1. A company's application hosted on Amazon EC2 instances needs to access an Amazon S3 bucket. Due to data sensitivity, traffic cannot traverse the internet How should a solutions architect configure access?

A) Configure a VPC gateway endpoint for Amazon S3 in the VPC.
B) Configure AWS PrivateLink between the EC2 instance and the S3 bucket.
C) Set up a site-to-site VPN connection between the VPC and the S3 bucket.
D) Create a private hosted zone using Amazon Route 53.



2. A company's web application is running on Amazon EC2 instances behind an Application Load Balancer. The company recently changed its policy, which now requires the application to be accessed from one specific country only.Which configuration will meet this requirement?

A) Configure the security group on the Application Load Blancer.
B) Configure the security group for the EC2 instances.
C) Configure AWS WAF on the Application Load Balancer in a VPC
D) Configure the network ACL for the subnet that contains the EC2 instances



3. A company has an Amazon EC2 instance running on a private subnet that needs to access a public websites to download patches and updates. The company does not want external websites to see the EC2 instance IP address or initiate connection to it.How can a solution architect achieve this objective?

A) Create a security group that only allows connections from the IP address range of the public website. Attach the security group to the EC2 instance.
B) Create a site-to-site VPN connection between the private subnet and the network in which the public site is deployed.
C) Create a NAT gateway in a public subnet. Route outbound traffic from the private subnet through the NAI gateway.
D) Create a network ACL for the private subnet where the EC2 instance deployed only allows access from the IP address range of the public website.



4. A web application runs on Amazon EC2 instances behind an Application Load Balancer. The application allows users to create custom reports of historical weather data. Generating a report can take up to 5 minutes. These long running requests use many of the available incoming connections, making the system unresponsive to other users.How can a solutions architect make the system more responsive?

A) Update the client-side application code to increase its request timeout to 5 minutes.
B) Increase the idle timeout on the Application Load Balancer to 5 minutes
C) Use Amazon SQS with AWS Lambda to generate reports.
D) Publish the reports to Amazon S3 and use Amazon CloudFront for downloading to the user



5. A company is looking for a solution that can store video archives in AWS from old news footage. The company needs to minimize costs and will rarely need to restore these files. When the files are needed, they must be available in a maximum of five minutes.What is the MOST cost-effective solution?

A) Store the video archives in Amazon S3 Glacier and use Standard retrievals.
B) Store the video archives in Amazon S3 Glacier and use Expedited retrievals.
C) Store the video archives in Amazon S3 One Zone-Infrequent Access (S3 One Zone-IA).
D) Store the video archives in Amazon S3 Standard-Infrequent Access (S3 Standard-IA).