CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Amazon
  5. SAP-C01

Free SAP-C01 Exam Braindumps (page: 71)

Page 71 of 134
PDF with 529 Questions

A company wants to send data from its on-premises systems to Amazon S3 buckets. The company created the S3 buckets in three different accounts. The company must send the data privately without the data traveling across the internet. The company has no existing dedicated connectivity to AWS.

Which combination of steps should a solutions architect take to meet these requirements? (Choose two.)

  1. Establish a networking account in the AWS Cloud. Create a private VPC in the networking account. Set up an AWS Direct Connect connection with a private VIF between the on-premises environment and the private VPC.
  2. Establish a networking account in the AWS Cloud. Create a private VPC in the networking account. Set up an AWS Direct Connect connection with a public VIF between the on-premises environment and the private VPC.
  3. Create an Amazon S3 interface endpoint in the networking account.
  4. Create an Amazon S3 gateway endpoint in the networking account.
  5. Establish a networking account in the AWS Cloud. Create a private VPC in the networking account. Peer VPCs from the accounts that host the S3 buckets with the VPC in the network account.

Answer(s): A,C

Explanation:

A) Establishing a networking account in the AWS Cloud and creating a private VPC with an AWS Direct Connect connection using a private VIF ensures that data is sent securely from the on-premises environment to AWS without traveling over the internet.
C) Creating an Amazon S3 interface endpoint in the networking account allows the company to privately access Amazon S3 from within the VPC, ensuring the data is transferred securely and without the use of the internet.
These steps satisfy the requirement of sending data privately and securely to the S3 buckets in different AWS accounts.



A company operates quick-service restaurants. The restaurants follow a predictable model with high sales traffic for 4 hours daily. Sales traffic is lower outside of those peak hours.

The point of sale and management platform is deployed in the AWS Cloud and has a backend that is based on Amazon DynamoDB. The database table uses provisioned throughput mode with 100,000 RCUs and 80,000 WCUs to match known peak resource consumption.

The company wants to reduce its DynamoDB cost and minimize the operational overhead for the IT staff.

Which solution meets these requirements MOST cost-effectively?

  1. Reduce the provisioned RCUs and WCUs.
  2. Change the DynamoDB table to use on-demand capacity.
  3. Enable Dynamo DB auto scaling for the table.
  4. Purchase 1-year reserved capacity that is sufficient to cover the peak load for 4 hours each day.

Answer(s): C

Explanation:

C) Enabling DynamoDB auto scaling is the most cost-effective solution because it allows the DynamoDB table to automatically adjust its provisioned throughput based on actual traffic patterns. This reduces operational overhead and ensures that the company is only paying for the required RCUs and WCUs during peak and off-peak hours, instead of overprovisioning.
A) Reducing provisioned capacity would result in under-provisioning during peak hours.
B) On-demand capacity is more expensive for workloads with predictable traffic patterns like this one.
D) Reserved capacity is not flexible for traffic that fluctuates daily.



A company hosts a blog post application on AWS using Amazon API Gateway, Amazon DynamoDB, and AWS Lambda. The application currently does not use API keys to authorize requests. The API model is as follows:

•GET /posts/{postId}: to get post details
•GET /users/{userId}: to get user details
•GET /comments/{commentId}: to get comments details

The company has noticed users are actively discussing topics in the comments section, and the company wants to increase user engagement by making the comments appear in real time.

Which design should be used to reduce comment latency and improve user experience?

  1. Use edge-optimized API with Amazon CloudFront to cache API responses.
  2. Modify the blog application code to request GET/comments/{commentId} every 10 seconds.
  3. Use AWS AppSync and leverage WebSockets to deliver comments.
  4. Change the concurrency limit of the Lambda functions to lower the API response time.

Answer(s): C

Explanation:

C) Using AWS AppSync with WebSockets is the best design for delivering real-time comments. WebSockets allow bidirectional communication between the client and the server, enabling updates to be pushed instantly to users without the need for constant polling or repeated requests. This approach will improve user experience by reducing latency and providing real-time updates in the comments section.
A) CloudFront caching might reduce latency for static content but does not address real-time communication.
B) Polling every 10 seconds increases latency and puts unnecessary load on the system.
D) Changing the concurrency limit of Lambda functions doesn't specifically improve real-time capabilities for delivering comments.



A company manages hundreds of AWS accounts centrally in an organization in AWS Organizations. The company recently started to allow product teams to create and manage their own S3 access points in their accounts. The S3 access points can be accessed only within VPCs, not on the internet.

What is the MOST operationally efficient way to enforce this requirement?

  1. Set the S3 access point resource policy to deny the s3:CreateAccessPoint action unless the s3:AccessPointNetworkOrigin condition key evaluates to VPC.
  2. Create an SCP at the root level in the organization to deny the s3:CreateAccessPoint action unless the s3:AccessPointNetworkOrigin condition key evaluates to VPC.
  3. Use AWS CloudFormation StackSets to create a new IAM policy in each AWS account that allows the s3:CreateAccessPoint action only if the s3:AccessPointNetworkOrigin condition key evaluates to VP
  4. Set the S3 bucket policy to deny the s3:CreateAccessPoint action unless the s3:AccessPointNetworkOrigin condition key evaluates to VPC.

Answer(s): B

Explanation:

B) The most operationally efficient way to enforce the requirement that S3 access points can be accessed only within VPCs is to create a Service Control Policy (SCP) at the root level of the AWS Organization. The SCP can deny the s3:CreateAccessPoint action unless the s3:AccessPointNetworkOrigin condition key evaluates to VPC. This ensures that all accounts in the organization comply with the policy, and the enforcement is centralized, reducing operational overhead.
A) Setting a resource policy would work for individual resources but requires manual configuration in each account, which is less efficient than using an SCP.
C) Using CloudFormation StackSets for IAM policy creation would increase operational complexity compared to using an SCP.
D) Modifying the S3 bucket policy applies to specific buckets, not the creation of access points, and would not provide a centralized solution.



Page 71 of 134



Post your Comments and Discuss Amazon SAP-C01 exam with other Community members:

Mike commented on October 08, 2024
Not bad at all
CANADA
upvote

Petro UA commented on October 01, 2024
hate DNS questions. So need to practice more
UNITED STATES
upvote

Gilbert commented on September 14, 2024
Cant wait to pass mine
Anonymous
upvote

Paresh commented on April 19, 2023
There were only 3 new questions that I did not see in this exam dumps. There rest of the questions were all word by word from this dump.
UNITED STATES
upvote

Matthew commented on October 18, 2022
An extremely helpful study package. I highly recommend.
UNITED STATES
upvote

Peter commented on June 23, 2022
I thought these were practice exam questions but they turned out to be real questoins from the actual exam.
NETHERLANDS
upvote

Henry commented on September 29, 2021
I do not have the words to thank you guys. Passing this exam was creting many scary thoughts. I am gold I used your braindumps and passed. I can get a beer and relax now.
AUSTRALIA
upvote

Nik commented on April 12, 2021
I would not be able to pass my exam without your help. You guys rock!
SINGAPOR
upvote

Rohit commented on January 09, 2021
Thank you for the 50% sale. I really appreicate this price cut during this extra ordinary time where everyone is having financial problem.
INDIA
upvote

Roger-That commented on December 23, 2020
The 20% holiday discount is a sweet deal. Thank you for the discount code.
UNITED STATES
upvote

Duke commented on October 23, 2020
It is helpful. Questions are real. Purcahse is easy but the only problem, there is no option to pay in Euro. Only USD.
GERMANY
upvote

Tan Jin commented on September 09, 2020
The questions from this exam dumps is valid. I got 88% in my exam today.
SINGAPORE
upvote

Dave commented on November 05, 2019
Useful practice questions to get a feel of the actual exam. Some of the answers are not correct so please exercise caution.
EUROPEAN UNION
upvote

Je commented on October 02, 2018
Great
UNITED STATES
upvote

Invisible Angel commented on January 11, 2018
Have yet to try. But most recommend it
NEW ZEALAND
upvote

Mic commented on December 26, 2017
Nice dumps, site is secure and checkout process is a breeze.
UNITED STATES
upvote