SAP-C01 (Page 63)

You’re trying to delete an SSL certificate from the IAM certificate store, and you’re getting the message “Certificate: is being used by CloudFront.”Which of the following statements is probably the reason why you are getting this error?Read More →

A company stores sales transaction data in Amazon DynamoDB tables.To detect anomalous behaviors and respond quickly, all changes to the items stored in the DynamoDB tables must be logged within 30 minutes.Which solution meets the requirements?Read More →

An internal security audit of AWS resources within a company found that a number of Amazon EC2 instances running Microsoft Windows workloads were missing several important operating system-level patches.A Solutions Architect has been asked to fix existing patch deficiencies, and to develop a workflow to ensure that future patching requirements are identified and taken care of quickly.The Solutions Architect has decided to use AWS Systems Manager.It is important that EC2 instance reboots do not occur at the same time on all Windows workloads to meet organizational uptime requirements.Which workflow will meet these requirements in an automated manner?Read More →

A company is moving a business-critical application onto AWS.It is a traditional three-tier web application using an Oracle database.Data must be encrypted in transit and at rest.The database hosts 12 TB of data.Network connectivity to the source Oracle database over the internal is allowed, and the company wants to reduce operational costs by using AWS Managed Services where possible.All resources within the web and application tiers have been migrated.The database has a few tables and a simple schema using primary keys only; however, it contains many Binary Large Object (BLOB) fields.It was not possible to use the database’s native replication tools because of licensing restrictions.Which database migration solution will result in the LEAST amount of impact to the application’s availability?Read More →

A large company is migrating its entire IT portfolio to AWS.Each business unit in the company has a standalone AWS account that supports both development and test environments.New accounts to support production workloads will be needed soon.The Finance department requires a centralized method for payment but must maintain visibility into each group’s spending to allocate costs.The Security team requires a centralized mechanism to control IAM usage in all the company’s accounts.What combination of the following options meet the company’s needs with the LEAST effort? (Choose two.)Read More →

A company wants to replace its call centersystem with a solution built using AWS managed services.The company call center would like the solution to receive calls, create contact flows, and scale to handle growth projections.The call center would also like the solution to use deep learning capabilities to recognize the intent of the callers and handle basic tasks, reducing the need to speak to an agent.The solution should also be able to query business applications and provide relevant information back to callers as requested.Which services should the Solutions Architect use to build this solution? (Choose three.)Read More →

A company needs to migrate two individual applications from on premises to AWS:• The first application is a legacy custom application that is hosted on a physical Windows server.The application source code is no longer available.The application has little documentation, has hardcoded operating system configuration settings, and is used by an external third party.• The second application is an IBM Db2 database that is hosted on a single Linux VM that uses network-attached storage (NAS) to store the database data.The company uses this database internally for employee records.The applications are hosted in a data center that the company plans to decommission in 90 days.Where possible, the company must use managed AWS services.Which actions for migration should a solutions architect recommend to meet these requirements? (Choose two.)Read More →

A large global financial services company has multiple business units.The company wants to allow Developers to try new services, but there are multiple compliance requirements for different workloads.The Security team is concerned about the access strategy for on-premises and AWS implementations.They would like to enforce governance for AWS services used by business teams for regulatory workloads, including Payment Card Industry (PCI) requirements.Which solution will address the Security team’s concerns and allow the Developers to try new services?Read More →

A company’s CISO has asked a Solutions Architect to re-engineer the company’s current CI/CD practices to make sure patch deployments to its applications can happen as quickly as possible with minimal downtime if vulnerabilities are discovered.The company must also be able to quickly roll back a change in case of errors.The web application is deployed in a fleet of Amazon EC2 instances behind an Application Load Balancer.The company is currently using GitHub to host the application source code, and has configured an AWS CodeBuild project to build the application.The company also intends to use AWS CodePipeline to trigger builds from GitHub commits using the existing CodeBuild project.What CI/CD configuration meets all of the requirements?Read More →

A company has a web application that securely uploads pictures and videos to an Amazon S3 bucket.The company requires that only authenticated users are allowed to post content.The application generates a presigned URL that is used to upload objects through a browser interface.Most users are reporting slow upload times for objects larger than 100 MB.What can a Solutions Architect do to improve the performance of these uploads while ensuring only authenticated users are allowed to post content?Read More →