Which combination of steps should the security engineer take to meet these requirements?

2026-04-06
By:
In: SCS-C01
With: 2 Comments

An international company has established a new business entity in South Korea.The company also has established a new AWS account to contain the workload for the South Korean region.The company has set up the workload in the new account in the ap-northeast-2 Region.The workload consists of three Auto Scaling groups of Amazon EC2 instances.All workloads that operate in this Region must keep system logs and application logs for 7 years.A security engineer must implement a solution to ensure that no logging data is lost for each instance during scaling activities.The solution also must keep the logs for only the required period of 7 years.Which combination of steps should the security engineer take to meet these requirements? (Choose three.)Read More →

What is the most important metric to optimize the model for in this scenario?

2026-04-06
By:
In: MLS-C01
With: 2 Comments

A machine learning (ML) engineer is creating a binary classification model.The ML engineer will use the model in a highly sensitive environment.There is no cost associated with missing a positive label.However, the cost of making a false positive inference is extremely high.What is the most important metric to optimize the model for in this scenario?Read More →

Which database engine meets these requirements?

2026-04-06
By:
In: DBS-C01
With: 2 Comments

A startup company is building a new application to allow users to visualize their on-premises and cloud networking components.The company expects billions of components to be stored and requires responses in milliseconds.The application should be able to identify:✑ The networks and routes affected if a particular component fails.✑ The networks that have redundant routes between them.✑ The networks that do not have redundant routes between them.✑ The fastest path between two networks.Which database engine meets these requirements?Read More →

Which combination of actions will meet these requirements?

2026-04-06
By:
In: DOP-C01
With: 2 Comments

A DevOps engineer is implementing governance controls for a company that requires its infrastructure to be housed within the United States.The engineer must restrict which AWS Regions can be used, and ensure an alert is sent as soon as possible if any activity outside the governance policy takes place.The controls should be automatically enabled on any new Region outside the United States (US).Which combination of actions will meet these requirements? (Choose two.)Read More →

Which solution will meet these requirements MOST cost-effectively?

2026-04-06
By:
In: SOA-C02
With: 2 Comments

A company is running production workloads that use a Multi-AZ deployment of an Amazon RDS for MySQL db.m6g.xlarge (general purpose) standard DB instance.Users report that they are frequently encountering a “too many connections” error.A SysOps administrator observes that the number of connections on the database is high.The SysOps administrator needs to resolve this issue while keeping code changes to a minimum.Which solution will meet these requirements MOST cost-effectively?Read More →

What should a solutions architect do to resolve this issue?

2026-04-06
By:
In: SAP-C01
With: 2 Comments

A company has implemented a new security requirement.According to the new requirement, the company must scan all traffic from corporate AWS instances in the company’s VPC for violations of the company’s security policies.As a result of these scans, the company can block access to and from specific IP addresses.To meet the new requirement, the company deploys a set of Amazon EC2 instances in private subnets to serve as transparent proxies.The company installs approved proxy server software on these EC2 instances.The company modifies the route tables on all subnets to use the corresponding EC2 instances with proxy software as the default route.The company also creates security groups that are compliant with the security policies and assigns these security groups to the EC2 instances.Despite these configurations, the traffic of the EC2 instances in their private subnets is not being properly forwarded to the internet.What should a solutions architect do to resolve this issue?Read More →

What should the company do next to meet these requirements?

2026-04-06
By:
In: SCS-C01
With: 2 Comments

A company uses AWS Organizations to manage several AWs accounts.The company processes a large volume of sensitive data.The company uses a serverless approach to microservices.The company stores all the data in either Amazon S3 or Amazon DynamoDB.The company reads the data by using either AWS Lambda functions or container-based services that the company hosts on Amazon Elastic Kubernetes Service (Amazon EKS) on AWS Fargate.The company must implement a solution to encrypt all the data at rest and enforce least privilege data access controls.The company creates an AWS Key Management Service (AWS KMS) customer managed key.What should the company do next to meet these requirements?Read More →