CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Amazon
  5. SAP-C01

Free SAP-C01 Exam Braindumps (page: 22)

Page 21 of 134
PDF with 529 Questions

An adventure company has launched a new feature on its mobile app. Users can use the feature to upload their hiking and rafting photos and videos anytime. The photos and videos are stored in Amazon S3 Standard storage in an S3 bucket and are served through Amazon CloudFront.

The company needs to optimize the cost of the storage. A solutions architect discovers that most of the uploaded photos and videos are accessed infrequently after 30 days. However, some of the uploaded photos and videos are accessed frequently after 30 days. The solutions architect needs to implement a solution that maintains millisecond retrieval availability of the photos and videos at the lowest possible cost.

Which solution will meet these requirements?

  1. Configure S3 Intelligent-Tiering on the S3 bucket.
  2. Configure an S3 Lifecycle policy to transition image objects and video objects from S3 Standard to S3 Glacier Deep Archive after 30 days.
  3. Replace Amazon S3 with an Amazon Elastic File System (Amazon EFS) file system that is mounted on Amazon EC2 instances.
  4. Add a Cache-Control: max-age header to the S3 image objects and S3 video objects. Set the header to 30 days.

Answer(s): A

Explanation:

A) Configure S3 Intelligent-Tiering on the S3 bucket.

S3 Intelligent-Tiering automatically moves data between frequent and infrequent access tiers based on changing access patterns, which ensures that data accessed infrequently is stored in a lower-cost tier while still providing millisecond retrieval. This solution is ideal for cases where the access frequency of objects is unpredictable, making it the most cost-effective and efficient choice to meet the company's needs.



A company uses Amazon S3 to store files and images in a variety of storage classes. The company's S3 costs have increased substantially during the past year.

A solutions architect needs to review data trends for the past 12 months and identity the appropriate storage class for the objects.

Which solution will meet these requirements?

  1. Download AWS Cost and Usage Reports for the last 12 months of S3 usage. Review AWS Trusted Advisor recommendations for cost savings.
  2. Use S3 storage class analysis. Import data trends into an Amazon QuickSight dashboard to analyze storage trends.
  3. Use Amazon S3 Storage Lens. Upgrade the default dashboard to include advanced metrics for storage trends.
  4. Use Access Analyzer for S3. Download the Access Analyzer for S3 report for the last 12 months. Import the .csv file to an Amazon QuickSight dashboard.

Answer(s): C

Explanation:

C) Use Amazon S3 Storage Lens. Upgrade the default dashboard to include advanced metrics for storage trends.

Amazon S3 Storage Lens provides a comprehensive view of S3 storage usage and activity, allowing you to analyze trends over the past 12 months. By upgrading to advanced metrics, the company can access detailed data on object storage, including recommendations on optimizing costs by adjusting storage class usage. This solution helps identify opportunities for cost savings in the most efficient manner.



A company has its cloud infrastructure on AWS. A solutions architect needs to define the infrastructure as code. The infrastructure is currently deployed in one AWS Region. The company’s business expansion plan includes deployments in multiple Regions across multiple AWS accounts.

What should the solutions architect do to meet these requirements?

  1. Use AWS CloudFormation templates. Add IAM policies to control the various accounts, Deploy the templates across the multiple Regions.
  2. Use AWS Organizations. Deploy AWS CloudFormation templates from the management account Use AWS Control Tower to manage deployments across accounts.
  3. Use AWS Organizations and AWS CloudFormation StackSets. Deploy a Cloud Formation template from an account that has the necessary IAM permissions.
  4. Use nested stacks with AWS CloudFormation templates. Change the Region by using nested stacks.

Answer(s): C

Explanation:

C) Use AWS Organizations and AWS CloudFormation StackSets. Deploy a CloudFormation template from an account that has the necessary IAM permissions.

AWS CloudFormation StackSets allow you to deploy CloudFormation templates across multiple AWS accounts and Regions from a central account. By integrating with AWS Organizations, you can automate and manage deployments across various accounts, ensuring consistent infrastructure as code deployment across multiple Regions and accounts. This is the most scalable and efficient solution for multi-Region and multi-account setups.



A company has several AWS accounts. A development team is building an automation framework for cloud governance and remediation processes. The automation framework uses AWS Lambda functions in a centralized account. A solutions architect must implement a least privilege permissions policy that allows the Lambda functions to run in each of the company's AWS accounts.

Which combination of steps will meet these requirements? (Choose two.)

  1. In the centralized account. create an IAM role that has the Lambda service as a trusted entity. Add an inline policy to assume the roles of the other AWS accounts.
  2. In the other AWS accounts, create an IAM role that has minimal permissions. Add the centralized account's Lambda IAM rote as a trusted entity.
  3. In the centralized account, create an IAM role that has roles of the other accounts as trusted entities. Provide minimal permissions.
  4. In the other AWS accounts, create an IAM role that has permissions to assume the role of the centralized account. Add the Lambda service as a trusted entity.
  5. In the other AWS accounts, create an IAM role that has minimal permissions. Add the Lambda service as a trusted entity.

Answer(s): A,B

Explanation:

A) In the centralized account, create an IAM role that has the Lambda service as a trusted entity. Add an inline policy to assume the roles of the other AWS accounts.
This step allows the Lambda function in the centralized account to assume roles in the other AWS accounts for executing governance and remediation tasks.

B) In the other AWS accounts, create an IAM role that has minimal permissions. Add the centralized account's Lambda IAM role as a trusted entity.
This step ensures that the centralized Lambda function can assume the roles in the other AWS accounts. The minimal permissions approach ensures the least privilege principle is followed.

Together, these steps implement a least privilege permission model where the Lambda functions in the centralized account can perform necessary tasks in the other AWS accounts with minimal permissions and trust relationships established between the accounts.






Post your Comments and Discuss Amazon SAP-C01 exam with other Community members:

SAP-C01 Discussions & Posts