Skip to content
Home » AWS Solutions Architect Questions and Answers Part-14

AWS Solutions Architect Questions and Answers Part-14

    AWS Solutions Architect Questions and Answers Part-14

    Get ready to excel in your AWS Solutions Architect certification with this comprehensive collection of questions and answers. Covering critical topics like cloud architecture design, AWS services, security best practices, and cost optimization, these Q&A sessions will help you gain a deep understanding of AWS concepts and prepare effectively for the exam. Whether you are a beginner or an experienced professional, these answers provide clear explanations and practical examples to solidify your AWS knowledge and boost your confidence.

    1.Your company plans to host a large donation website on Amazon Web Services (AWS). You anticipate a large and undetermined amount of traffic that will create many database writes. To be certain that you do not drop any writes to a database hosted on AWS. Which service should you use?

    A.Amazon RDS with provisioned IOPS up to the anticipated peak write throughput.
     
    B.Amazon Simple Queue Service (SQS) for capturing the writes and draining the queue to write to the database.
     
    C.Amazon ElastiCache to store the writes until the writes are committed to the database.
     
    D.Amazon DynamoDB with provisioned write throughput up to the anticipated peak write throughput.
     
     
     

    B.Amazon Simple Queue Service (SQS) for capturing the writes and draining the queue to write to the database.

    click to know answer Collapse

    2.A benefits enrollment company is hosting a 3-tier web application running in a VPC on AWS which includes a NAT (Network Address Translation) instance in the public Web tier. There is enough provisioned capacity for the expected workload tor the new fiscal year benefit enrollment period plus some extra overhead Enrollment proceeds nicely for two days and then the web tier becomes unresponsive, upon investigation using CloudWatch and other monitoring tools it is discovered that there is an extremely large and unanticipated amount of inbound traffic coming from a set of 15 specific IP addresses over port 80 from a country where the benefits company has no customers. The web tier instances are so overloaded that benefit enrollment administrators cannot even SSH into them. Which activity would be useful in defending against this attack?

    A.Create a custom route table associated with the web tier and block the attacking IP addresses from the IGW (internet Gateway)
     
    B.Change the EIP (Elastic IP Address) of the NAT instance in the web tier subnet and update the Main Route Table with the new EIP
     
    C.Create 15 Security Group rules to block the attacking IP addresses over port 80
     
    D.Create an inbound NACL (Network Access control list) associated with the web tier subnet with deny rules to block the attacking IP addresses
     
     
     

    D.Create an inbound NACL (Network Access control list) associated with the web tier subnet with deny rules to block the attacking IP addresses

    click to know answer Collapse

    3.You are designing Internet connectivity for your VPC. The Web servers must be available on the Internet. The application must have a highly available architecture.

    Which alternatives should you consider? (Choose 2 answers)

    A.Configure a NAT instance in your VPC Create a default route via the NAT instance and associate it with all subnets Configure a DNS A record that points to the NAT instance public IP address.
     
    B.Configure a CloudFront distribution and configure the origin to point to the private IP addresses of your Web servers Configure a Route53 CNAME record to your CloudFront distribution.
     
    C.Place all your web servers behind EL8 Configure a Route53 CNMIE to point to the ELB DNS name.
     
    D.Assign BPs to all web servers. Configure a Route53 record set with all EIPs. With health checks and DNS failover.
     
    E.Configure ELB with an EIP Place all your Web servers behind ELB Configure a Route53
     
    record that points to the EIP
     
     
    C.Place all your web servers behind EL8 Configure a Route53 CNMIE to point to the ELB DNS name.
     
    D.Assign BPs to all web servers. Configure a Route53 record set with all EIPs. With health checks and DNS failover.
     
    click to know answer Collapse

    4.You require the ability to analyze a large amount of data, which is stored on Amazon S3 using Amazon Elastic Map Reduce. You are using the cc2 8x large Instance type, whose CPUs are mostly idle during processing. Which of the below would be the most cost efficient way to reduce the runtime of the job?

    A.Create more smaller flies on Amazon S3.
     
    B.Add additional cc2 8x large instances by introducing a task group.
     
    C.Use smaller instances that have higher aggregate I/O performance.
     
    D.Create fewer, larger files on Amazon S3.
     
     

    C.Use smaller instances that have higher aggregate I/O performance.

    click to know answer Collapse

    5.You are designing a connectivity solution between on-premises infrastructure and Amazon VPC Your server’s on-premises will De communicating with your VPC instances You will De establishing IPSec tunnels over the internet You will be using VPN gateways and terminating the IPsec tunnels on AWS-supported customer gateways.

    Which of the following objectives would you achieve by implementing an IPSec tunnel as outlined above? (Choose 4 answers)

    A.End-to-end protection of data in transit
     
    B.End-to-end Identity authentication
     
    C.Data encryption across the Internet
     
    D.Protection of data in transit over the Internet
     
    E.Peer identity authentication between VPN gateway and customer gateway
     
    F.Data integrity protection across the Internet
     
     
     
    C.Data encryption across the Internet
     
    D.Protection of data in transit over the Internet
     
    E.Peer identity authentication between VPN gateway and customer gateway
     
    F.Data integrity protection across the Internet
     
     
    click to know answer Collapse

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    Need Help?
    Call Now