CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
AWS Certified Solutions Architect - Associate - Part 2
1. A company has application running on Amazon EC2 instances in a VPC. One of the applications needs to call an Amazon S3 API to store and read objects. The company's security policies restrict any internet-bound traffic from the applications.Which action will fulfill these requirements and maintain security?
A) Configure an S3 interface endpoint.
B) Create an S3 bucket in a private subnet.
C) Configure an S3 gateway endpoint.
D) Create an S3 bucket in the same Region as the EC2 instance.
2. A website experiences unpredictable traffic. During peak traffic times, the database is unable to keep up with the write request.Which AWS service will help decouple the web application from the database?
A) Amazon S3
B) Amazon EFS
C) AWS Lambda
D) Amazon SQS
3. A financial services company has a web application that serves users in the United States and Europe. The application consists of a database tier and a web server tier. The database tier consists of a MySQL database hosted in us-east-1. Amazon Route 53 geoproximity routing is used to direct traffic to instances in the closest Region. A performance review of the system reveals that European users are not receiving the same level of query performance as those in the United States.Which changes should be made to the database tier to improve performance?
A) Migrate the database to Amazon DynamoDB. Use DynamoDB global tables to enable replication to additional Regions.
B) Migrate the database to Amazon RDS for MySQL. Configure Multi-AZ in one of the European Regions.
C) Migrate the database to an Amazon Aurora global database in MySQL compatibility mode. Configure read replicas in one of the European Regions.
D) Deploy MySQL instances in each Region. Deploy an Application Load Balancer in front of MySQL to reduce the load on the primary instance.
4. A company currently operates a web application backed by an Amazon RDS MySQL database. It has automated backups that are run daily and are not encrypted. A security audit requires future backups to be encrypted and the unencrypted backups to be destroyed. The company will make at least one encrypted backup before destroying the old backups.What should be done to enable encryption for future backups?
A) Create a snapshot of the database. Copy it to an encrypted snapshot. Restore the database from the encrypted snapshot.
B) Modify the backup section of the database configuration to toggle the Enable encryption check box.
C) Enable an encrypted read replica on RDS for MySQL. Promote the encrypted read replica to primary. Remove the original database instance.
D) Enable default encryption for the Amazon S3 bucket where backups are stored.
5. A solutions architect needs to ensure that API calls to Amazon DynamoDB from Amazon EC2 instances in a VPC do not traverse the internet.What should the solutions architect do to accomplish this? (Choose two.)(Select 2answers)
A) Create a route table entry for the endpoint.
B) Create a gateway endpoint for DynamoDB.
C) Create a new DynamoDB table that uses the endpoint.
D) Create a security group entry in the default security group to provide access.
E) Create an ENI for the endpoint in each of the subnets of the VPC.
A) Configure an S3 interface endpoint.
B) Create an S3 bucket in a private subnet.
C) Configure an S3 gateway endpoint.
D) Create an S3 bucket in the same Region as the EC2 instance.
2. A website experiences unpredictable traffic. During peak traffic times, the database is unable to keep up with the write request.Which AWS service will help decouple the web application from the database?
A) Amazon S3
B) Amazon EFS
C) AWS Lambda
D) Amazon SQS
3. A financial services company has a web application that serves users in the United States and Europe. The application consists of a database tier and a web server tier. The database tier consists of a MySQL database hosted in us-east-1. Amazon Route 53 geoproximity routing is used to direct traffic to instances in the closest Region. A performance review of the system reveals that European users are not receiving the same level of query performance as those in the United States.Which changes should be made to the database tier to improve performance?
A) Migrate the database to Amazon DynamoDB. Use DynamoDB global tables to enable replication to additional Regions.
B) Migrate the database to Amazon RDS for MySQL. Configure Multi-AZ in one of the European Regions.
C) Migrate the database to an Amazon Aurora global database in MySQL compatibility mode. Configure read replicas in one of the European Regions.
D) Deploy MySQL instances in each Region. Deploy an Application Load Balancer in front of MySQL to reduce the load on the primary instance.
4. A company currently operates a web application backed by an Amazon RDS MySQL database. It has automated backups that are run daily and are not encrypted. A security audit requires future backups to be encrypted and the unencrypted backups to be destroyed. The company will make at least one encrypted backup before destroying the old backups.What should be done to enable encryption for future backups?
A) Create a snapshot of the database. Copy it to an encrypted snapshot. Restore the database from the encrypted snapshot.
B) Modify the backup section of the database configuration to toggle the Enable encryption check box.
C) Enable an encrypted read replica on RDS for MySQL. Promote the encrypted read replica to primary. Remove the original database instance.
D) Enable default encryption for the Amazon S3 bucket where backups are stored.
5. A solutions architect needs to ensure that API calls to Amazon DynamoDB from Amazon EC2 instances in a VPC do not traverse the internet.What should the solutions architect do to accomplish this? (Choose two.)(Select 2answers)
A) Create a route table entry for the endpoint.
B) Create a gateway endpoint for DynamoDB.
C) Create a new DynamoDB table that uses the endpoint.
D) Create a security group entry in the default security group to provide access.
E) Create an ENI for the endpoint in each of the subnets of the VPC.
1. Right Answer: C
Explanation: https://docs.aws.amazon.com/vpc/latest/userguide/vpce-gateway.html
2. Right Answer: D
Explanation: https://aws.amazon.com/sqs/faqs/Amazon SQS is a message queue service used by distributed applications to exchange messages through a polling model, and can be used to decouple sending and receiving components.
3. Right Answer: C
Explanation: Amazon Aurora features a distributed, fault-tolerant, self-healing storage system that auto-scales up to 64TB per database instance. It delivers high performance and availability with up to 15 low-latency read replicas, point-in-time recovery, continuous backup to Amazon S3, and replication across three Availability Zones (AZs).
4. Right Answer: A
Explanation: Amazon RDS uses snapshots for backup. Snapshots are encrypted when created only if the database is encrypted and you can only select encryption for the database when you first create it. In this case the database, and hence the snapshots, ad unencrypted. However, you can create an encrypted copy of a snapshot. You can restore using that snapshot which creates a new DB instance that has encryption enabled. From that point on encryption will be enabled for all snapshots.https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.Encryption.html
5. Right Answer: A,B
Explanation:
Explanation: https://docs.aws.amazon.com/vpc/latest/userguide/vpce-gateway.html
2. Right Answer: D
Explanation: https://aws.amazon.com/sqs/faqs/Amazon SQS is a message queue service used by distributed applications to exchange messages through a polling model, and can be used to decouple sending and receiving components.
3. Right Answer: C
Explanation: Amazon Aurora features a distributed, fault-tolerant, self-healing storage system that auto-scales up to 64TB per database instance. It delivers high performance and availability with up to 15 low-latency read replicas, point-in-time recovery, continuous backup to Amazon S3, and replication across three Availability Zones (AZs).
4. Right Answer: A
Explanation: Amazon RDS uses snapshots for backup. Snapshots are encrypted when created only if the database is encrypted and you can only select encryption for the database when you first create it. In this case the database, and hence the snapshots, ad unencrypted. However, you can create an encrypted copy of a snapshot. You can restore using that snapshot which creates a new DB instance that has encryption enabled. From that point on encryption will be enabled for all snapshots.https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.Encryption.html
5. Right Answer: A,B
Explanation:
Tags:
aws cloud awc cloud cerification certified aws aws certifications aws cloud practitioner aws solution architect aws training aws certified cloud practitioner aws exam aws certification exam aws practice exams aws 2023 aws updated questions aws questions aws cert aws certified solutions architect aws solution architect associate aws training and certification aws certified developer associate certification for devops0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment