A government client needs you to set up secure cryptographic key storage for some of their extremely confidential data.You decide that the AWS CloudHSM is the best service for this.However, there seem to be a few pre-requisites before this can happen, one of those being a security group that has certain ports open.Which of the following is correct in regards to those security groups?Read More →
A Solutions Architect has created an AWS CloudFormation template for a three-tier application that contains an Auto Scaling group of Amazon EC2 instances running a custom AMI.The Solutions Architect wants to ensure that future updates to the custom AMI can be deployed to a running stack by first updating the template to refer to the newAMI, and then invoking UpdateStack to replace the EC2 instances with instances launched from the new AMI.How can updates to the AMI be deployed to meet these requirements?Read More →
Someone has recommended a new client to you and you know he is into online gaming and you are almost certain he will want to set up an online gaming site which will require a database service that provides fast and predictable performance with seamless scalability.Which of the following AWS databases would be best suited to an online gaming site?Read More →
To get started using AWS Direct Connect, in which of the following steps do you configure Border Gateway Protocol (BGP)?Read More →
A company provides a centralized Amazon EC2 application hosted in a single shared VPC.The centralized application must be accessible from client applications running in the VPCs of other business units.The centralized application front end is configured with a Network Load Balancer (NLB) for scalability.Up to 10 business unit VPCs will need to be connected to the shared VPC.Some of the business unit VPC CIDR blocks overlap with the shared VPC, and some overlap with each other.Network connectivity to the centralized application in the shared VPC should be allowed from authorized business unit VPCs only.Which network configuration should a solutions architect use to provide connectivity from the client applications in the business unit VPCs to the centralized application in the shared VPC?Read More →
A large company recently experienced an unexpected increase in Amazon RDS and Amazon DynamoDB costs. The company needs to increase visibility into details of AWS Billing and Cost Management. There are various accounts associated with AWS Organizations, including many development and production accounts. There is no consistent tagging strategy across the organization, but there are guidelines in place that require all infrastructure to be deployed usingAWS CloudFormation with consistent tagging. Management requires cost center numbers and project ID numbers for all existing and future DynamoDB tables andRDS instances.Which strategy should the solutions architect provide to meet these requirements?Read More →
While debugging a backend application for an IoT system that supports globally distributed devices, a Solutions Architect notices that stale data is occasionally being sent to user devices.Devices often share data, and stale data does not cause issues in most cases.However, device operations are disrupted when a device reads the stale data after an update.The global system has multiple identical application stacks deployed in different AWS Regions.If a user device travels out of its home geographic region, it will always connect to the geographically closest AWS Region to write or read data.The same data is available in all supported AWS Regions using an AmazonDynamoDB global table.What change should be made to avoid causing disruptions in device operations?Read More →
A company wants to analyze log data using date ranges with a custom application running on AWS.The application generates about 10 GB of data every day, which is expected to grow.A Solutions Architect is tasked with storing the data in Amazon S3 and using Amazon Athena to analyze the data.Which combination of steps will ensure optimal performance as the data grows? (Choose two.)Read More →
A company is creating an account strategy so that they can begin using AWS.The Security team will provide each team with the permissions they need to follow the principle or least privileged access.Teams would like to keep their resources isolated from other groups, and the Finance team would like each team’s resource usage separated for billing purposes.Which account creation process meets these requirements and allows for changes?Read More →
A company has a 24 TB MySQL database in its on-premises data center that grows at the rate of 10 GB per day.The data center is connected to the company’sAWS infrastructure with a 50 Mbps VPN connection.The company is migrating the application and workload to AWS.The application code is already installed and tested on Amazon EC2.The company now needs to migrate the database and wants to go live on AWS within 3 weeks.Which of the following approaches meets the schedule with LEAST downtime?Read More →
© 2025. Tip2Cloud doesn't offer any real exam questions. All questions & answers were supported by AI.