AWS Certified Solutions Architect Associate - Practice Exam 1

A fleet of EC2 instances running in a private subnet needs to connect to the Internet using the IPv6 protocol. What service should we configure to enable this connectivity?

Amazon EC2 instances run between 10 am and 6 pm Monday-Thursday in a development environment. Production instances run 24/7. Which pricing models should be used? (Select TWO)

A web application is deployed in multiple regions behind an Application Load Balancer. We need routing to the closest region and automatic failover, and also traffic should traverse the AWS global network for consistent performance. How can this be achieved?

A database currently uses an in-memory cache. We must deliver a solution that supports high availability and replication for the caching layer. Which service should we use?

Data that is going to be stored in Amazon Glacier must be delivered within 5 minutes of a retrieval request. Which features in Amazon Glacier can help meet this requirement?

Which AWS service should a Solutions Architect recommend to his company’s development team if they want to upload the “.war” source code file of a Java application while handling the provisioning and management of the underlying resources it will run on?

The Systems Administrators in a company currently use Chef for configuration management of on-premise servers. Which AWS service can a Solutions Architect use to provide a fully-managed configuration management service that will enable the use of existing Chef cookbooks?

Which is the MOST cost-effective storage option for a service that provides offsite backups for different devices and has to support millions of customers, in which the images will be retrieved infrequently but must be available for retrieval immediately.

Which service provides visibility into user activity by recording actions taken on your account?

A multi-tier web application currently hosts two web services on the same set of instances, listening for traffic on different ports. Which AWS service should we use to route traffic to the service based on the incoming request path?

What is the best way to transfer hundreds of terabytes of data from their on-premise data center into Amazon S3 with limited bandwidth available?

An application requires a MySQL database which will only be used several times a week for short periods. The database needs to provide automatic instantiation and scaling. Which database service is most suitable?

What advantage from this list does Amazon CloudFront provide?

A data lake solution in Amazon S3 must analyze huge datasets from time to time (infrequent SQL queries only). Which AWS service should be used to meet these requirements if we want to minimize infrastructure costs?

An application runs on a series of EC2 instances in an Auto Scaling group running in a private subnet. How can we enable the application to download software updates from the Internet involving minimal ongoing systems management effort?

We are designing an application that includes an Auto Scaling group of Amazon EC2 Instances running behind an Elastic Load Balancer. All the web servers must be accessible only through the Elastic Load Balancer and none directly from the Internet. How should the Architect meet these requirements?

A company is generating large datasets with millions of rows that must be summarized by column, and reports will be built using business intelligence tools. Which storage service meets the requirements?

Some images must be encrypted at rest in Amazon S3, but the company doesn’t want to spend time managing and rotating the keys, although this company wants to control who can access those keys. What should a solutions architect use to accomplish this?

A High-Performance Computing (HPC) which requires low network latency and high throughput between nodes, will be deployed in a single AZ. How should the application be deployed for the best inter-node performance?

Your Business Intelligence team uses SQL tools to analyze data. What would be the best solution for performing queries on structured data received at a high velocity?

A company stores important data in an Amazon S3 bucket. A solutions architect needs to ensure that data can be recovered in case of accidental deletion. How can we do that?

We are working on an application for a social media website where users can be friends with each other, like each other’s posts, and send messages between them. Which database do you recommend to perform some complicated queries?

A manual script developed in NodeJS runs a couple of times a week and takes 10 minutes to run. It needs to be replaced with an automated solution. Which option should we use?

A web application runs on several Amazon EC2 instances behind an Application Load Balancer (ALB). Which protocols can we use to do the health check? (Select TWO)

A company plans to replicate a limited set of core services to the Disaster Recovery site, ready to take over in the event of a disaster seamlessly. The company will switch off all other services. Which Disaster Recovery should the company use?

A website developed using HTML, CSS, client-side JavaScript, and images need to be hosted. Which solution is the MOST cost-effective?

How can a systems administrator specify a script to be run on an EC2 instance during launch?

If we want to avoid the loss of important data because of storing the information in EC2 Instances Stores, and we need a file system solution that can scale as data volumes increase with the LEAST amount of management and configuration, which storage is most appropriate?

We want to launch an Amazon EC2 instance with multiple attached volumes by modifying the block device mapping. Which block device can be specified in a block device mapping to be used with an EC2 instance? (Select TWO)

A Solutions Architect must develop a serverless application to analyze data using SQL. He must upload this data to Amazon S3, and the data should always be encrypted. Which AWS Services should he use to encrypt and query the data?

A Kinesis consumer application is reading at a slower rate than expected. It has been identified that multiple consumer applications have total reads exceeding the per-shard limits. How can this situation be resolved?

An organization wants to share regular updates using static web pages. The pages are expected to generate a large number of views from around the world. The files are stored in an Amazon S3 bucket. Which action should we take to accomplish this goal, designing an efficient and effective solution?

A company plans to use Amazon S3 to store documents uploaded by its customers. The company must encrypt the images at rest in Amazon S3. The company does not want to manage and rotate the keys, but they want to control who can access them. What services should a solutions architect use to accomplish this?

A web application is composed of a web layer and a database later. Some reports suggested that the webserver layer may be vulnerable to cross-site scripting (XSS) attacks. What should we do to remediate this vulnerability?

A company is deploying a big data and analytics workload that will run from thousands of EC2 instances across multiple AZs. The data needs to be stored on a shared storage layer that can be mounted and accessed concurrently by all EC2 instances. Extremely high throughput is required. What storage layer would be most suitable for this requirement?

We are designing a web application that runs on Amazon EC2 instances behind an Elastic Load Balancer. One requirement is that all the data in transit must be encrypted. How could we do that? (Select TWO)

What is the most efficient service to establish network connectivity from on-premise to multiple VPCs in different AWS regions?

A High-Performance Computing (HPC) application needs to provide 135,000 IOPS. The storage layer is replicated across all instances in a cluster. What is the most optimal and cost-effective storage solution that provides the required performance?

A web application should run both on-premise and in AWS for some time. During the period of co-existence, the client would like 80% of the traffic to hit the AWS-based web servers and 20% to be directed to the on-premises web servers. How can we distribute traffic as requested?

How can we be notified by email when an RDS database exceeds certain metric thresholds?

A MySQL database is going to be migrated to the AWS Cloud. The cloud DB should be a managed solution that supports high availability and automatic failover in the event of the outage of an Availability Zone (AZ). How can we achieve it?

We plan to develop a new platform using Docker containers in a micro-services architecture in the AWS Cloud. We prefer to use AWS-managed infrastructure for running the containers as you do not want to manage EC2 instances. Which of the following options would deliver these requirements? (Select TWO)

An application receives and processes files of around 4GB in size. The application extracts metadata from the files, typically taking a few seconds for each file, with times of little activity and multiple uploads within a short period. What architecture should we use to have the most cost-efficient solution?

A shared VPC is being set up for several AWS accounts, and we will use it to share an application. If we should not allow consumers to connect to other instances in the VPC, how can this be set up with the least administrative effort? (Select TWO)

An application writes data to a DynamoDB table, and we need to implement a function that runs code in response to item-level changes in the table. How should we implement that?

A company that manages an on-premise web application needs a solution to provide single sign-on and access to the AWS management console to manage resources in the AWS cloud. Which combination of services is BEST suited to delivering these requirements?

A decoupled application will send batches of up to 1000 messages per second that consumers must receive in the correct order. How can we achieve these requirements?

If we have to ensure that the Amazon EC2 instances from an application are able to be launched in another AWS region in the event of a disaster, what steps should be done? (Select TWO)

A security team wants to limit access to specific services in several accounts that belong to a large organization in AWS Organizations. The solution must be scalable, and there must be a single point where we can maintain permissions. How can we accomplish it?

We need to design a managed multi-region database with replication. The requirements indicate that the master database should be located in the EU (Ireland) region, and databases will be located in 4 other regions to service local read traffic. Which AWS service can deliver these requirements with a cost-effective and secure approach?

You have created an application in a VPC that uses a Network Load Balancer (NLB). The application will be offered to other accounts within the region to consume. What AWS service will be used to provide the service for consumption?

A Solutions Architect must design a storage solution for incoming billing reports in CSV format. The data will be analyzed infrequently and discarded after 30 days. Which combination of services will be MOST cost-effective in meeting these requirements?

The DB of an application runs on Amazon RDS. We want that a reporting tool to access this data. How can we achieve it, considering that the reporting tool must be highly available without impacting the application’s performance?

Some Amazon EC2 instances in a VPC need to make API calls to Amazon DynamoDB. If we want to avoid using DynamoDB public endpoints (because we don’t want to use the Internet), what is the most EFFICIENT and secure method to accomplish it? (Select TWO)

An application is expected to be extremely popular, and the back-end DynamoDB database may not perform as required. How can we enable in-memory read performance with microsecond response times for the DynamoDB database?

An application needs to retain information about each user session, and we have decided to implement a layer within the application architecture to store it. Which of the options below could be used? (Select TWO)

A solutions architect is designing a web application that consists of a public-facing web tier hosted on Amazon EC2 in public subnets. The database tier consists of Microsoft SQL Server running on Amazon EC2 in a private subnet. Security is a high priority for the company. How should security groups be configured? (Select TWO)

A company shares some videos stored in an Amazon S3 bucket via CloudFront. We want to restrict access to the private content so that only users from specific IP addresses can access the videos. Apart from that, ensuring direct access via the Amazon S3 bucket shouldn’t be possible. How can this be achieved?

An application runs its compute layer across EC2 instances, and it should scale based on the number of jobs to be processed. The compute layer is stateless. Which design should we use to ensure that the application is loosely coupled and the job items are durably stored?

Three AWS accounts are owned by the same company but in different regions. Account Z has two AWS Direct Connect connections to two separate company offices. Accounts A and B require routing across account Z’s Direct Connect connections to each company office. A Solutions Architect has created an AWS Direct Connect gateway in account Z.

We must migrate a MongoDB database to Amazon DynamoDB within the next few weeks. The database is too large to migrate over the company’s limited internet bandwidth, so we must use an alternative solution. What should we use?

A Solutions Architect needs to transform some data uploaded into S3. The uploads happen sporadically, and an event should trigger the transformation. The transformed data should then be loaded into a target data store. What combination of services should we use to accomplish this cost-effectively? (Select TWO)

A single-volume requires 500 GiB in size and needs to support 20,000 IOPS. What EBS volume type should be selected?

How can we encrypt a master database (which is not encrypted) in an Amazon RDS Read Replica deployed in a separate region?

A web application will run on Amazon EC2 instances behind Elastic Load Balancers in multiple regions in an active/passive configuration. The website address the application runs on is “fullcertified.com”, and we need to use AWS Route 53 to perform the DNS resolution for the application. How should we configure AWS Route 53 in this scenario? (Select TWO)