AWS-Solution-Architect-Associate Exam
Ideas to aws solution architect associate certification
Master the aws solution architect associate dumps AWS Certified Solutions Architect - Associate content and be ready for exam day success quickly with this Actualtests aws solution architect associate questions free question. We guarantee it!We make it a reality and give you real aws solution architect associate exam dumps questions in our Amazon aws solution architect associate dumps braindumps.Latest 100% VALID Amazon aws solution architect associate questions Exam Questions Dumps at below page. You can use our Amazon aws solution architect associate certification braindumps and pass your exam.
Q221. A read only news reporting site with a combined web and application tier and a database tier that receives large and unpredictable traffic demands must be able to respond to these traffic fluctuations automatically. What AWS services should be used meet these requirements?
A. Stateless instances for the web and application tier synchronized using Elasticache Memcached in an autoscaimg group monitored with CIoudWatch. And RDSwith read replicas.
B. Stateful instances for the web and application tier in an autoscaling group monitored with CIoudWatch and RDS with read replicas.
C. Stateful instances for the web and application tier in an autoscaling group monitored with CIoudWatch. And multi-AZ RDS.
D. Stateless instances for the web and application tier synchronized using EIastiCache Memcached in an autoscaling group monitored with CIoudWatch and multi-AZ RDS.
Answer: A
Q222. Before I delete an EBS volume, what can I do if I want to recreate the volume later?
A. Create a copy of the EBS volume (not a snapshot)
B. Store a snapshot of the volume
C. Download the content to an EC2 instance
D. Back up the data in to a physical disk
Answer: B
Q223. If I modify a DB Instance or the DB parameter group associated with the instance, should I reboot the instance for the changes to take effect?
A. No
B. Yes
Answer: B
Q224. How can you apply more than 100 rules to an Amazon EC2-Classic?
A. By adding more security groups
B. You need to create a default security group specifying your required rules if you need to use more than 100 rules per security group.
C. By default the Amazon EC2 security groups support 500 rules.
D. You can't add more than 100 rules to security groups for an Amazon EC2 instance.
Answer: D
Explanation:
In EC2-Classic, you can associate an instance with up to 500 security groups and add up to 100 rules to a security group.
Reference: http://docs.amazonwebservices.com/AWSEC2/latest/UserGuide/using-network-security.htmI
Q225. An administrator is using Amazon CIoudFormation to deploy a three tier web application that consists of a web tier and application tier that will utilize Amazon DynamoDB for storage when creating the CIoudFormation template which of the following would allow the application instance access to the DynamoDB tables without exposing API credentials?
A. Create an Identity and Access Management Role that has the required permissions to read and write from the required DynamoDB table and associate the Role to the application instances by referencing an instance profile.
B. Use the Parameter section in the Cloud Formation template to nave the user input Access and Secret Keys from an already created IAM user that has me permissions required to read and write from the required DynamoDB table.
C. Create an Identity and Access Management Role that has the required permissions to read and write from the required DynamoDB table and reference the Role in the instance profile property of the application instance.
D. Create an identity and Access Management user in the CIoudFormation template that has permissions to read and write from the required DynamoDB table, use the GetAtt function to retrieve the Access and secret keys and pass them to the application instance through user-data.
Answer: C
Q226. A client needs you to import some existing infrastructure from a dedicated hosting provider to AWS to try and save on the cost of running his current website. He also needs an automated process that manages backups, software patching, automatic failure detection, and recovery. You are aware that his existing set up currently uses an Oracle database. Which of the following AWS databases would be best for accomplishing this task?
A. Amazon RDS
B. Amazon Redshift
C. Amazon SimpIeDB
D. Amazon EIastiCache
Answer: A
Explanation:
Amazon RDS gives you access to the capabilities of a familiar MySQL, Oracle, SQL Server, or PostgreSQL database engine. This means that the code, applications, and tools you already use today with your existing databases can be used with Amazon RDS. Amazon RDS automatically patches the database software and backs up your database, storing the backups for a user-defined retention period and enabling point-in-time recovery.
Reference: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Welcome.html
Q227. You are designing the network infrastructure for an application sewer in Amazon VPC Users will access all the application instances from the Internet as well as from an on-premises network The on-premises network is connected to your VPC over an AWS Direct Connect link.
How would you design routing to meet the above requirements?
A. Configure a single routing Table with a default route via the Internet gateway Propagate a default route via BGP on the AWS Direct Connect customer router. Associate the routing table with all VPC subnets.
B. Configure a single routing table with a default route via the internet gateway Propagate specific routes for the on-premises networks via BGP on the AWS Direct Connect customer router Associate the routing table with all VPC subnets.
C. Configure a single routing table with two default routes: one to the inte rnet via an Internet gateway the other to the on-premises network via the VPN gateway use this routing table across all subnets in your VPC,
D. Configure two routing tables one that has a default route via the Internet gateway and another that has a default route via the VPN gateway Associate both routing tables with each VPC subnet.
Answer: A
Q228. Your company has been storing a lot of data in Amazon Glacier and has asked for an inventory of what is in there exactly. So you have decided that you need to download a vault inventory. Which of the following statements is incorrect in relation to Vault Operations in Amazon Glacier?
A. You can use Amazon Simple Notification Service (Amazon SNS) notifications to notify you when the job completes.
B. A vault inventory refers to the list of archives in a vault.
C. You can use Amazon Simple Queue Service (Amazon SQS) notifications to notify you when the job completes.
D. Downloading a vault inventory is an asynchronous operation.
Answer: C
Explanation:
Amazon Glacier supports various vault operations.
A vault inventory refers to the list of archives in a vault. For each archive in the list, the inventory provides archive information such as archive ID, creation date, and size. Amazon Glacier updates the vault inventory approximately once a day, starting on the day the first archive is uploaded to the vault. A vault inventory must exist for you to be able to download it.
Downloading a vault inventory is an asynchronous operation. You must first initiate a job to download the inventory. After receMng the job request, Amazon Glacier prepares your inventory for download. After the job completes, you can download the inventory data.
Given the asynchronous nature of the job, you can use Amazon Simple Notification Service (Amazon SNS) notifications to notify you when the job completes. You can specify an Amazon SNS topic for each indMdual job request or configure your vault to send a notification when specific vault events occur. Amazon Glacier prepares an inventory for each vault periodically, every 24 hours. If there have been no archive additions or deletions to the vault since the last inventory, the inventory date is not updated. When you initiate a job for a vault inventory, Amazon Glacier returns the last inventory it generated, which is a point-in-time snapshot and not real-time data. You might not find it useful to retrieve vault inventory for each archive upload. However, suppose you maintain a database on the client-side associating metadata about the archives you upload to Amazon Glacier. Then, you might find the vault inventory useful to reconcile information in your database with the actual vault inventory.
Reference: http://docs.aws.amazon.com/amazongIacier/latest/dev/working-with-vaults.html
Q229. How many Elastic IP by default in Amazon Account?
A. 1 Elastic IP
B. 3 Elastic IP
C. 5 Elastic IP
D. 0 Elastic IP
Answer: D
Q230. Can you encrypt EBS volumes?
A. Yes, you can enable encryption when you create a new EBS volume using the AWS Management Console, API, or CLI.
B. No, you should use a third-party software to perform raw block-level encryption of an EBS volume.
C. Yes, but you must use a third-party API for encrypting data before it's loaded on EBS.
D. Yes, you can encrypt with the special "ebs_encrypt" command through Amazon APIs.
Answer: A
Explanation:
With Amazon EBS encryption, you can now create an encrypted EBS volume and attach it to a supported instance type. Data on the volume, disk I/O, and snapshots created from the volume are then all encrypted. The encryption occurs on the servers that host the EC2 instances, providing encryption of data as it moves between EC2 instances and EBS storage. EBS encryption is based on the industry standard AES-256 cryptographic algorithm.
To get started, simply enable encryption when you create a new EBS volume using the AWS Management Console, API, or CLI. Amazon EBS encryption is available for all the latest EC2 instances in all commercially available AWS regions.
Reference:
https://aws.amazon.com/about-aws/whats-new/2014/05/21/Amazon-EBS-encryption-now-avai|abIe/