SAP-C02 (Page 42)

A company has an application that generates reports and stores them in an Amazon S3 bucket.When a user accesses their report, the application generates a signed URL to allow the user to download the report.The company’s security team has discovered that the files are public and that anyone can download them without authentication.The company has suspended the generation of new reports until the problem is resolved.Which set of actions will immediately remediate the security issue without impacting the application’s normal workflow?Read More →

A company needs to optimize the cost of its application on AWS.The application uses AWS Lambda functions and Amazon Elastic Container Service (Amazon ECS) containers that run on AWS Fargate.The application is write-heavy and stores data in an Amazon Aurora MySQL database.The load on the application is not consistent.The application experiences long periods of no usage, followed by sudden and significant increases and decreases in traffic.The database runs on a memory optimized DB instance that cannot handle the load.A solutions architect must design a solution that can scale to handle the changes in traffic.Which solution will meet these requirements MOST cost-effectively?Read More →

A company migrated an application to the AWS Cloud.The application runs on two Amazon EC2 instances behind an Application Load Balancer (ALB).Application data is stored in a MySQL database that runs on an additional EC2 instance.The application’s use of the database is read-heavy.The application loads static content from Amazon Elastic Block Store (Amazon EBS) volumes that are attached to each EC2 instance.The static content is updated frequently and must be copied to each EBS volume.The load on the application changes throughout the day.During peak hours, the application cannot handle all the incoming requests.Trace data shows that the database cannot handle the read load during peak hours.Which solution will improve the reliability of the application?Read More →

A North American company with headquarters on the East Coast is deploying a new web application running on Amazon EC2 in the us-east-1 Region.The application should dynamically scale to meet user demand and maintain resiliency.Additionally, the application must have disaster recovery capabilities in an active-passive configuration with the us-west-1 Region.Which steps should a solutions architect take after creating a VPC in the us-east-1 Region?Read More →

A solutions architect is designing an AWS account structure for a company that consists of multiple teams.All the teams will work in the same AWS Region.The company needs a VPC that is connected to the on-premises network.The company expects less than 50 Mbps of total traffic to and from the on-premises network.Which combination of steps will meet these requirements MOST cost-effectively? (Choose two.)Read More →

A company runs a microservice as an AWS Lambda function.The microservice writes data to an on-premises SQL database that supports a limited number of concurrent connections.When the number of Lambda function invocations is too high, the database crashes and causes application downtime.The company has an AWS Direct Connect connection between the company’s VPC and the on-premises data center.The company wants to protect the database from crashes.Which solution will meet these requirements?Read More →

An online retail company is migrating its legacy on-premises .NET application to AWS.The application runs on load-balanced frontend web servers, load-balanced application servers, and a Microsoft SQL Server database.The company wants to use AWS managed services where possible and does not want to rewrite the application.A solutions architect needs to implement a solution to resolve scaling issues and minimize licensing costs as the application scales.Which solution will meet these requirements MOST cost-effectively?Read More →

A company is designing a new website that hosts static content.The website will give users the ability to upload and download large files.According to company requirements, all data must be encrypted in transit and at rest.A solutions architect is building the solution by using Amazon S3 and Amazon CloudFront.Which combination of steps will meet the encryption requirements? (Choose three.)Read More →

A solutions architect needs to improve an application that is hosted in the AWS Cloud.The application uses an Amazon Aurora MySQL DB instance that is experiencing overloaded connections.Most of the application’s operations insert records into the database.The application currently stores credentials in a text-based configuration file.The solutions architect needs to implement a solution so that the application can handle the current connection load.The solution must keep the credentials secure and must provide the ability to rotate the credentials automatically on a regular basis.Which solution will meet these requirements?Read More →

A company has a complex web application that leverages Amazon CloudFront for global scalability and performance.Over time, users report that the web application is slowing down.The company’s operations team reports that the CloudFront cache hit ratio has been dropping steadily.The cache metrics report indicates that query strings on some URLs are inconsistently ordered and are specified sometimes in mixed-case letters and sometimes in lowercase letters.Which set of actions should the solutions architect take to increase the cache hit ratio as quickly as possible?Read More →