CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Amazon
  5. SAP-C01

Free SAP-C01 Exam Braindumps (page: 23)

Page 22 of 134
PDF with 529 Questions

A company plans to refactor a monolithic application into a modern application design deployed on AWS. The CI/CD pipeline needs to be upgraded to support the modern design for the application with the following requirements:

-It should allow changes to be released several times every hour.
-It should be able to roll back the changes as quickly as possible.

Which design will meet these requirements?

  1. Deploy a CI/CD pipeline that incorporates AMIs to contain the application and their configurations. Deploy the application by replacing Amazon EC2 instances.
  2. Specify AWS Elastic Beanstalk to stage in a secondary environment as the deployment target for the CI/CD pipeline of the application. To deploy, swap the staging and production environment URLs.
  3. Use AWS Systems Manager to re-provision the infrastructure for each deployment. Update the Amazon EC2 user data to pull the latest code artifact from Amazon S3 and use Amazon Route 53 weighted routing to point to the new environment.
  4. Roll out the application updates as part of an Auto Scaling event using prebuilt AMIs. Use new versions of the AMIs to add instances. and phase out all instances that use the previous AMI version with the configured termination policy during a deployment event.

Answer(s): B

Explanation:

B) Specify AWS Elastic Beanstalk to stage in a secondary environment as the deployment target for the CI/CD pipeline of the application. To deploy, swap the staging and production environment URLs.

Using AWS Elastic Beanstalk with a secondary staging environment allows rapid deployments several times an hour, and supports quick rollbacks by swapping the URLs between staging and production environments. This design allows you to release changes quickly and rollback easily if issues arise, meeting both the requirements of rapid deployment and minimal downtime during rollbacks.



A company has an application that runs on Amazon EC2 instances. A solutions architect is designing VPC infrastructure in an AWS Region where the application needs to access an Amazon Aurora DB Cluster. The EC2 instances are all associated with the same security group. The DB cluster is associated with its own security group.

The solutions architect needs to add rules to the security groups to provide the application with least privilege access to the DB Cluster.

Which combination of steps will meet these requirements? (Choose two.)

  1. Add an inbound rule to the EC2 instances' security group. Specify the DB cluster's security group as the source over the default Aurora port.
  2. Add an outbound rule to the EC2 instances' security group. Specify the DB cluster's security group as the destination over the default Aurora port.
  3. Add an inbound rule to the DB cluster's security group. Specify the EC2 instances' security group as the source over the default Aurora port.
  4. Add an outbound rule to the DB cluster's security group. Specify the EC2 instances' security group as the destination over the default Aurora port.
  5. Add an outbound rule to the DB cluster's security group. Specify the EC2 instances' security group as the destination over the ephemeral ports.

Answer(s): B,C

Explanation:

B) Add an outbound rule to the EC2 instances' security group. Specify the DB cluster's security group as the destination over the default Aurora port.
This allows the EC2 instances to send requests to the Aurora DB cluster over the appropriate port, typically 3306 for MySQL-based Aurora.

C) Add an inbound rule to the DB cluster's security group. Specify the EC2 instances' security group as the source over the default Aurora port.
This allows the Aurora DB cluster to receive traffic from the EC2 instances, ensuring that only the specific EC2 instances' security group can access the DB cluster.

This combination follows the principle of least privilege, ensuring that only the necessary traffic is allowed between the EC2 instances and the Aurora DB cluster over the required port.



A company wants to change its internal cloud billing strategy for each of its business units. Currently, the cloud governance team shares reports for overall cloud spending with the head of each business unit. The company uses AWS Organizations to manage the separate AWS accounts for each business unit. The existing tagging standard in Organizations includes the application, environment, and owner. The cloud governance team wants a centralized solution so each business unit receives monthly reports on its cloud spending. The solution should also send notifications for any cloud spending that exceeds a set threshold.

Which solution is the MOST cost-effective way to meet these requirements?

  1. Configure AWS Budgets in each account and configure budget alerts that are grouped by application, environment, and owner. Add each business unit to an Amazon SNS topic for each alert. Use Cost Explorer in each account to create monthly reports for each business unit.
  2. Configure AWS Budgets in the organization's management account and configure budget alerts that are grouped by application, environment, and owner. Add each business unit to an Amazon SNS topic for each alert. Use Cost Explorer in the organization's management account to create monthly reports for each business unit.
  3. Configure AWS Budgets in each account and configure budget alerts that are grouped by application, environment, and owner. Add each business unit to an Amazon SNS topic for each alert. Use the AWS Billing and Cost Management dashboard in each account to create monthly reports for each business unit.
  4. Enable AWS Cost and Usage Reports in the organization's management account and configure reports grouped by application, environment. and owner. Create an AWS Lambda function that processes AWS Cost and Usage Reports, sends budget alerts, and sends monthly reports to each business unit's email list.

Answer(s): B

Explanation:

B) Configure AWS Budgets in the organization's management account and configure budget alerts that are grouped by application, environment, and owner. Add each business unit to an Amazon SNS topic for each alert. Use Cost Explorer in the organization's management account to create monthly reports for each business unit.

This solution is cost-effective because it centralizes cost management using AWS Budgets and Cost Explorer in the organization's management account. This allows the cloud governance team to configure budget alerts and generate monthly reports grouped by tags such as application, environment, and owner for each business unit. Notifications for budget thresholds are easily managed through Amazon SNS, ensuring each business unit is kept informed.



A company is using AWS CloudFormation to deploy its infrastructure. The company is concerned that, if a production CloudFormation stack is deleted, important data stored in Amazon RDS databases or Amazon EBS volumes might also be deleted.

How can the company prevent users from accidentally deleting data in this way?

  1. Modify the CloudFormation templates to add a DeletionPolicy attribute to RDS and EBS resources.
  2. Configure a stack policy that disallows the deletion of RDS and EBS resources.
  3. Modify IAM policies lo deny deleting RDS and EBS resources that are tagged with an "aws:cloudformation:stack-name" tag.
  4. Use AWS Config rules to prevent deleting RDS and EBS resources.

Answer(s): A

Explanation:

A) Modify the CloudFormation templates to add a DeletionPolicy attribute to RDS and EBS resources.

By adding the DeletionPolicy attribute to the RDS and EBS resources in the CloudFormation template, you can specify actions to be taken when a stack is deleted. For critical resources like databases or EBS volumes, you can set the DeletionPolicy to Retain, ensuring that these resources are not deleted even if the CloudFormation stack is removed. This approach effectively prevents accidental data loss.






Post your Comments and Discuss Amazon SAP-C01 exam with other Community members:

SAP-C01 Discussions & Posts