Solutions Architect Professional (Page 58)

A company has set up its entire infrastructure on AWS.The company uses Amazon EC2 instances to host its ecommerce website and uses Amazon S3 to store static data.Three engineers at the company handle the cloud administration and development through one AWS account.Occasionally, an engineer alters an EC2 security group configuration of another engineer and causes noncompliance issues in the environment.A solutions architect must set up a system that tracks changes that the engineers make.The system must send alerts when the engineers make noncompliant changes to the security settings for the EC2 instances.What is the FASTEST way for the solutions architect to meet these requirements?Read More →

A company has hundreds of AWS accounts.The company recently implemented a centralized internal process for purchasing new Reserved Instances and modifying existing Reserved Instances.This process requires all business units that want to purchase or modify Reserved Instances to submit requests to a dedicated team for procurement.Previously, business units directly purchased or modified Reserved Instances in their own respective AWS accounts autonomously.A solutions architect needs to enforce the new process in the most secure way possible.Which combination of steps should the solutions architect take to meet these requirements? (Choose two.)Read More →

A company is hosting an application on AWS for a project that will run for the next 3 years.The application consists of 20 Amazon EC2 On-Demand Instances that are registered in a target group for a Network Load Balancer (NLB).The instances are spread across two Availability Zones.The application is stateless and runs 24 hours a day, 7 days a week.The company receives reports from users who are experiencing slow responses from the application.Performance metrics show that the instances are at 10% CPU utilization during normal application use.However, the CPU utilization increases to 100% at busy times, which typically last for a few hours.The company needs a new architecture to resolve the problem of slow responses from the application.Which solution will meet these requirements MOST cost-effectively?Read More →

A company hosts its primary API on AWS by using an Amazon API Gateway API and AWS Lambda functions that contain the logic for the API methods.The company’s internal applications use the API for core functionality and business logic.The company’s customers use the API to access data from their accounts.Several customers also have access to a legacy API that is running on a single standalone Amazon EC2 instance.The company wants to increase the security for these APIs to better prevent denial of service (DoS) attacks, check for vulnerabilities, and guard against common exploits.What should a solutions architect do to meet these requirements?Read More →

A company is planning to set up a REST API application on AWS.The application team wants to set up a new identity store on AWS.The IT team does not want to maintain any infrastructure or servers for this deployment.What is the MOST operationally efficient solution that meets these requirements?Read More →

A company has deployed applications to thousands of Amazon EC2 instances in an AWS account.A security audit discovers that several unencrypted Amazon Elastic Block Store (Amazon EBS) volumes are attached to the EC2 instances.The company’s security policy requires the EBS volumes to be encrypted.The company needs to implement an automated solution to encrypt the EBS volumes.The solution also must prevent development teams from creating unencrypted EBS volumes.Which solution will meet these requirements?Read More →

You want to use AWS CodeDeploy to deploy an application to Amazon EC2 instances running within an Amazon Virtual Private Cloud (VPC).What criterion must be met for this to be possible?Read More →

A company is migrating its on-premises IoT platform to AWS.The platform consists of the following components:• A MongoDB cluster as a data store for all collected and processed IoT data.• An application that uses Message Queuing Telemetry Transport (MQTT) to connect to IoT devices every 5 minutes to collect data.• An application that runs jobs periodically to generate reports from the IoT data.The jobs take 120-600 seconds to finish running.• A web application that runs on a web server.End users use the web application to generate reports that are accessible to the general public.The company needs to migrate the platform to AWS to reduce operational overhead while maintaining performance.Which combination of steps will meet these requirements with the LEAST operational overhead? (Choose three.)Read More →

By default, Amazon Cognito maintains the last-written version of the data.You can override this behavior and resolve data conflicts programmatically.In addition, push synchronization allows you to use Amazon Cognito to send a silent notification to all devices associated with an identity to notify them that new data is available.Read More →

A utility company wants to collect usage data every 5 minutes from its smart meters to facilitate time-of-use metering.When a meter sends data to AWS, the data is sent to Amazon API Gateway, processed by an AWS Lambda function.and stored in an Amazon DynamoDB table.During the pilot phase, the Lambda functions took from 3 to 5 seconds to complete.As more smart meters are deployed, the engineers notice the Lambda functions are taking from 1 to 2 minutes to complete.The functions are also increasing in duration as new types of metrics are collected from the devices.There are many ProvisionedThroughputExceededException errors while performing PUT operations on DynamoDB, and there are also many TooManyRequestsException errors from Lambda.Which combination of changes will resolve these issues? (Choose two.)Read More →