A company is running a web application in the AWS Cloud. The application consists of dynamic content that is created on a set of Amazon EC2 instances. The EC2 instances run in an Auto Scaling group that is configured as a target group for an Application Load Balancer (ALB).The company is using an Amazon CloudFront distribution to distribute the application globally. The CloudFront distribution uses the ALB as an origin. The company uses Amazon Route 53 for DNS and has created an A record of www.example.com for the CloudFront distribution.A solutions architect must configure the application so that itis highly available and fault tolerant.Which solution meets these requirements?
Answer(s): B
B) Provision an ALB, an Auto Scaling group, and EC2 instances in a different AWS Region. Update the CloudFront distribution, and create a second origin for the new ALB. Create an origin group for the two origins. Configure one origin as primary and one origin as secondary is the correct solution.This setup ensures high availability and fault tolerance by creating a secondary application deployment in a different AWS Region. By adding a second ALB and Auto Scaling group in the new Region and configuring the CloudFront distribution with an origin group, you can set up failover between the two origins. This way, if the primary origin fails, CloudFront automatically switches to the secondary origin, providing seamless failover and reducing downtime.This approach leverages CloudFront's built-in support for origin failover and ensures the application remains globally available with minimal latency and high fault tolerance.
A company has an organization in AWS Organizations that has a large number of AWS accounts. One of the AWS accounts is designated as a transit account and has a transit gateway that is shared with all of the other AWS accounts. AWS Site-to-Site VPN connections are configured between all of the company’s global offices and the transit account. The company has AWS Config enabled on all of its accounts.The company’s networking team needs to centrally manage a list of internal IP address ranges that belong to the global offices. Developers will reference this list to gain access to their applications securely.Which solution meets these requirements with the LEAST amount of operational overhead?
Answer(s): C
C) In the transit account, create a VPC prefix list with all of the internal IP address ranges. Use AWS Resource Access Manager to share the prefix list with all of the other accounts. Use the shared prefix list to configure security group rules in the other accounts is the correct answer.This solution leverages VPC prefix lists, which provide an efficient way to centrally manage and reference a list of internal IP address ranges. By using AWS Resource Access Manager (RAM) to share the prefix list with all accounts in the organization, this method minimizes operational overhead while ensuring that all accounts have consistent access to the updated list of internal IP addresses. This solution is highly scalable and avoids the complexity of maintaining individual IP ranges in each account’s security groups.This approach ensures that developers can securely access their applications by referencing the shared prefix list in their security group rules across multiple AWS accounts, streamlining management and reducing the chance of misconfigurations.
A company runs a new application as a static website in Amazon S3. The company has deployed the application to a production AWS account and uses Amazon CloudFront to deliver the website. The website calls an Amazon API Gateway REST API. An AWS Lambda function backs each API method.The company wants to create a CSV report every 2 weeks to show each API Lambda function’s recommended configured memory, recommended cost, and the price difference between current configurations and the recommendations. The company will store the reports in an S3 bucket.Which solution will meet these requirements with the LEAST development time?
B) Opt in to AWS Compute Optimizer. Create a Lambda function that calls the ExportLambdaFunctionRecommendations operation. Export the .csv file to an S3 bucket. Create an Amazon EventBridge rule to schedule the Lambda function to run every 2 weeks is the correct solution.AWS Compute Optimizer provides recommendations for optimizing the memory and performance of Lambda functions, including cost estimates. By using the ExportLambdaFunctionRecommendations operation, you can easily extract recommendations into a .csv file and store it in an S3 bucket. The solution involves minimal development effort because Compute Optimizer automatically provides the required data, and scheduling the Lambda function with Amazon EventBridge ensures the task runs every two weeks without manual intervention.This solution meets the requirements for creating a report with recommended configurations and cost differences while minimizing development time.
A company’s factory and automation applications are running in a single VPC. More than 20 applications run on a combination of Amazon EC2, Amazon Elastic Container Service (Amazon ECS), and Amazon RDS.The company has software engineers spread across three teams. One of the three teams owns each application, and each time is responsible for the cost and performance of all of its applications. Team resources have tags that represent their application and team. The teams use IAM access for daily activities.The company needs to determine which costs on the monthly AWS bill are attributable to each application or team. The company also must be able to create reports to compare costs from the last 12 months and to help forecast costs for the next 12 months. A solutions architect must recommend an AWS Billing and Cost Management solution that provides these cost reports.Which combination of actions will meet these requirements? (Choose three.)
Answer(s): A,C,F
The correct answers are:A) Activate the user-defined cost allocation tags that represent the application and the team: Activating user-defined cost allocation tags allows you to track costs based on specific tags associated with your resources, such as the application and team tags. This helps in attributing costs to the appropriate teams and applications.C) Create a cost category for each application in Billing and Cost Management: Creating cost categories allows you to group your AWS costs by specific criteria (such as applications or teams) for better analysis and reporting. This is crucial for organizing and tracking costs across the teams.F) Enable Cost Explorer: Cost Explorer helps visualize and analyze costs, providing historical data and forecasts for the next 12 months. It can generate detailed reports based on activated tags and cost categories, allowing the company to track costs and make informed budgeting decisions.These actions allow the company to track costs by team and application, analyze trends over time, and create forecasts based on historical data.
An AWS customer has a web application that runs on premises. The web application fetches data from a third-party API that is behind a firewall. The third party accepts only one public CIDR block in each client’s allow list.The customer wants to migrate their web application to the AWS Cloud. The application will be hosted on a set of Amazon EC2 instances behind an Application Load Balancer (ALB) in a VPC. The ALB is located in public subnets. The EC2 instances are located in private subnets. NAT gateways provide internet access to the private subnets.How should a solutions architect ensure that the web application can continue to call the third-party API after the migration?
B) Register a block of customer-owned public IP addresses in the AWS account. Create Elastic IP addresses from the address block and assign them to the NAT gateways in the VPC is the correct answer.By registering customer-owned public IP addresses with AWS, you ensure that the third-party API sees traffic originating from a trusted IP range that the third party has already whitelisted. Assigning Elastic IP addresses from this block to the NAT gateways ensures that all traffic from the EC2 instances in the private subnets (which go through the NAT gateway for external access) will use the customer-owned IP addresses. This setup allows the web application to continue calling the third-party API as it did when running on-premises.This solution ensures that the migration to AWS does not break the integration with the third-party API while maintaining security and compliance with the API's firewall rules.
Post your Comments and Discuss Amazon SAP-C02 exam dumps with other Community members:
AWS Learner Commented on April 11, 2025 This sample questions for SAP-C02 exam really helped me pass the exam from the first try. Anonymous
Mini monk Commented on March 09, 2025 Didn't test yet Anonymous
ry Commented on February 12, 2025 very helpful Anonymous
Vlad Commented on February 06, 2024 This is my 2nd time getting a test from you for AWS and first one worked out well lets hope this one does too UNITED STATES
Darnell Morris Commented on February 05, 2024 I'm looking forward to passing the AWS Solutions Architect Professional exam. My system crashed with my previous purchase and my subscription expired therefore I need to renew. UNITED STATES
Roberts Commented on October 24, 2023 I gave the AWS SAP-C02 test and studied through as it has latest mock tests available which helped me evaluate my performance and got me 906/1000. Anonymous
Andrew Commented on August 23, 2023 very helpful Anonymous
Mukesh Commented on July 10, 2023 Good questions UNITED KINGDOM
Mukesh Commented on July 10, 2023 good questions UNITED KINGDOM
Willard Commented on March 18, 2023 This guide is a one-way ticket to Successville - Passed my exam and now I am the mayor! AUSTRALIA
Mora Commented on February 09, 2023 Free-Braindumps.com helped me ace my exam. The practice practice questions were spot on and the explanations were helpful. UNITED STATES