Solutions Architect Professional (Page 100)

What happens when Dedicated instances are launched into a VPC?Read More →

A company has implemented a new security requirement.According to the new requirement, the company must scan all traffic from corporate AWS instances in the company’s VPC for violations of the company’s security policies.As a result of these scans, the company can block access to and from specific IP addresses.To meet the new requirement, the company deploys a set of Amazon EC2 instances in private subnets to serve as transparent proxies.The company installs approved proxy server software on these EC2 instances.The company modifies the route tables on all subnets to use the corresponding EC2 instances with proxy software as the default route.The company also creates security groups that are compliant with the security policies and assigns these security groups to the EC2 instances.Despite these configurations, the traffic of the EC2 instances in their private subnets is not being properly forwarded to the internet.What should a solutions architect do to resolve this issue?Read More →

A company has an organization in AWS Organizations.The company has enabled trusted access between Organizations and AWS Resource Access Manager(AWS RAM).The organization includes three AWS accounts, one each for shared services, development, and production.The shared services account has aVPC.A solutions architect needs to meet the following requirements:* Configure access between the shared services VPC and the development and production accounts.* Ensure that workloads in each account are deployed to at least three Availability Zones.* Ensure that there is no direct communication between the development and production workloads.Which combination of steps will meet these requirements? (Choose three.)Read More →

A company stores and manages documents in an Amazon Elastic File System (Amazon EFS) file system.The file system is encrypted with an AWS Key Management Service (AWS KMS) key.The file system is mounted to an Amazon EC2 instance that runs proprietary software.The company has enabled automatic backups for the file system.The automatic backups use the AWS Backup default backup plan.A solutions architect must ensure that deleted documents can be recovered within an RPO of 100 minutes.Which solution will meet these requirements?Read More →

A solutions architect has developed a web application that uses an Amazon API Gateway Regional endpoint and an AWS Lambda function.The consumers of the web application are all close to the AWS Region where the application will be deployed.The Lambda function only queries an Amazon Aurora MySQL database.The solutions architect has configured the database to have three read replicas.During testing, the application does not meet performance requirements.Under high load, the application opens a large number of database connections.The solutions architect must improve the application’s performance.Which actions should the solutions architect take to meet these requirements? (Choose two.)Read More →

A company wants to record key performance indicators (KPIs) from its application as part of a strategy to convert to a user-based licensing schema.The application is a multi-tier application with a web-based UI.The company saves all log files to Amazon CloudWatch by using the CloudWatch agent.All logins to the application are saved in a log file.As part of the new license schema, the company needs to find out how many unique users each client has on a daily basis, weekly basis, and monthly basis.Which solution will provide this information with the LEAST change to the application?Read More →

A company is running a web application on Amazon EC2 instances in a production AWS account.The company requires all logs generated from the web application to be copied to a central AWS account for analysis and archiving.The company’s AWS accounts are currently managed independently.Logging agents are configured on the EC2 instances to upload the log files to an Amazon S3 bucket in the central AWS account.A solutions architect needs to provide access for a solution that will allow the production account to store log files in the central account.The central account also needs to have read access to the log files.What should the solutions architect do to meet these requirements?Read More →

An e-commerce company is revamping its IT infrastructure and is planning to use AWS services.The company’s CIO has asked a solutions architect to design a simple, highly available, and loosely coupled order processing application.The application is responsible for receiving and processing orders before storing them in an Amazon DynamoDB table.The application has a sporadic traffic pattern and should be able to scale during marketing campaigns to process the orders with minimal delays.Which of the following is the MOST reliable approach to meet the requirements?Read More →

The CISO of a large enterprise with multiple IT departments, each with its own AWS account, wants one central place where AWS permissions for users can be managed and users authentication credentials can be synchronized with the company’s existing on-premises solution.Which solution will meet the CISO’s requirements?Read More →

A research center is migrating to the AWS Cloud and has moved its on-premises 1 PB object storage to an Amazon S3 bucket.One hundred scientists are using this object storage to store their work-related documents.Each scientist has a personal folder on the object store.All the scientists are members of a single IAM user group.The research center’s compliance officer is worried that scientists will be able to access each other’s work.The research center has a strict obligation to report on which scientist accesses which documents.The team that is responsible for these reports has little AWS experience and wants a ready-to-use solution that minimizes operational overhead.Which combination of actions should a solutions architect take to meet these requirements? (Choose two.)Read More →