Free preview mode
Enjoy the free questions and consider upgrading to gain full access!
AWS Certified Solutions Architect - Professional
Free trial
Verified
Question 176
In Amazon Cognito what is a silent push notification?
- A: It is a push message that is received by your application on a user's device that will not be seen by the user.
- B: It is a push message that is received by your application on a user's device that will return the user's geolocation.
- C: It is a push message that is received by your application on a user's device that will not be heard by the user.
- D: It is a push message that is received by your application on a user's device that will return the user's authentication credentials.
Question 177
Your company is storing millions of sensitive transactions across thousands of 100-GB files that must be encrypted in transit and at rest. Analysts concurrently depend on subsets of files, which can consume up to 5 TB of space, to generate simulations that can be used to steer business decisions.
You are required to design an AWS solution that can cost effectively accommodate the long-term storage and in-flight subsets of data.
Which approach can satisfy these objectives?
- A: Use Amazon Simple Storage Service (S3) with server-side encryption, and run simulations on subsets in ephemeral drives on Amazon EC2.
- B: Use Amazon S3 with server-side encryption, and run simulations on subsets in-memory on Amazon EC2.
- C: Use HDFS on Amazon EMR, and run simulations on subsets in ephemeral drives on Amazon EC2.
- D: Use HDFS on Amazon Elastic MapReduce (EMR), and run simulations on subsets in-memory on Amazon Elastic Compute Cloud (EC2).
- E: Store the full data set in encrypted Amazon Elastic Block Store (EBS) volumes, and regularly capture snapshots that can be cloned to EC2 workstations.
Question 178
When using Numeric Conditions within IAM, short versions of the available comparators can be used instead of the more verbose versions.
Which of the following is the short version of the Numeric Condition "NumericLessThanEquals"?
- A: numlteq
- B: numlteql
- C: numltequals
- D: numeql
Question 179
AWS has launched T2 instances which come with CPU usage credit. An organization has a requirement which keeps an instance running for 24 hours. However, the organization has high usage only during 11 AM to 12 PM. The organization is planning to use a T2 small instance for this purpose.
If the organization already has multiple instances running since Jan 2012, which of the below mentioned options should the organization implement while launching a T2 instance?
- A: The organization must migrate to the EC2-VPC platform first before launching a T2 instance.
- B: While launching a T2 instance the organization must create a new AWS account as this account does not have the EC2-VPC platform.
- C: Create a VPC and launch a T2 instance as part of one of the subnets of that VPC.
- D: While launching a T2 instance the organization must select EC2-VPC as the platform.
Question 180
How does AWS Data Pipeline execute activities on on-premise resources or AWS resources that you manage?
- A: By supplying a Task Runner package that can be installed on your on-premise hosts
- B: None of these
- C: By supplying a Task Runner file that the resources can access for execution
- D: By supplying a Task Runner json script that can be installed on your on-premise hosts
Question 181
Which of following IAM policy elements lets you specify an exception to a list of actions?
- A: NotException
- B: ExceptionAction
- C: Exception
- D: NotAction
Question 182
In AWS IAM, which of the following predefined policy condition keys checks how long ago (in seconds) the MFA-validated security credentials making the request were issued using multi- factor authentication (MFA)?
- A: aws:MultiFactorAuthAge
- B: aws:MultiFactorAuthLast
- C: aws:MFAAge
- D: aws:MultiFactorAuthPrevious
Question 183
A user is configuring MySQL RDS with PIOPS. What should be the minimum PIOPS that the user should provision?
- A: 1000
- B: 200
- C: 2000
- D: 500
Question 184
You are setting up some EBS volumes for a customer who has requested a setup which includes a RAID (redundant array of inexpensive disks). AWS has some recommendations for RAID setups.
Which RAID setup is not recommended for Amazon EBS?
- A: RAID 1 only
- B: RAID 5 only
- C: RAID 5 and RAID 6
- D: RAID 0 only
Question 185
Once the user has set ElastiCache for an application and it is up and running, which services, does Amazon not provide for the user:
- A: The ability for client programs to automatically identify all of the nodes in a cache cluster, and to initiate and maintain connections to all of these nodes
- B: Automating common administrative tasks such as failure detection and recovery, and software patching.
- C: Providing default Time to Live (TTL) in the AWS Elasticache Redis Implementation for different type of data.
- D: Providing detailed monitoring metrics associated with your Cache Nodes, enabling you to diagnose and react to issues very quickly
Question 186
In the context of AWS Cloud Hardware Security Module(HSM), does your application need to reside in the same VPC as the CloudHSM instance?
- A: No, but the server or instance on which your application and the HSM client is running must have network (IP) reachability to the HSM.
- B: Yes, always
- C: No, but they must reside in the same Availability Zone.
- D: No, but it should reside in same Availability Zone as the DB instance.
Question 187
True or False: In Amazon ElastiCache, you can use Cache Security Groups to configure the cache clusters that are part of a VPC.
- A: FALSE
- B: TRUE
- C: True, this is applicable only to cache clusters that are running in an Amazon VPC environment.
- D: True, but only when you configure the cache clusters using the Cache Security Groups from the console navigation pane.
Question 188
Your customer is willing to consolidate their log streams (access logs, application logs, security logs, etc.) in one single system. Once consolidated, the customer wants to analyze these logs in real time based on heuristics. From time to time, the customer needs to validate heuristics, which requires going back to data samples extracted from the last 12 hours.
What is the best approach to meet your customer's requirements?
- A: Send all the log events to Amazon SQS, setup an Auto Scaling group of EC2 servers to consume the logs and apply the heuristics.
- B: Send all the log events to Amazon Kinesis, develop a client process to apply heuristics on the logs
- C: Configure Amazon CloudTrail to receive custom logs, use EMR to apply heuristics the logs
- D: Setup an Auto Scaling group of EC2 syslogd servers, store the logs on S3, use EMR to apply heuristics on the logs
Question 189
What is the role of the PollForTask action when it is called by a task runner in AWS Data Pipeline?
- A: It is used to retrieve the pipeline definition.
- B: It is used to report the progress of the task runner to AWS Data Pipeline.
- C: It is used to receive a task to perform from AWS Data Pipeline.
- D: It is used to inform AWS Data Pipeline of the outcome when the task runner completes a task.
Question 190
What is the average queue length recommended by AWS to achieve a lower latency for the 200 PIOPS EBS volume?
- A: 5
- B: 1
- C: 2
- D: 4
Question 191
Who is responsible for modifying the routing tables and networking ACLs in a VPC to ensure that a DB instance is reachable from other instances in the VPC?
- A: AWS administrators
- B: The owner of the AWS account
- C: Amazon
- D: The DB engine vendor
Question 192
An organization is planning to host a web application in the AWS VPC. The organization does not want to host a database in the public cloud due to statutory requirements.
How can the organization setup in this scenario?
- A: The organization should plan the app server on the public subnet and database in the organization's data center and connect them with the VPN gateway.
- B: The organization should plan the app server on the public subnet and use RDS with the private subnet for a secure data operation.
- C: The organization should use the public subnet for the app server and use RDS with a storage gateway to access as well as sync the data securely from the local data center.
- D: The organization should plan the app server on the public subnet and database in a private subnet so it will not be in the public cloud.
Question 193
A user is trying to create a PIOPS EBS volume with 4000 IOPS and 100 GB size. AWS does not allow the user to create this volume.
What is the possible root cause for this?
- A: PIOPS is supported for EBS higher than 500 GB size
- B: The maximum IOPS supported by EBS is 3000
- C: The ratio between IOPS and the EBS volume is higher than 30
- D: The ratio between IOPS and the EBS volume is lower than 50
Question 194
A user is planning to host a Highly Available system on the AWS VPC. Which of the below mentioned statements is helpful in this scenario?
- A: Create VPC subnets in two separate availability zones and launch instances in different subnets.
- B: Create VPC with only one public subnet and launch instances in different AZs using that subnet.
- C: Create two VPCs in two separate zones and setup failover with ELB such that if one VPC fails it will divert traffic to another VPC.
- D: Create VPC with only one private subnet and launch instances in different AZs using that subnet.
Question 195
A user is creating a PIOPS volume. What is the maximum ratio the user should configure between PIOPS and the volume size?
- A: 5
- B: 10
- C: 20
- D: 30
Question 196
What is a possible reason you would need to edit claims issued in a SAML token?
- A: The NameIdentifier claim cannot be the same as the username stored in AD.
- B: Authentication fails consistently.
- C: The NameIdentifier claim cannot be the same as the claim URI.
- D: The NameIdentifier claim must be the same as the username stored in AD.
Question 197
A government client needs you to set up secure cryptographic key storage for some of their extremely confidential data. You decide that the AWS CloudHSM is the best service for this.
However, there seem to be a few pre-requisites before this can happen, one of those being a security group that has certain ports open.
Which of the following is correct in regards to those security groups?
- A: A security group that has no ports open to your network.
- B: A security group that has only port 3389 (for RDP) open to your network.
- C: A security group that has only port 22 (for SSH) open to your network.
- D: A security group that has port 22 (for SSH) or port 3389 (for RDP) open to your network.
Question 198
What is the network performance offered by the c4.8xlarge instance in Amazon EC2?
- A: Very High but variable
- B: 20 Gigabit
- C: 5 Gigabit
- D: 10 Gigabit
Question 199
A newspaper organization has an on-premises application which allows the public to search its back catalogue and retrieve individual newspaper pages via a website written in Java. They have scanned the old newspapers into JPEGs (approx 17TB) and used Optical Character Recognition (OCR) to populate a commercial search product. The hosting platform and software are now end of life and the organization wants to migrate its archive to AWS and produce a cost efficient architecture and still be designed for availability and durability.
Which is the most appropriate?
- A: Use S3 with reduced redundancy lo store and serve the scanned files, install the commercial search application on EC2 Instances and configure with auto- scaling and an Elastic Load Balancer.
- B: Model the environment using CloudFormation use an EC2 instance running Apache webserver and an open source search application, stripe multiple standard EBS volumes together to store the JPEGs and search index.
- C: Use S3 with standard redundancy to store and serve the scanned files, use CloudSearch for query processing, and use Elastic Beanstalk to host the website across multiple availability zones.
- D: Use a single-AZ RDS MySQL instance lo store the search index 33d the JPEG images use an EC2 instance to serve the website and translate user queries into SQL.
- E: Use a CloudFront download distribution to serve the JPEGs to the end users and Install the current commercial search product, along with a Java Container Tor the website on EC2 instances and use Route53 with DNS round-robin.
Question 200
An organization is setting up a web application with the JEE stack. The application uses the JBoss app server and MySQL DB. The application has a logging module which logs all the activities whenever a business function of the JEE application is called. The logging activity takes some time due to the large size of the log file.
If the application wants to setup a scalable infrastructure which of the below mentioned options will help achieve this setup?
- A: Host the log files on EBS with PIOPS which will have higher I/O.
- B: Host logging and the app server on separate servers such that they are both in the same zone.
- C: Host logging and the app server on the same instance so that the network latency will be shorter.
- D: Create a separate module for logging and using SQS compartmentalize the module such that all calls to logging are asynchronous.
Free preview mode
Enjoy the free questions and consider upgrading to gain full access!