application.

     

    C.The mobile application will send device location using SQS. EC2 instances will retrieve the relevant others from DynamoDB. AWS Mobile Push will be used to send offers to the mobile application.

    Click to know answer Collapse

    4.Your system recently experienced down time during the troubleshooting process. You found that a new administrator mistakenly terminated several production EC2 instances.
    Which of the following strategies will help prevent a similar situation in the future?
    The administrator still must be able to:

    launch, start stop, and terminate development resources.

    launch and start production instances.

           
     
     
             A.Create an IAM user, which is not allowed to terminate instances by
                leveraging production EC2 termination protection.
     
             B.Leverage resource based tagging along with an IAM user, which can prevent                  specific users from terminating production EC2 resources.
     
             C.Leverage EC2 termination protection and multi-factor authentication, which                  together require users to authenticate before terminating EC2 instances
     
             D.Create an IAM user and apply an IAM role which prevents users from                            terminating production EC2 instances.

    C.Leverage EC2 termination protection and multi-factor authentication, which together require users to authenticate before terminating EC2 instances

    Click to know answer Collapse

    5.Your company has recently extended its datacenter into a VPC on AVVS to add burst computing capacity as needed Members of your Network Operations Center need to be able to go to the AWS Management Console and administer Amazon EC2 instances as necessary You don’t want to create new IAM users for each NOC member and make those users sign in again to the AWS Management Console Which option below will meet the needs for your NOC members?

             
             A.Use OAuth 2 0 to retrieve temporary AWS security credentials to enable
                 your   NOC members to sign in to the AVVS Management Console.
     
              B.Use web Identity Federation to retrieve AWS temporary security
                credentials to enable your NOC members to sign in to the AWS Management                  Console.
     
              C.Use your on-premises SAML 2 O-compliant identity provider (IDP) to
                grant the NOC members federated access to the AWS Management Console
                via the AWS single sign-on (SSO) endpoint.
     
              D.Use your on-premises SAML2.0-compliam identity provider (IDP) to
                 retrieve temporary security credentials to enable NOC members to sign
                in to the AWS Management Console.

    C.Use your on-premises SAML 2.0-compliant identity provider (IDP) to grant the NOC members federated access to the AWS Management Console via the AWS single sign-on (SSO) endpoint

    Click to know answer Collapse

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    Need Help?
    Call Now