1. A company recently deployed a new auditing system to centralize information about operating system versions, patching, and installed software for Amazon EC2 instances. A solutions architect must ensure all instances provisioned through EC2 Auto Scaling groups successfully send reports to the auditing system as soon as they are launched and terminated.Which solution achieves these goals MOST efficiently?

A) Use EC2 Auto Scaling lifecycle hooks to execute a custom script to send data to the audit system when instances are launched and terminated.
B) Use an EC2 Auto Scaling launch configuration to execute a custom script through user data to send data to the audit system when instances are launched and terminated.
C) Use a scheduled AWS Lambda function and execute a script remotely on all EC2 instances to send data to the audit system.
D) Execute a custom script on the instance operating system to send data to the audit system. Configure the script to be executed by the EC2 Auto Scaling group when the instance starts and is terminated.



2. A company runs an application using Amazon ECS. The application creates resized versions of an original image and then makes Amazon S3 API calls to store the resized images in Amazon S3. How can a solutions architect ensure that the application has permission to access Amazon S3?

A) Create an IAM role with S3 permissions, and then specify that role as the takeRoleAm in the task definition
B) Create an IAM user with S3 permissions, and then relaunch the Amazon EC2 instances for the ECS cluster while logged in as this account.
C) Create a security group that allows access from Amazon ECS to Amazon S3, and update the launch configuration used by the ECS cluster.
D) Update the S3 role in AWS IAM to allow read/write access from Amazon ECS, and then relaunch the container.



3. A company has a website running on Amazon EC2 instances across two Availability Zones. The company is expecting spikes in traffic on specific holidays, and wants to provide a consistent user experience. How can a solutions architect meet this requirement?

A) Use scheduled scaling.
B) Use simple scaling.
C) Use step scaling.
D) Use lifecycle hooks.



4. A solutions architect is moving the static content from a public website hosted on Amazon EC2 instances to an Amazon S3 bucket. An Amazon CloudFront distribution will be used to deliver the static assets. The security group used by the EC2 instances restricts access to a limited set of IP ranges. Access to the static content should be similarly restricted.Which combination of steps will meet these requirements? (Choose two.)(Select 2answers)

A) Create an AWS WAF web ACL that includes the same IP restrictions that exist in the EC2 security group. Associate this new web ACL with the CloudFront distribution.
B) Create a new IAM role and associate the role with the distribution. Change the permissions either on the S3 bucket or on the files within the S3 bucket so that only the newly created IAM role has read and download permissions.
C) Create a new security group that includes the same IP restrictions that exist in the current EC2 security group. Associate this new security group with the CloudFront distribution.
D) Create an origin access identity (OAI) and associate it with the distribution. Change the permissions in the bucket policy so that only the OAI can read the objects.
E) Create a new security group that includes the same IP restrictions that exist in the current EC2 security group. Associate this new security group with the S3 bucket hosting the static content.


5. A solutions architect needs to design a low latency solution for a static single page application accessed by users utilizing a custom domain name. The solution must be serverless, encrypted in transit and cost-effective.Which combination of AWS service and features should the solutions architect use? Select two(Select 2answers)

A) Amazon CloudFront
B) Amazon EC2
C) AWS Fargate
D) Amazon S3
E) Elastic Load Balancer