CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
AWS Certified Solutions Architect - Associate - Part 35
1. A company uses an Amazon S3 bucket to store static images for its website. The company configured permissions to allow access to Amazon S3 object by privileged users only. What should a solutions architect do to protect against data loss? Select two(Select 2answers)
A) Configure an S3 lifecycle rule to transition object to Amazon S3 Glacier.
B) Enable access logging on the S3 bucket
C) Enable server-side encryption on the S3 bucket
D) Enable versioning on the S3 bucket
E) Use MFA Delete to require multi-factor authentication to delete an object.
2. A company is running a highly sensitive application on Amazon EC2 backed by an Amazon RDS database. Compliance regulations mandate that all personally identifiable information (PMI) be cencrypted. Which solution should a solutions architect recommend to meet this requirement with the LEAST amount of changes to the infrastructure?
A) Configure SSL encryption using AWS Key Management Service customer master key (AWS KMS CMKs) to encrypt database volumes.
B) Deploy AWS Certificate Manager to generate certificates. Use the certificates to encrypt the database volume
C) Deploy AWS CloudHSM, generate encryption keys, and use the customer master key (CMK) to encrypt database volumes
D) Configure Amazon Elastic Block Store (Amazon EBS) encryption and Amazon RDS encryption with AWS Key Management Service (AWS KMS) keys to encrypt instance and database volumes.
3. A solutions architect is designing a solution to access a catalog of images and provide users with the ability to submit requests to customize images. Image customization parameters will be in any request sent to an AWS API Gateway API. The customized image will be generated on demand, and users will receive a link they can click to view or download their customized image. The solution must be highly available for viewing and customizing images.What is the MOST cost-effective solution to meet these requirements?
A) Use Amazon EC2 instances to manipulate the original image into the requested customization. Store the original and manipulated images in Amazon S3. Configure an Elastic Load Balancer in front of the EC2 instances.
B) Use Amazon EC2 instances to manipulate the original image into the requested customization. Store the original images in Amazon S3 and the manipulated images in Amazon DynamoDB. Configure an Amazon CloudFront distribution with the S3 bucket as the origin.
C) Use AWS Lambda to manipulate the original image to the requested customization. Store the original and manipulated images in Amazon S3. Configure an Amazon CloudFront distribution with the S3 bucket as the origin.
D) Use AWS Lambda to manipulate the original image to the requested customization. Store the original images in Amazon S3 and the manipulated images in Amazon DynamoDB. Configure an Elastic Load Balancer in front of the Amazon EC2 instances.
4. A company is creating an architecture for a mobile app that requires minimal latency for its users. The company's consists of Amazon EC2 instances behind an Application Load Balancer running in an Auto Scaling group. The EC2 instances connect to Amazon RDS. Application beta testing showed there was a slowdown when reading the data. However, the metrics indicate that the EC2 instances do not cross any CPU utilization thresholds. How can this issue be addressed?
A) Replace the Application Load Balancer with a Network Load Balancer
B) Add Multi-AZ support to the RDS instances and direct read traffic to the new EC2 instance.
C) Add read replicas for the RDS instances and direct read traffic to the replica.
D) Reduce the threshold for CPU utilization in the Auto Scaling group.
5. A solutions architect is designing a web application that will run on Amazon EC2 instances behind an Application Load Balancer (ALB). The company strictly requires that the application be resilient against malicious internet activity and attacks, and protect against new common vulnerabilities and exposures.What should the solutions architect recommend?
A) Subscribe to AWS Shield Advanced and ensure common vulnerabilities and exposures are blocked.
B) Leverage Amazon CloudFront with the ALB endpoint as the origin
C) Configure network ACLs and security groups to allow only ports 80 and 443 to access the EC2 instances.
D) Deploy an appropriate managed rule for AWS WAF and associate it with the ALB
A) Configure an S3 lifecycle rule to transition object to Amazon S3 Glacier.
B) Enable access logging on the S3 bucket
C) Enable server-side encryption on the S3 bucket
D) Enable versioning on the S3 bucket
E) Use MFA Delete to require multi-factor authentication to delete an object.
2. A company is running a highly sensitive application on Amazon EC2 backed by an Amazon RDS database. Compliance regulations mandate that all personally identifiable information (PMI) be cencrypted. Which solution should a solutions architect recommend to meet this requirement with the LEAST amount of changes to the infrastructure?
A) Configure SSL encryption using AWS Key Management Service customer master key (AWS KMS CMKs) to encrypt database volumes.
B) Deploy AWS Certificate Manager to generate certificates. Use the certificates to encrypt the database volume
C) Deploy AWS CloudHSM, generate encryption keys, and use the customer master key (CMK) to encrypt database volumes
D) Configure Amazon Elastic Block Store (Amazon EBS) encryption and Amazon RDS encryption with AWS Key Management Service (AWS KMS) keys to encrypt instance and database volumes.
3. A solutions architect is designing a solution to access a catalog of images and provide users with the ability to submit requests to customize images. Image customization parameters will be in any request sent to an AWS API Gateway API. The customized image will be generated on demand, and users will receive a link they can click to view or download their customized image. The solution must be highly available for viewing and customizing images.What is the MOST cost-effective solution to meet these requirements?
A) Use Amazon EC2 instances to manipulate the original image into the requested customization. Store the original and manipulated images in Amazon S3. Configure an Elastic Load Balancer in front of the EC2 instances.
B) Use Amazon EC2 instances to manipulate the original image into the requested customization. Store the original images in Amazon S3 and the manipulated images in Amazon DynamoDB. Configure an Amazon CloudFront distribution with the S3 bucket as the origin.
C) Use AWS Lambda to manipulate the original image to the requested customization. Store the original and manipulated images in Amazon S3. Configure an Amazon CloudFront distribution with the S3 bucket as the origin.
D) Use AWS Lambda to manipulate the original image to the requested customization. Store the original images in Amazon S3 and the manipulated images in Amazon DynamoDB. Configure an Elastic Load Balancer in front of the Amazon EC2 instances.
4. A company is creating an architecture for a mobile app that requires minimal latency for its users. The company's consists of Amazon EC2 instances behind an Application Load Balancer running in an Auto Scaling group. The EC2 instances connect to Amazon RDS. Application beta testing showed there was a slowdown when reading the data. However, the metrics indicate that the EC2 instances do not cross any CPU utilization thresholds. How can this issue be addressed?
A) Replace the Application Load Balancer with a Network Load Balancer
B) Add Multi-AZ support to the RDS instances and direct read traffic to the new EC2 instance.
C) Add read replicas for the RDS instances and direct read traffic to the replica.
D) Reduce the threshold for CPU utilization in the Auto Scaling group.
5. A solutions architect is designing a web application that will run on Amazon EC2 instances behind an Application Load Balancer (ALB). The company strictly requires that the application be resilient against malicious internet activity and attacks, and protect against new common vulnerabilities and exposures.What should the solutions architect recommend?
A) Subscribe to AWS Shield Advanced and ensure common vulnerabilities and exposures are blocked.
B) Leverage Amazon CloudFront with the ALB endpoint as the origin
C) Configure network ACLs and security groups to allow only ports 80 and 443 to access the EC2 instances.
D) Deploy an appropriate managed rule for AWS WAF and associate it with the ALB
1. Right Answer: D,E
Explanation:
2. Right Answer: D
Explanation:
3. Right Answer: C
Explanation:
4. Right Answer: C
Explanation:
5. Right Answer: A
Explanation:
Explanation:
2. Right Answer: D
Explanation:
3. Right Answer: C
Explanation:
4. Right Answer: C
Explanation:
5. Right Answer: A
Explanation:
Tags:
aws cloud awc cloud cerification certified aws aws certifications aws cloud practitioner aws solution architect aws training aws certified cloud practitioner aws exam aws certification exam aws practice exams aws 2023 aws updated questions aws questions aws cert aws certified solutions architect aws solution architect associate aws training and certification aws certified developer associate certification for devops0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment