SAP-C01 (Page 13)

An enterprise wants to use a third-party SaaS application.The SaaS application needs to have access to issue several API commands to discover Amazon EC2 resources running within the enterprise’s account The enterprise has internal security policies that require any outside access to their environment must conform to the principles of least privilege and there must be controls in place to ensure that the credentials used by the SaaS vendor cannot be used by any other third party.Which of the following would meet all of these conditions?Read More →

You have deployed a web application targeting a global audience across multiple AWS Regions under the domain name.example.com.You decide to useRoute53 Latency-Based Routing to serve web requests to users from the region closest to the user.To provide business continuity in the event of server downtime you configure weighted record sets associated with two web servers in separate Availability Zones per region.Dunning a DR test you notice that when you disable all web servers in one of the regions Route53 does not automatically direct all users to the other region.What could be happening? (Choose two.)Read More →

Your startup wants to implement an order fulfillment process for selling a personalized gadget that needs an average of 3-4 days to produce with some orders taking up to 6 months you expect 10 orders per day on your first day. 1000 orders per day after 6 months and 10,000 orders after 12 months.Orders coming in are checked for consistency men dispatched to your manufacturing plant for production quality control packaging shipment and payment processing If the product does not meet the quality standards at any stage of the process employees may force the process to repeat a step Customers are notified via email about order status and any critical issues with their orders such as payment failure.Your base architecture includes AWS Elastic Beanstalk for your website with an RDS MySQL instance for customer data and orders.How can you implement the order fulfillment process while making sure that the emails are delivered reliably?Read More →

A read only news reporting site with a combined web and application tier and a database tier that receives large and unpredictable traffic demands must be able to respond to these traffic fluctuations automatically.What AWS services should be used meet these requirements?Read More →

You are designing a photo-sharing mobile app.The application will store all pictures in a single Amazon S3 bucket.Users will upload pictures from their mobile device directly to Amazon S3 and will be able to view and download their own pictures directly from Amazon S3.You want to configure security to handle potentially millions of users in the most secure manner possible.What should your server-side application do when a new user registers on the photo-sharing mobile application?Read More →

You have a periodic image analysis application that gets some files in input, analyzes them and tor each file writes some data in output to a ten file the number of files in input per day is high and concentrated in a few hours of the day.Currently you have a server on EC2 with a large EBS volume that hosts the input data and the results. It takes almost 20 hours per day to complete the process.What services could be used to reduce the elaboration time and improve the availability of the solution?Read More →

You have been asked to design the storage layer for an application.The application requires disk performance of at least 100,000 IOPS.In addition, the storage layer must be able to survive the loss of an individual disk, EC2 instance, or Availability Zone without any data loss.The volume you provide must have a capacity of at least 3 TB.Which of the following designs will meet these objectives?Read More →

You are the new IT architect in a company that operates a mobile sleep tracking application.When activated at night, the mobile app is sending collected data points of 1 kilobyte every 5 minutes to your backend.The backend takes care of authenticating the user and writing the data points into an Amazon DynamoDB table.Every morning, you scan the table to extract and aggregate last night’s data on a per user basis, and store the results in Amazon S3.Users are notified viaAmazon SNS mobile push notifications that new data is available, which is parsed and visualized by the mobile app.Currently you have around 100k users who are mostly based out of North America.You have been tasked to optimize the architecture of the backend system to lower cost.What would you recommend? (Choose two.)Read More →

An international delivery company hosts a delivery management system on AWS.Drivers use the system to upload confirmation of delivery.Confirmation includes the recipient’s signature or a photo of the package with the recipient.The driver’s handheld device uploads signatures and photos through FTP to a single Amazon EC2 instance.Each handheld device saves a file in a directory based on the signed-in user, and the file name matches the delivery number.The EC2 instance then adds metadata to the file after querying a central database to pull delivery information.The file is then placed in Amazon S3 for archiving.As the company expands, drivers report that the system is rejecting connections.The FTP server is having problems because of dropped connections and memory issues.In response to these problems, a system engineer schedules a cron task to reboot the EC2 instance every 30 minutes.The billing team reports that files are not always in the archive and that the central system is not always updated.A solutions architect needs to design a solution that maximizes scalability to ensure that the archive always receives the files and that systems are always updated.The handheld devices cannot be modified, so the company cannot deploy a new application.Which solution will meet these requirements?Read More →

A company operates a fleet of servers on premises and operates a fleet of Amazon EC2 instances in its organization in AWS Organizations.The company’s AWS accounts contain hundreds of VPCs.The company wants to connect its AWS accounts to its on-premises network.AWS Site-to-Site VPN connections are already established to a single AWS account.The company wants to control which VPCs can communicate with other VPCs.Which combination of steps will achieve this level of control with the LEAST operational effort? (Choose three.)Read More →