Practice Exams:

Free AWS-Certified-Solutions-Architect-Professional Exam Braindumps

Pass your Amazon AWS Certified Solutions Architect Professional exam with these free Questions and Answers

Page 3 of 60
PDF with 300 Questions
QUESTION 6

- (Exam Topic 2)
A company is hosting a monolithic REST-based API for a mobile app on five Amazon EC2 instances in public subnets of a VPC. Mobile clients connect to the API by using a domain name that is hosted on Amazon Route 53. The company has created a Route 53 multivalue answer routing policy with the IP addresses of all the EC2 instances. Recently, the app has been overwhelmed by large and sudden increases to traffic. The app has not been able to keep up with the traffic.
A solutions architect needs to implement a solution so that the app can handle the new and varying load. Which solution will meet these requirements with the LEAST operational overhead?

  1. A. Separate the API into individual AWS Lambda function
  2. B. Configure an Amazon API Gateway REST API with Lambda integration for the backen
  3. C. Update the Route 53 record to point to the API Gateway API.
  4. D. Containerize the API logi
  5. E. Create an Amazon Elastic Kubernetes Service (Amazon EKS) cluste
  6. F. Run the containers in the cluster by using Amazon EC2. Create a Kubernetes ingres
  7. G. Update the Route 53 record to point to the Kubernetes ingress.
  8. H. Create an Auto Scaling grou
  9. I. Place all the EC2 instances in the Auto Scaling grou
  10. J. Configure the Auto Scaling group to perform scaling actions that are based on CPU utilizatio
  11. K. Create an AWS Lambda function that reacts to Auto Scaling group changes and updates the Route 53 record.
  12. L. Create an Application Load Balancer (ALB) in front of the AP
  13. M. Move the EC2 instances to private subnets in the VP
  14. N. Add the EC2 instances as targets for the AL
  15. O. Update the Route 53 record to point to the ALB.

Correct Answer: A

QUESTION 7

- (Exam Topic 1)
A company is running a traditional web application on Amazon EC2 instances. The company needs to refactor the application as microservices that run on containers. Separate versions of the application exist in two distinct environments: production and testing. Load for the application is variable, but the minimum load and the maximum load are known. A solutions architect needs to design the updated application with a serverless architecture that minimizes operational complexity.
Which solution will meet these requirements MOST cost-effectively?

  1. A. Upload the container images to AWS Lambda as function
  2. B. Configure a concurrency limit for the associated Lambda functions to handle the expected peak loa
  3. C. Configure two separate Lambda integrations within Amazon API Gateway: one for production and one for testing.
  4. D. Upload the container images to Amazon Elastic Container Registry (Amazon ECR). Configure two auto scaled Amazon Elastic Container Service (Amazon ECS) clusters with the Fargate launch type to handle the expected loa
  5. E. Deploy tasks from the ECR image
  6. F. Configure two separate Application Load Balancers to direct traffic to the ECS clusters.
  7. G. Upload the container images to Amazon Elastic Container Registry (Amazon ECR). Configure two auto scaled Amazon Elastic Kubernetes Service (Amazon EKS) clusters with the Fargate launch type to handle the expected loa
  8. H. Deploy tasks from the ECR image
  9. I. Configure two separate Application Load Balancers to direct traffic to the EKS clusters.
  10. J. Upload the container images to AWS Elastic Beanstal
  11. K. In Elastic Beanstalk, create separate environments and deployments for production and testin
  12. L. Configure two separate Application Load Balancers to direct traffic to the Elastic Beanstalk deployments.

Correct Answer: D
minimizes operational + microservices that run on containers = AWS Elastic Beanstalk

QUESTION 8

- (Exam Topic 2)
A company's security compliance requirements state that all Amazon EC2 images must be scanned for vulnerabilities and must pass a CVE assessment A solutions architect is developing a mechanism to create security-approved AMIs that can be used by developers Any new AMIs should go through an automated assessment process and be marked as approved before developers can use them The approved images must be scanned every 30 days to ensure compliance
Which combination of steps should the solutions architect take to meet these requirements while following best practices'? (Select TWO )

  1. A. Use the AWS Systems Manager EC2 agent to run the CVE assessment on the EC2 instances launched from the AMIs that need to be scanned
  2. B. Use AWS Lambda to write automatic approval rules Store the approved AMI list in AWS Systems Manager Parameter Store Use Amazon EventBridge to trigger an AWS Systems Manager Automation document on all EC2 instances every 30 days.
  3. C. Use Amazon Inspector to run the CVE assessment on the EC2 instances launched from the AMIs that need to be scanned
  4. D. Use AWS Lambda to write automatic approval rules Store the approved AMI list in AWS Systems Manager Parameter Store Use a managed AWS Config rule for continuous scanning on all EC2 instances, and use AWS Systems Manager Automation documents for remediation
  5. E. Use AWS CloudTrail to run the CVE assessment on the EC2 instances launched from the AMIs that need to be scanned

Correct Answer: BC

QUESTION 9

- (Exam Topic 1)
A company is providing weather data over a REST-based API to several customers. The API is hosted by Amazon API Gateway and is integrated with different AWS Lambda functions for each API operation. The company uses Amazon Route 53 for DNS and has created a resource record of weather.example.com. The company stores data for the API in Amazon DynamoDB tables. The company needs a solution that will give the API the ability to fail over to a different AWS Region.
Which solution will meet these requirements?

  1. A. Deploy a new set of Lambda functions in a new Regio
  2. B. Update the API Gateway API to use an edge-optimized API endpoint with Lambda functions from both Regions as target
  3. C. Convert the DynamoDB tables to global tables.
  4. D. Deploy a new API Gateway API and Lambda functions in another Regio
  5. E. Change the Route 53 DNS record to a multivalue answe
  6. F. Add both API Gateway APIs to the answe
  7. G. Enable target health monitorin
  8. H. Convert the DynamoDB tables to global tables.
  9. I. Deploy a new API Gateway API and Lambda functions in another Regio
  10. J. Change the Route 53 DNS record to a failover recor
  11. K. Enable target health monitorin
  12. L. Convert the DynamoDB tables to global tables.
  13. M. Deploy a new API Gateway API in a new Regio
  14. N. Change the Lambda functions to global functions.Change the Route 53 DNS record to a multivalue answe
  15. O. Add both API Gateway APIs to the answe
  16. P. Enable target health monitorin
  17. Q. Convert the DynamoDB tables to global tables.

Correct Answer: C
https://docs.aws.amazon.com/apigateway/latest/developerguide/dns-failover.html

QUESTION 10

- (Exam Topic 1)
A solutions architect is designing a network for a new cloud deployment. Each account will need autonomy to modify route tables and make changes. Centralized and controlled egress internet connectivity is also needed. The cloud footprint is expected to grow to thousands of AWS accounts.
Which architecture will meet these requirements?

  1. A. A centralized transit VPC with a VPN connection to a standalone VPC in each accoun
  2. B. Outbound internet traffic will be controlled by firewall appliances.
  3. C. A centralized shared VPC with a subnet for each accoun
  4. D. Outbound internet traffic will controlled through a fleet of proxy servers.
  5. E. A shared services VPC to host central assets to include a fleet of firewalls with a route to the internet.Each spoke VPC will peer to the central VPC.
  6. F. A shared transit gateway to which each VPC will be attache
  7. G. Outbound internet access will route through a fleet of VPN-attached firewalls.

Correct Answer: D
https://docs.aws.amazon.com/whitepapers/latest/building-scalable-secure-multi-vpc-network-infrastructure/centr https://docs.aws.amazon.com/whitepapers/latest/building-scalable-secure-multi-vpc-network-infrastructure/centr
AWS Transit Gateway helps you design and implement networks at scale by acting as a cloud router. As your network grows, the complexity of managing incremental connections can slow you down. AWS Transit Gateway connects VPCs and on-premises networks through a central hub. This simplifies your network and puts an end to complex peering relationships -- each new connection is only made once.

Page 3 of 60
PDF with 300 Questions

Post your Comments and Discuss Amazon AWS-Certified-Solutions-Architect-Professional exam with other Community members: