Free AWS-Solution-Architect-Associate Exam Braindumps

- (Exam Topic 3)
A company is building a solution that will report Amazon EC2 Auto Scaling events across all the applications in an AWS account. The company needs to use a serverless solution to store the EC2 Auto Scaling status data in Amazon S3. The company then will use the data in Amazon S3 to provide near-real-time updates in a dashboard. The solution must not affect the speed of EC2 instance launches.
How should the company move the data to Amazon S3 to meet these requirements?

1. A. Use an Amazon CloudWatch metric stream to send the EC2 Auto Scaling status data to Amazon Kinesis Data Firehos
2. B. Store the data in Amazon S3.
3. C. Launch an Amazon EMR cluster to collect the EC2 Auto Scaling status data and send the data to Amazon Kinesis Data Firehos
4. D. Store the data in Amazon S3.
5. E. Create an Amazon EventBridge rule to invoke an AWS Lambda function on a schedul
6. F. Configure the Lambda function to send the EC2 Auto Scaling status data directly to Amazon S3.
7. G. Use a bootstrap script during the launch of an EC2 instance to install Amazon Kinesis Agen
8. H. Configure Kinesis Agent to collect the EC2 Auto Scaling status data and send the data to Amazon Kinesis Data Firehos
9. I. Store the data in Amazon S3.

Correct Answer: A
You can use metric streams to continually stream CloudWatch metrics to a destination of your choice, with near-real-time delivery and low latency. One of the use cases is Data Lake: create a metric stream and direct it to an Amazon Kinesis Data Firehose delivery stream that delivers your CloudWatch metrics to a data lake such as Amazon S3.
https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Metric-Streams.html

- (Exam Topic 3)
A company is reviewing a recent migration of a three-tier application to a VPC. The security team discovers that the principle of least privilege is not being applied to Amazon EC2 security group ingress and egress rules between the application tiers.
What should a solutions architect do to correct this issue?

1. A. Create security group rules using the instance ID as the source or destination.
2. B. Create security group rules using the security group ID as the source or destination.
3. C. Create security group rules using the VPC CIDR blocks as the source or destination.
4. D. Create security group rules using the subnet CIDR blocks as the source or destination.

Correct Answer: B
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules.html

- (Exam Topic 2)
A company runs an Oracle database on premises. As part of the company’s migration to AWS, the company wants to upgrade the database to the most recent available version. The company also wants to set up disaster recovery (DR) for the database. The company needs to minimize the operational overhead for normal operations and DR setup. The company also needs to maintain access to the database's underlying operating system.
Which solution will meet these requirements?

1. A. Migrate the Oracle database to an Amazon EC2 instanc
2. B. Set up database replication to a different AWS Region.
3. C. Migrate the Oracle database to Amazon RDS for Oracl
4. D. Activate Cross-Region automated backups to replicate the snapshots to another AWS Region.
5. E. Migrate the Oracle database to Amazon RDS Custom for Oracl
6. F. Create a read replica for the database in another AWS Region.
7. G. Migrate the Oracle database to Amazon RDS for Oracl
8. H. Create a standby database in another Availability Zone.

Correct Answer: C
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-custom.html and https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/working-with-custom-oracle.html

- (Exam Topic 3)
A company is hosting a web application from an Amazon S3 bucket. The application uses Amazon Cognito as an identity provider lo authenticate users and return a JSON Web Token (JWT) that provides access to protected resources that am restored in another S3 bucket.
Upon deployment of the application, users report errors and are unable to access the protected content. A solutions architect must resolve this issue by providing proper permissions so that users can access the protected content.
Which solution meets these requirements?

1. A. Update the Amazon Cognito identity pool to assume the proper IAM role for access to the protected consent.
2. B. Update the S3 ACL to allow the application to access the protected content
3. C. Redeploy the application to Amazon 33 to prevent eventually consistent reads m the S3 bucket from affecting the ability of users to access the protected content.
4. D. Update the Amazon Cognito pool to use custom attribute mappings within tie Identity pool and grant users the proper permissions to access the protected content

Correct Answer: B

- (Exam Topic 3)
A company collects data from a large number of participants who use wearabledevices.The company stores the data in an Amazon DynamoDB table and uses applications to analyze the data. The data workload is constant and predictable. The company wants to stay at or below its forecasted budget for DynamoDB.
Whihc solution will meet these requirements MOST cost-effectively?

1. A. Use provisioned mode and DynamoDB Standard-Infrequent Access (DynamoDB Standard-IA). Reserve capacity for the forecasted workload.
2. B. Use provisioned mode Specify the read capacity units (RCUs) and write capacity units (WCUs).
3. C. Use on-demand mod
4. D. Set the read capacity unite (RCUs) and write capacity units (WCUs) high enough to accommodate changes in the workload.
5. E. Use on-demand mod
6. F. Specify the read capacity units (RCUs) and write capacity units (WCUs) with reserved capacity.

Correct Answer: C