Free AWS-SOLUTIONS-ARCHITECT-PROFESSIONAL Exam Braindumps (page: 42)

Page 42 of 134

A company is running a web application in a VPC. The web application runs on a group of Amazon EC2 instances behind an Application Load Balancer (ALB). The ALB is using AWS WAF.

An external customer needs to connect to the web application. The company must provide IP addresses to all external customers.

Which solution will meet these requirements with the LEAST operational overhead?

  1. Replace the ALB with a Network Load Balancer (NLB). Assign an Elastic IP address to the NLB.
  2. Allocate an Elastic IP address. Assign the Elastic IP address to the ALProvide the Elastic IP address to the customer.
  3. Create an AWS Global Accelerator standard accelerator. Specify the ALB as the accelerator's endpoint. Provide the accelerator's IP addresses to the customer.
  4. Configure an Amazon CloudFront distribution. Set the ALB as the origin. Ping the distribution's DNS name to determine the distribution's public IP address. Provide the IP address to the customer.

Answer(s): C

Explanation:

C) Create an AWS Global Accelerator standard accelerator. Specify the ALB as the accelerator's endpoint. Provide the accelerator's IP addresses to the customer.
1.IP Address Provisioning: AWS Global Accelerator provides static IP addresses that can be used by clients to connect to the application. This eliminates the need for clients to change IP addresses if the underlying infrastructure changes.
2.Load Balancing: By specifying the ALB as the endpoint for the Global Accelerator, it maintains the load balancing functionality while directing traffic efficiently to the application instances.
3.High Availability and Performance: Global Accelerator automatically routes traffic to the optimal endpoint based on performance, health, and routing policies, ensuring low latency and high availability.
4.Least Operational Overhead: Once set up, the Global Accelerator requires minimal ongoing management, making it a low-overhead solution for providing stable IP addresses to external customers.



A company has a few AWS accounts for development and wants to move its production application to AWS. The company needs to enforce Amazon Elastic Block Store (Amazon EBS) encryption at rest current production accounts and future production accounts only. The company needs a solution that includes built-in blueprints and guardrails.

Which combination of steps will meet these requirements? (Choose three.)

  1. Use AWS CloudFormation StackSets to deploy AWS Config rules on production accounts.
  2. Create a new AWS Control Tower landing zone in an existing developer account. Create OUs for accounts. Add production and development accounts to production and development OUs, respectively.
  3. Create a new AWS Control Tower landing zone in the company’s management account. Add production and development accounts to production and development OUs. respectively.
  4. Invite existing accounts to join the organization in AWS Organizations. Create SCPs to ensure compliance.
  5. Create a guardrail from the management account to detect EBS encryption.
  6. Create a guardrail for the production OU to detect EBS encryption.

Answer(s): C,D,F

Explanation:

C) Create a new AWS Control Tower landing zone in the company’s management account. Add production and development accounts to production and development OUs, respectively.
-Landing Zone Setup: Setting up a Control Tower landing zone in the management account establishes a governance framework for managing multiple AWS accounts and provides built-in guardrails.
D) Invite existing accounts to join the organization in AWS Organizations. Create SCPs to ensure compliance.
-Account Management: Inviting existing accounts to join ensures they are managed under the organization's governance model. Service Control Policies (SCPs) can be used to enforce compliance with EBS encryption at rest.
F) Create a guardrail for the production OU to detect EBS encryption.
-Guardrail Implementation: Guardrails in AWS Control Tower help enforce best practices and compliance. Creating a specific guardrail for the production OU will ensure that EBS encryption is enforced for all production accounts automatically.
These steps provide a comprehensive solution to enforce EBS encryption at rest while leveraging AWS Control Tower’s capabilities for governance and compliance.



A company is running a critical stateful web application on two Linux Amazon EC2 instances behind an Application Load Balancer (ALB) with an Amazon RDS for MySQL database. The company hosts the DNS records for the application in Amazon Route 53. A solutions architect must recommend a solution to improve the resiliency of the application.

The solution must meet the following objectives:

•Application tier: RPO of 2 minutes. RTO of 30 minutes
•Database tier: RPO of 5 minutes. RTO of 30 minutes

The company does not want to make significant changes to the existing application architecture. The company must ensure optimal latency after a failover.

Which solution will meet these requirements?

  1. Configure the EC2 instances to use AWS Elastic Disaster Recovery. Create a cross-Region read replica for the RDS DB instance. Create an ALB in a second AWS Region. Create an AWS Global Accelerator endpoint, and associate the endpoint with the ALBs. Update DNS records to point to the Global Accelerator endpoint.
  2. Configure the EC2 instances to use Amazon Data Lifecycle Manager (Amazon DLM) to take snapshots of the EBS volumes. Configure RDS automated backups. Configure backup replication to a second AWS Region. Create an ALB in the second Region. Create an AWS Global Accelerator endpoint, and associate the endpoint with the ALBs. Update DNS records to point to the Global Accelerator endpoint.
  3. Create a backup plan in AWS Backup for the EC2 instances and RDS DB instance. Configure backup replication to a second AWS Region. Create an ALB in the second Region. Configure an Amazon CloudFront distribution in front of the ALB. Update DNS records to point to CloudFront.
  4. Configure the EC2 instances to use Amazon Data Lifecycle Manager (Amazon DLM) to take snapshots of the EBS volumes. Create a cross-Region read replica for the RDS DB instance. Create an ALB in a second AWS Region. Create an AWS Global Accelerator endpoint, and associate the endpoint with the ALBs.

Answer(s): A

Explanation:

A) Configure the EC2 instances to use AWS Elastic Disaster Recovery. Create a cross-Region read replica for the RDS DB instance. Create an ALB in a second AWS Region. Create an AWS Global Accelerator endpoint, and associate the endpoint with the ALBs. Update DNS records to point to the Global Accelerator endpoint.
-AWS Elastic Disaster Recovery: This service provides continuous replication of the EC2 instances to a second region, ensuring a low RPO (Recovery Point Objective) and facilitating quick recovery.
-Cross-Region Read Replica for RDS: This setup helps achieve the required RPO and ensures that the database can be quickly promoted to a master if the primary fails.
-Global Accelerator: By routing traffic through Global Accelerator, you can direct users to the closest healthy region, reducing latency during failover scenarios and ensuring optimal performance after a disaster.
This solution aligns with the company's requirements for RPO and RTO while minimizing changes to the existing architecture.



A solutions architect wants to cost-optimize and appropriately size Amazon EC2 instances in a single AWS account. The solutions architect wants to ensure that the instances are optimized based on CPU, memory, and network metrics.

Which combination of steps should the solutions architect take to meet these requirements? (Choose two.)

  1. Purchase AWS Business Support or AWS Enterprise Support for the account.
  2. Turn on AWS Trusted Advisor and review any “Low Utilization Amazon EC2 Instances” recommendations.
  3. Install the Amazon CloudWatch agent and configure memory metric collection on the EC2 instances.
  4. Configure AWS Compute Optimizer in the AWS account to receive findings and optimization recommendations.
  5. Create an EC2 Instance Savings Plan for the AWS Regions, instance families, and operating systems of interest.

Answer(s): C,D

Explanation:

C) Install the Amazon CloudWatch agent and configure memory metric collection on the EC2 instances.
-By installing the CloudWatch agent, you can gather detailed metrics about memory usage, which is not available by default. This allows for a comprehensive analysis of instance performance, including CPU, memory, and network utilization.
D) Configure AWS Compute Optimizer in the AWS account to receive findings and optimization recommendations.
-AWS Compute Optimizer analyzes your historical utilization data and provides recommendations for optimal instance types based on your actual resource usage patterns. This helps in resizing instances to match workload requirements effectively.
These two steps will allow the solutions architect to gather detailed utilization data and obtain actionable recommendations for cost optimization and proper sizing of EC2 instances.



Page 42 of 134



Post your Comments and Discuss Amazon AWS-SOLUTIONS-ARCHITECT-PROFESSIONAL exam with other Community members:

Zak commented on June 28, 2024
@AppleKid, I manged to pass this exam after failing once. Do not set for your exam without memorizing these questions. These are what you will see in the real exam.
Anonymous
upvote

Apple Kid commented on June 26, 2024
Did anyone gave exam recently and tell if these are good?
Anonymous
upvote

Captain commented on June 26, 2024
This is so helpful
Anonymous
upvote

udaya commented on April 25, 2024
stulll learning and seem to be questions are helpful
Anonymous
upvote

Jerry commented on February 18, 2024
very good for exam !!!!
HONG KONG
upvote

AWS-Guy commented on February 16, 2024
Precise and to the point. I aced this exam and now going for the next exam. Very great full to this site and it's wonderful content.
CANADA
upvote

Jerry commented on February 12, 2024
very good exam stuff
HONG KONG
upvote

travis head commented on November 16, 2023
I gave the Amazon SAP-C02 tests and prepared from this site as it has latest mock tests available which helped me evaluate my performance and score 919/1000
Anonymous
upvote

Weed Flipper commented on October 07, 2020
This is good stuff man.
CANADA
upvote

IT-Guy commented on September 29, 2020
Xengine software is good and free. Too bad it is only in English and no support for French.
FRANCE
upvote

pema commented on August 30, 2019
Can I have the latest version of this exam?
GERMANY
upvote

MrSimha commented on February 23, 2019
Thank you
Anonymous
upvote

Phil C. commented on November 12, 2018
To soon to tell, but I will be back to post a review after my exam.
Anonymous
upvote

MD EJAZ ALI TANWIR commented on August 20, 2017
This is valid dump in US. Thank you guys for providing this.
UNITED STATES
upvote

flypig commented on June 02, 2017
The Braindumps will short my ready time for this exam!
CHINA
upvote