You require the ability to analyze a large amount of data, which is stored on Amazon S3
using Amazon Elastic Map Reduce. You are using the cc2 8x large Instance type, whose
CPUs are mostly idle during processing. Which of the below would be the most cost
efficient way to reduce the runtime of the job?
You require the ability to analyze a large amount of data, which is stored on Amazon S3
using Amazon Elastic Map Reduce. You are using the cc2 8x large Instance type, whose
CPUs are mostly idle during processing. Which of the below would be the most cost
efficient way to reduce the runtime of the job?
A benefits enrollment company is hosting a 3-tier web application running in a VPC on
AWS which includes a NAT (Network Address Translation) instance in the public Web tier.
There is enough provisioned capacity for the expected workload tor the new fiscal year
benefit enrollment period plus some extra overhead Enrollment proceeds nicely for two
days and then the web tier becomes unresponsive, upon investigation using CloudWatch
and other monitoring tools it is discovered that there is an extremely large and
unanticipated amount of inbound traffic coming from a set of 15 specific IP addresses over
port 80 from a country where the benefits company has no customers. The web tier
instances are so overloaded that benefit enrollment administrators cannot even SSH into
them. Which activity would be useful in defending against this attack?
A benefits enrollment company is hosting a 3-tier web application running in a VPC on
AWS which includes a NAT (Network Address Translation) instance in the public Web tier.
There is enough provisioned capacity for the expected workload tor the new fiscal year
benefit enrollment period plus some extra overhead Enrollment proceeds nicely for two
days and then the web tier becomes unresponsive, upon investigation using CloudWatch
and other monitoring tools it is discovered that there is an extremely large and
unanticipated amount of inbound traffic coming from a set of 15 specific IP addresses over
port 80 from a country where the benefits company has no customers. The web tier
instances are so overloaded that benefit enrollment administrators cannot even SSH into
them. Which activity would be useful in defending against this attack?
Your company has HQ in Tokyo and branch offices all over the world and is using a logistics software with a multi-regional deployment on AWS in Japan, Europe and USA.
The logistic software has a 3-tier architecture and currently uses MySQL 5.6 for data persistence. Each region has deployed its own database In the HQ region you run an hourly batch process reading data from every region to compute cross-regional reports that are sent by email to all offices this batch process must be completed as fast as possible to quickly optimize logistics how do you build the
database architecture in order to meet the requirements’?
Your company has HQ in Tokyo and branch offices all over the world and is using a logistics software with a multi-regional deployment on AWS in Japan, Europe and USA.
The logistic software has a 3-tier architecture and currently uses MySQL 5.6 for data persistence. Each region has deployed its own database In the HQ region you run an hourly batch process reading data from every region to compute cross-regional reports that are sent by email to all offices this batch process must be completed as fast as possible to quickly optimize logistics how do you build the
database architecture in order to meet the requirements’?
By default, EBS volumes that are created and attached to an instance at launch are deleted when that instance is terminated. You can modify this behavior by changing the value of the flag_____ to false when you launch the instance
By default, EBS volumes that are created and attached to an instance at launch are deleted when that instance is terminated. You can modify this behavior by changing the value of the flag_____ to false when you launch the instance
You have been asked to design the storage layer for an application. The application
requires disk performance of at least 100,000 IOPS in addition, the storage layer must be
able to survive the loss of an individual disk. EC2 instance, or Availability Zone without any
data loss. The volume you provide must have a capacity of at least 3 TB. Which of the
following designs will meet these objectives'?
You have been asked to design the storage layer for an application. The application
requires disk performance of at least 100,000 IOPS in addition, the storage layer must be
able to survive the loss of an individual disk. EC2 instance, or Availability Zone without any
data loss. The volume you provide must have a capacity of at least 3 TB. Which of the
following designs will meet these objectives'?
-
-
-
-
You have deployed a web application targeting a global audience across multiple AWS
Regions under the domain name.example.com. You decide to use Route53 Latency-Based
Routing to serve web requests to users from the region closest to the user. To provide
business continuity in the event of server downtime you configure weighted record sets
associated with two web servers in separate Availability Zones per region. Dunning a DR
test you notice that when you disable all web servers in one of the regions Route53 does
not automatically direct all users to the other region. What could be happening? (Choose 2
answers)
You have deployed a web application targeting a global audience across multiple AWS
Regions under the domain name.example.com. You decide to use Route53 Latency-Based
Routing to serve web requests to users from the region closest to the user. To provide
business continuity in the event of server downtime you configure weighted record sets
associated with two web servers in separate Availability Zones per region. Dunning a DR
test you notice that when you disable all web servers in one of the regions Route53 does
not automatically direct all users to the other region. What could be happening? (Choose 2
answers)
You are designing an intrusion detection prevention (IDS/IPS) solution for a customer web
application in a single VPC. You are considering the options for implementing IOS IPS
protection for traffic coming from the Internet.
Which of the following options would you consider?
You are designing an intrusion detection prevention (IDS/IPS) solution for a customer web
application in a single VPC. You are considering the options for implementing IOS IPS
protection for traffic coming from the Internet.
Which of the following options would you consider?
You need a persistent and durable storage to trace call activity of an IVR (Interactive Voice
Response) system. Call duration is mostly in the 2-3 minutes timeframe. Each traced call
can be either active or terminated. An external application needs to know each minute the
list of currently active calls, which are usually a few calls/second. Put once per month there
is a periodic peak up to 1000 calls/second for a few hours. The system is open 24/7 and
any downtime should be avoided. Historical data is periodically archived to files. Cost
saving is a priority for this project.
What database implementation would better fit this scenario, keeping costs as low as
possible?
You need a persistent and durable storage to trace call activity of an IVR (Interactive Voice
Response) system. Call duration is mostly in the 2-3 minutes timeframe. Each traced call
can be either active or terminated. An external application needs to know each minute the
list of currently active calls, which are usually a few calls/second. Put once per month there
is a periodic peak up to 1000 calls/second for a few hours. The system is open 24/7 and
any downtime should be avoided. Historical data is periodically archived to files. Cost
saving is a priority for this project.
What database implementation would better fit this scenario, keeping costs as low as
possible?
A corporate web application is deployed within an Amazon Virtual Private Cloud (VPC) and is connected to the corporate data center via an iPsec VPN. The application must authenticate against the on-premises LDAP server. After authentication, each logged-in user can only access an Amazon Simple Storage Space (S3) keyspace specific to that user. Which two approaches can satisfy these objectives?
A corporate web application is deployed within an Amazon Virtual Private Cloud (VPC) and is connected to the corporate data center via an iPsec VPN. The application must authenticate against the on-premises LDAP server. After authentication, each logged-in user can only access an Amazon Simple Storage Space (S3) keyspace specific to that user. Which two approaches can satisfy these objectives?
You are responsible for a legacy web application whose server environment is approaching
end of life You would like to migrate this application to AWS as quickly as possible, since
the application environment currently has the following limitations: The VM's single 10GB VMDK is almost full
Me virtual network interface still uses the 10Mbps driver, which leaves your 100Mbps WAN connection completely underutilized
It is currently running on a highly customized. Windows VM within a VMware
environment:
You do not have me installation media
This is a mission critical application with an RTO (Recovery Time Objective) of 8 hours.
RPO (Recovery Point Objective) of 1 hour. How could you best migrate this application to
AWS while meeting your business continuity requirements?
You are responsible for a legacy web application whose server environment is approaching
end of life You would like to migrate this application to AWS as quickly as possible, since
the application environment currently has the following limitations: The VM's single 10GB VMDK is almost full
Me virtual network interface still uses the 10Mbps driver, which leaves your 100Mbps WAN connection completely underutilized
It is currently running on a highly customized. Windows VM within a VMware
environment:
You do not have me installation media
This is a mission critical application with an RTO (Recovery Time Objective) of 8 hours.
RPO (Recovery Point Objective) of 1 hour. How could you best migrate this application to
AWS while meeting your business continuity requirements?
A web-startup runs its very successful social news application on Amazon EC2 with an Elastic Load Balancer, an Auto-Scaling group of Java/Tomcat application-servers, and DynamoDB as data store. The main web-application best runs on m2 x large instances since it is highly memory- bound Each new deployment requires semi-automated creation and testing of a new AMI for the application servers which takes quite a while ana is therefore only done once per week. Recently, a new chat feature has been implemented in nodejs and wails to be integrated in the architecture. First tests show that the new component is CPU bound Because the company has some experience with using Chef, they decided to streamline the deployment process and use AWS Ops Works as an application life cycle tool to simplify management of the application and reduce the deployment cycles.
What configuration in AWS Ops Works is necessary to integrate the new chat module in the most cost-efficient and flexible way?
A web-startup runs its very successful social news application on Amazon EC2 with an Elastic Load Balancer, an Auto-Scaling group of Java/Tomcat application-servers, and DynamoDB as data store. The main web-application best runs on m2 x large instances since it is highly memory- bound Each new deployment requires semi-automated creation and testing of a new AMI for the application servers which takes quite a while ana is therefore only done once per week. Recently, a new chat feature has been implemented in nodejs and wails to be integrated in the architecture. First tests show that the new component is CPU bound Because the company has some experience with using Chef, they decided to streamline the deployment process and use AWS Ops Works as an application life cycle tool to simplify management of the application and reduce the deployment cycles.
What configuration in AWS Ops Works is necessary to integrate the new chat module in the most cost-efficient and flexible way?
You currently operate a web application In the AWS US-East region The application runs
on an auto-scaled layer of EC2 instances and an RDS Multi-AZ database Your IT security
compliance officer has tasked you to develop a reliable and durable logging solution to
track changes made to your EC2.IAM And RDS resources. The solution must ensure the
integrity and confidentiality of your log data. Which of these solutions would you
recommend?
You currently operate a web application In the AWS US-East region The application runs
on an auto-scaled layer of EC2 instances and an RDS Multi-AZ database Your IT security
compliance officer has tasked you to develop a reliable and durable logging solution to
track changes made to your EC2.IAM And RDS resources. The solution must ensure the
integrity and confidentiality of your log data. Which of these solutions would you
recommend?
Your company is getting ready to do a major public announcement of a social media site on
AWS. The website is running on EC2 instances deployed across multiple Availability Zones
with a Multi-AZ RDS MySQL Extra Large DB Instance. The site performs a high number of
small reads and writes per second and relies on an eventual consistency model. After
comprehensive tests you discover that there is read contention on RDS MySQL. Which are
the best approaches to meet these requirements? (Choose 2 answers)
Your company is getting ready to do a major public announcement of a social media site on
AWS. The website is running on EC2 instances deployed across multiple Availability Zones
with a Multi-AZ RDS MySQL Extra Large DB Instance. The site performs a high number of
small reads and writes per second and relies on an eventual consistency model. After
comprehensive tests you discover that there is read contention on RDS MySQL. Which are
the best approaches to meet these requirements? (Choose 2 answers)
You are developing a new mobile application and are considering storing user preferences
in AWS.2w This would provide a more uniform cross-device experience to users using
multiple mobile devices to access the application. The preference data for each user is
estimated to be 50KB in size Additionally 5 million customers are expected to use the
application on a regular basis. The solution needs to be cost-effective, highly available,
scalable and secure, how would you design a solution to meet the above requirements?
You are developing a new mobile application and are considering storing user preferences
in AWS.2w This would provide a more uniform cross-device experience to users using
multiple mobile devices to access the application. The preference data for each user is
estimated to be 50KB in size Additionally 5 million customers are expected to use the
application on a regular basis. The solution needs to be cost-effective, highly available,
scalable and secure, how would you design a solution to meet the above requirements?
An AWS customer is deploying an application mat is composed of an AutoScaling group of
EC2 Instances. The customers security policy requires that every outbound connection from these
instances to any other service within the customers Virtual Private Cloud must be authenticated
using a unique x 509 certificate that contains the specific instance-id. In addition an x 509 certificates must Designed by the customer's
Key management service in order to be trusted for authentication. Which of the following configurations will support these requirements?
An AWS customer is deploying an application mat is composed of an AutoScaling group of
EC2 Instances. The customers security policy requires that every outbound connection from these
instances to any other service within the customers Virtual Private Cloud must be authenticated
using a unique x 509 certificate that contains the specific instance-id. In addition an x 509 certificates must Designed by the customer's
Key management service in order to be trusted for authentication. Which of the following configurations will support these requirements?
You are designing a multi-platform web application for AWS The application will run on
EC2 instances and will be accessed from PCs. tablets and smart phones Supported accessing platforms are Windows. MACOS. IOS and Android Separate sticky session and
SSL certificate setups are required for different platform types which of the following describes the most cost effective and performance efficient architecture setup?
You are designing a multi-platform web application for AWS The application will run on
EC2 instances and will be accessed from PCs. tablets and smart phones Supported accessing platforms are Windows. MACOS. IOS and Android Separate sticky session and
SSL certificate setups are required for different platform types which of the following describes the most cost effective and performance efficient architecture setup?
Your company has recently extended its datacenter into a VPC on AVVS to add burst
computing capacity as needed Members of your Network Operations Center need to be
able to go to the AWS Management Console and administer Amazon EC2 instances as
necessary You don't want to create new IAM users for each NOC member and make those
users sign in again to the AWS Management Console Which option below will meet the
needs for your NOC members?
Your company has recently extended its datacenter into a VPC on AVVS to add burst
computing capacity as needed Members of your Network Operations Center need to be
able to go to the AWS Management Console and administer Amazon EC2 instances as
necessary You don't want to create new IAM users for each NOC member and make those
users sign in again to the AWS Management Console Which option below will meet the
needs for your NOC members?
A customer has a 10 GB AWS Direct Connect connection to an AWS region where they
have a web application hosted on Amazon Elastic Computer Cloud (EC2). The application
has dependencies on an on-premises mainframe database that uses a BASE (Basic
Available. Sort stale Eventual consistency) rather than an ACID (Atomicity. Consistency
isolation. Durability) consistency model. The application is exhibiting undesirable behavior
because the database is not able to handle the volume of writes. How can you reduce the
load on your on-premises database resources in the most cost-effective way?
A customer has a 10 GB AWS Direct Connect connection to an AWS region where they
have a web application hosted on Amazon Elastic Computer Cloud (EC2). The application
has dependencies on an on-premises mainframe database that uses a BASE (Basic
Available. Sort stale Eventual consistency) rather than an ACID (Atomicity. Consistency
isolation. Durability) consistency model. The application is exhibiting undesirable behavior
because the database is not able to handle the volume of writes. How can you reduce the
load on your on-premises database resources in the most cost-effective way?
An International company has deployed a multi-tier web application that relies on DynamoDB in a single region For regulatory reasons they need disaster recovery capability
In a separate region with a Recovery Time Objective of 2 hours and a Recovery Point Objective of 24 hours They should synchronize their data on a regular basis and be able to
provision me web application rapidly using CloudFormation. The objective is to minimize changes to the existing web application, control the throughput
of DynamoDB used for the synchronization of data and synchronize only the modified elements.
Which design would you choose to meet these requirements?
An International company has deployed a multi-tier web application that relies on DynamoDB in a single region For regulatory reasons they need disaster recovery capability
In a separate region with a Recovery Time Objective of 2 hours and a Recovery Point Objective of 24 hours They should synchronize their data on a regular basis and be able to
provision me web application rapidly using CloudFormation. The objective is to minimize changes to the existing web application, control the throughput
of DynamoDB used for the synchronization of data and synchronize only the modified elements.
Which design would you choose to meet these requirements?
You are implementing a URL whitelisting system for a company that wants to restrict
outbound HTTP'S connections to specific domains from their EC2-hosted applications you
deploy a single EC2 instance running proxy software and configure It to accept traffic from
all subnets and EC2 instances in the VPC. You configure the proxy to only pass through
traffic to domains that you define in its whitelist configuration You have a nightly
maintenance window or 10 minutes where ail instances fetch new software updates. Each
update Is about 200MB In size and there are 500 instances In the VPC that routinely fetch
updates After a few days you notice that some machines are failing to successfully
download some, but not all of their updates within the maintenance window. The download
URLs used for these updates are correctly listed in the proxy's whitelist configuration and
you are able to access them manually using a web browser on the instances. What might
be happening?
You are implementing a URL whitelisting system for a company that wants to restrict
outbound HTTP'S connections to specific domains from their EC2-hosted applications you
deploy a single EC2 instance running proxy software and configure It to accept traffic from
all subnets and EC2 instances in the VPC. You configure the proxy to only pass through
traffic to domains that you define in its whitelist configuration You have a nightly
maintenance window or 10 minutes where ail instances fetch new software updates. Each
update Is about 200MB In size and there are 500 instances In the VPC that routinely fetch
updates After a few days you notice that some machines are failing to successfully
download some, but not all of their updates within the maintenance window. The download
URLs used for these updates are correctly listed in the proxy's whitelist configuration and
you are able to access them manually using a web browser on the instances. What might
be happening?
You have an application running on an EC2 Instance which will allow users to download
flies from a private S3 bucket using a pre-assigned URL. Before generating the URL the
application should verify the existence of the file in S3.
How should the application use AWS credentials to access the S3 bucket securely?
You have an application running on an EC2 Instance which will allow users to download
flies from a private S3 bucket using a pre-assigned URL. Before generating the URL the
application should verify the existence of the file in S3.
How should the application use AWS credentials to access the S3 bucket securely?
You require the ability to analyze a customer's clickstream data on a website so they can
do behavioral analysis. Your customer needs to know what sequence of pages and ads
their customer clicked on. This data will be used in real time to modify the page layouts as
customers click through the site to increase stickiness and advertising click-through. Which
option meets the requirements for captioning and analyzing this data?
You require the ability to analyze a customer's clickstream data on a website so they can
do behavioral analysis. Your customer needs to know what sequence of pages and ads
their customer clicked on. This data will be used in real time to modify the page layouts as
customers click through the site to increase stickiness and advertising click-through. Which
option meets the requirements for captioning and analyzing this data?
While performing the volume status checks, if the status is insufficient-data, what does it
mean?
While performing the volume status checks, if the status is insufficient-data, what does it
mean?
Amazon SWF is designed to help users...
Amazon SWF is designed to help users...
A company is running a batch analysis every hour on their main transactional DB. running
on an RDS MySQL instance to populate their central Data Warehouse running on Redshift
During the execution of the batch their transactional applications are very slow When the
batch completes they need to update the top management dashboard with the new data
The dashboard is produced by another system running on-premises that is currently started
when a manually-sent email notifies that an update is required The on-premises system
cannot be modified because is managed by another team.
How would you optimize this scenario to solve performance issues and automate the
process as much as possible?
A company is running a batch analysis every hour on their main transactional DB. running
on an RDS MySQL instance to populate their central Data Warehouse running on Redshift
During the execution of the batch their transactional applications are very slow When the
batch completes they need to update the top management dashboard with the new data
The dashboard is produced by another system running on-premises that is currently started
when a manually-sent email notifies that an update is required The on-premises system
cannot be modified because is managed by another team.
How would you optimize this scenario to solve performance issues and automate the
process as much as possible?
You are running a news website in the eu-west-1 region that updates every 15 minutes.
The website has a world-wide audience it uses an Auto Scaling group behind an Elastic
Load Balancer and an Amazon RDS database Static content resides on Amazon S3, and is
distributed through Amazon CloudFront. Your Auto Scaling group is set to trigger a scale
up event at 60% CPU utilization, you use an Amazon RDS extra large DB instance with
10.000 Provisioned IOPS its CPU utilization is around 80%. While freeable memory is in
the 2 GB range. Web analytics reports show that the average load time of your web pages is around 1 5 to
2 seconds, but your SEO consultant wants to bring down the average load time to under 0.5 seconds.
Which of the following would not help you toimprove page load times for your users?
You are running a news website in the eu-west-1 region that updates every 15 minutes.
The website has a world-wide audience it uses an Auto Scaling group behind an Elastic
Load Balancer and an Amazon RDS database Static content resides on Amazon S3, and is
distributed through Amazon CloudFront. Your Auto Scaling group is set to trigger a scale
up event at 60% CPU utilization, you use an Amazon RDS extra large DB instance with
10.000 Provisioned IOPS its CPU utilization is around 80%. While freeable memory is in
the 2 GB range. Web analytics reports show that the average load time of your web pages is around 1 5 to
2 seconds, but your SEO consultant wants to bring down the average load time to under 0.5 seconds.
Which of the following would not help you toimprove page load times for your users?
An ERP application is deployed across multiple AZs in a single region. In the event of
failure, the Recovery Time Objective (RTO) must be less than 3 hours, and the Recovery
Point Objective (RPO) must be 15 minutes the customer realizes that data corruption
occurred roughly 1.5 hours ago.
What DR strategy could be used to achieve this RTO and RPO in the event of this kind of
failure?
An ERP application is deployed across multiple AZs in a single region. In the event of
failure, the Recovery Time Objective (RTO) must be less than 3 hours, and the Recovery
Point Objective (RPO) must be 15 minutes the customer realizes that data corruption
occurred roughly 1.5 hours ago.
What DR strategy could be used to achieve this RTO and RPO in the event of this kind of
failure?
A large real-estate brokerage is exploring the option o( adding a cost-effective location based alert to their existing mobile application The application backend infrastructure currently runs on AWS Users who opt in to this service will receive alerts on their mobile device regarding real-estate otters in proximity to their location. For the alerts to be relevant delivery time needs to be in the low minute count the existing mobile app has 5 million users across the us Which one of the following architectural suggestions would you make to the customer?
A large real-estate brokerage is exploring the option o( adding a cost-effective location based alert to their existing mobile application The application backend infrastructure currently runs on AWS Users who opt in to this service will receive alerts on their mobile device regarding real-estate otters in proximity to their location. For the alerts to be relevant delivery time needs to be in the low minute count the existing mobile app has 5 million users across the us Which one of the following architectural suggestions would you make to the customer?
You have recently joined a startup company building sensors to measure street noise and
air quality in urban areas. The company has been running a pilot deployment of around 100
sensors for 3 months each sensor uploads 1KB of sensor data every minute to a backend
hosted on AWS. During the pilot, you measured a peak or 10 IOPS on the database, and you stored an
average of 3GB of sensor data per month in the database. The current deployment consists of a load-balanced auto scaled Ingestion layer using EC2
instances and a PostgreSQL RDS database with 500GB standard storage. The pilot is considered a success and your CEO has managed to get the attention or some
potential investors. The business plan requires a deployment of at least 100K sensors which needs to be supported by the backend. You also need to store sensor data for at
least two years to be able to compare year over year Improvements.To secure funding, you have to make sure that the platform meets these requirements and
leaves room for further scaling. Which setup win meet the requirements?
You have recently joined a startup company building sensors to measure street noise and
air quality in urban areas. The company has been running a pilot deployment of around 100
sensors for 3 months each sensor uploads 1KB of sensor data every minute to a backend
hosted on AWS. During the pilot, you measured a peak or 10 IOPS on the database, and you stored an
average of 3GB of sensor data per month in the database. The current deployment consists of a load-balanced auto scaled Ingestion layer using EC2
instances and a PostgreSQL RDS database with 500GB standard storage. The pilot is considered a success and your CEO has managed to get the attention or some
potential investors. The business plan requires a deployment of at least 100K sensors which needs to be supported by the backend. You also need to store sensor data for at
least two years to be able to compare year over year Improvements.To secure funding, you have to make sure that the platform meets these requirements and
leaves room for further scaling. Which setup win meet the requirements?
When you view the block device mapping for your instance, you can see only the EBS
volumes, not the instance store volumes.
When you view the block device mapping for your instance, you can see only the EBS
volumes, not the instance store volumes.
You have launched an EC2 instance with four (4) 500 GB EBS Provisioned IOPS volumes
attached The EC2 Instance Is EBS-Optimized and supports 500 Mbps throughput between
EC2 and EBS The two EBS volumes are configured as a single RAID o device, and each
Provisioned IOPS volume is provisioned with 4.000 IOPS (4 000 16KB reads or writes) for
a total of 16.000 random IOPS on the instance The EC2 Instance initially delivers the
expected 16 000 IOPS random read and write performance Sometime later in order to
increase the total random I/O performance of the instance, you add an additional two 500
GB EBS Provisioned IOPS volumes to the RAID Each volume Is provisioned to 4.000 IOPs
like the original four for a total of 24.000 IOPS on the EC2 instance Monitoring shows that
the EC2 instance CPU utilization increased from 50% to 70%. but the total random IOPS
measured at the instance level does not increase at all.
What is the problem and a valid solution?
You have launched an EC2 instance with four (4) 500 GB EBS Provisioned IOPS volumes
attached The EC2 Instance Is EBS-Optimized and supports 500 Mbps throughput between
EC2 and EBS The two EBS volumes are configured as a single RAID o device, and each
Provisioned IOPS volume is provisioned with 4.000 IOPS (4 000 16KB reads or writes) for
a total of 16.000 random IOPS on the instance The EC2 Instance initially delivers the
expected 16 000 IOPS random read and write performance Sometime later in order to
increase the total random I/O performance of the instance, you add an additional two 500
GB EBS Provisioned IOPS volumes to the RAID Each volume Is provisioned to 4.000 IOPs
like the original four for a total of 24.000 IOPS on the EC2 instance Monitoring shows that
the EC2 instance CPU utilization increased from 50% to 70%. but the total random IOPS
measured at the instance level does not increase at all.
What is the problem and a valid solution?
Company B is launching a new game app for mobile devices. Users will log into the game
using their existing social media account to streamline data capture. Company B would like
to directly save player data and scoring information from the mobile app to a DynamoDB
table named Score Data When a user saves their game the progress data will be stored to
the Game state S3 bucket. What is the best approach for storing data to DynamoDB and
S3?
Company B is launching a new game app for mobile devices. Users will log into the game
using their existing social media account to streamline data capture. Company B would like
to directly save player data and scoring information from the mobile app to a DynamoDB
table named Score Data When a user saves their game the progress data will be stored to
the Game state S3 bucket. What is the best approach for storing data to DynamoDB and
S3?
You are running a successful multitier web application on AWS and your marketing
department has asked you to add a reporting tier to the application. The reporting tier will
aggregate and publish status reports every 30 minutes from user-generated information
that is being stored in your web application s database. You are currently running a Multi-
AZ RDS MySQL instance for the database tier. You also have implemented Elasticache as
a database caching layer between the application tier and database tier. Please select the
answer that will allow you to successfully implement the reporting tier with as little impact
as possible to your database.
You are running a successful multitier web application on AWS and your marketing
department has asked you to add a reporting tier to the application. The reporting tier will
aggregate and publish status reports every 30 minutes from user-generated information
that is being stored in your web application s database. You are currently running a Multi-
AZ RDS MySQL instance for the database tier. You also have implemented Elasticache as
a database caching layer between the application tier and database tier. Please select the
answer that will allow you to successfully implement the reporting tier with as little impact
as possible to your database.
You have deployed a three-tier web application in a VPC with a CIOR block of 10 0 0 0/28
You initially deploy two web servers, two application servers, two database servers and
one NAT instance tor a total of seven EC2 instances The web. Application and database
servers are deployed across two availability zones (AZs). You also deploy an ELB in front
of the two web servers, and use Route53 for DNS Web (raffle gradually increases in the
first few days following the deployment, so you attempt to double the number of instances
in each tier of the application to handle the new load unfortunately some of these new
instances fail to launch. Which of the following could be the root cause?
You have deployed a three-tier web application in a VPC with a CIOR block of 10 0 0 0/28
You initially deploy two web servers, two application servers, two database servers and
one NAT instance tor a total of seven EC2 instances The web. Application and database
servers are deployed across two availability zones (AZs). You also deploy an ELB in front
of the two web servers, and use Route53 for DNS Web (raffle gradually increases in the
first few days following the deployment, so you attempt to double the number of instances
in each tier of the application to handle the new load unfortunately some of these new
instances fail to launch. Which of the following could be the root cause?
Your company previously configured a heavily used, dynamically routed VPN connection
between your on-premises data center and AWS. You recently provisioned a
DirectConnect connection and would like to start using the new connection. After
configuring DirectConnect settings in the AWS Console, which of the following options win
provide the most seamless transition for your users?
Your company previously configured a heavily used, dynamically routed VPN connection
between your on-premises data center and AWS. You recently provisioned a
DirectConnect connection and would like to start using the new connection. After
configuring DirectConnect settings in the AWS Console, which of the following options win
provide the most seamless transition for your users?
Your company hosts a social media site supporting users in multiple countries. You have
been asked to provide a highly available design tor the application that leverages multiple
regions tor the most recently accessed content and latency sensitive portions of the wet)
site The most latency sensitive component of the application involves reading user
preferences to support web site personalization and ad selection.
In addition to running your application in multiple regions, which option will support this
application’s requirements?
Your company hosts a social media site supporting users in multiple countries. You have
been asked to provide a highly available design tor the application that leverages multiple
regions tor the most recently accessed content and latency sensitive portions of the wet)
site The most latency sensitive component of the application involves reading user
preferences to support web site personalization and ad selection.
In addition to running your application in multiple regions, which option will support this
application’s requirements?
You deployed your company website using Elastic Beanstalk and you enabled log file
rotation to S3. An Elastic Map Reduce job is periodically analyzing the logs on S3 to build a usage dashboard that you share with your CIO. You recently improved overall performance of the website using Cloud Front for dynamic content delivery and your website as the origin. After this architectural change, the usage dashboard shows that the traffic on your website dropped by an order of magnitude. How do you fix your usage dashboard'?
You deployed your company website using Elastic Beanstalk and you enabled log file
rotation to S3. An Elastic Map Reduce job is periodically analyzing the logs on S3 to build a usage dashboard that you share with your CIO. You recently improved overall performance of the website using Cloud Front for dynamic content delivery and your website as the origin. After this architectural change, the usage dashboard shows that the traffic on your website dropped by an order of magnitude. How do you fix your usage dashboard'?
Your firm has uploaded a large amount of aerial image data to S3 In the past, in your onpremises
environment, you used a dedicated group of servers to oaten process this data
and used Rabbit MQ - An open source messaging system to get job information to the
servers. Once processed the data would go to tape and be shipped offsite. Your manager
told you to stay with the current design, and leverage AWS archival storage and messaging
services to minimize cost. Which is correct?
Your firm has uploaded a large amount of aerial image data to S3 In the past, in your onpremises
environment, you used a dedicated group of servers to oaten process this data
and used Rabbit MQ - An open source messaging system to get job information to the
servers. Once processed the data would go to tape and be shipped offsite. Your manager
told you to stay with the current design, and leverage AWS archival storage and messaging
services to minimize cost. Which is correct?
You are the new IT architect in a company that operates a mobile sleep tracking application
When activated at night, the mobile app is sending collected data points of 1 kilobyte every
5 minutes to your backend The backend takes care of authenticating the user and writing the data points into an Amazon DynamoDB table. Every morning, you scan the table to extract and aggregate last night's data on a per user basis, and store the results in Amazon S3.
Users are notified via Amazon SMS mobile push notifications that new data is available,
which is parsed and visualized by (The mobile app Currently you have around 100k users
who are mostly based out of North America. You have been tasked to optimize the architecture of the backend system to lower cost what would you recommend? (Choose 2 answers)
You are the new IT architect in a company that operates a mobile sleep tracking application
When activated at night, the mobile app is sending collected data points of 1 kilobyte every
5 minutes to your backend The backend takes care of authenticating the user and writing the data points into an Amazon DynamoDB table. Every morning, you scan the table to extract and aggregate last night's data on a per user basis, and store the results in Amazon S3.
Users are notified via Amazon SMS mobile push notifications that new data is available,
which is parsed and visualized by (The mobile app Currently you have around 100k users
who are mostly based out of North America. You have been tasked to optimize the architecture of the backend system to lower cost what would you recommend? (Choose 2 answers)
An enterprise wants to use a third-party SaaS application. The SaaS application needs to
have access to issue several API commands to discover Amazon EC2 resources running
within the enterprise's account The enterprise has internal security policies that require any
outside access to their environment must conform to the principles of least privilege and
there must be controls in place to ensure that the credentials used by the SaaS vendor
cannot be used by any other third party. Which of the following would meet all of these
conditions?
An enterprise wants to use a third-party SaaS application. The SaaS application needs to
have access to issue several API commands to discover Amazon EC2 resources running
within the enterprise's account The enterprise has internal security policies that require any
outside access to their environment must conform to the principles of least privilege and
there must be controls in place to ensure that the credentials used by the SaaS vendor
cannot be used by any other third party. Which of the following would meet all of these
conditions?
A web company is looking to implement an external payment service into their highly
available application deployed in a VPC Their application EC2 instances are behind a
public lacing ELB Auto scaling is used to add additional instances as traffic increases under
normal load the application runs 2 instances in the Auto Scaling group but at peak it can
scale 3x in size. The application instances need to communicate with the payment service
over the Internet which requires whitelisting of all public IP addresses used to communicate
with it. A maximum of 4 whitelisting IP addresses are allowed at a time and can be added
through an API.
How should they architect their solution?
A web company is looking to implement an external payment service into their highly
available application deployed in a VPC Their application EC2 instances are behind a
public lacing ELB Auto scaling is used to add additional instances as traffic increases under
normal load the application runs 2 instances in the Auto Scaling group but at peak it can
scale 3x in size. The application instances need to communicate with the payment service
over the Internet which requires whitelisting of all public IP addresses used to communicate
with it. A maximum of 4 whitelisting IP addresses are allowed at a time and can be added
through an API.
How should they architect their solution?
You've been brought in as solutions architect to assist an enterprise customer with their
migration of an e-commerce platform to Amazon Virtual Private Cloud (VPC) The previous
architect has already deployed a 3-tier VPC.
The configuration is as follows:
VPC: vpc-2f8bc447
IGW: igw-2d8bc445
NACL: ad-208bc448
Subnets and Route Tables:
Web servers: subnet-258bc44d
Application servers: subnet-248bc44c
Database servers: subnet-9189c6f9
Route Tables:
rrb-218bc449
rtb-238bc44b
Associations:
subnet-258bc44d : rtb-218bc449
subnet-248bc44c : rtb-238bc44b
subnet-9189c6f9 : rtb-238bc44b
You are now ready to begin deploying EC2 instances into the VPC Web servers must have
direct access to the internet Application and database servers cannot have direct access to
the internet.
Which configuration below will allow you the ability to remotely administer your application
and database servers, as well as allow these servers to retrieve updates from the Internet?
You've been brought in as solutions architect to assist an enterprise customer with their
migration of an e-commerce platform to Amazon Virtual Private Cloud (VPC) The previous
architect has already deployed a 3-tier VPC.
The configuration is as follows:
VPC: vpc-2f8bc447
IGW: igw-2d8bc445
NACL: ad-208bc448
Subnets and Route Tables:
Web servers: subnet-258bc44d
Application servers: subnet-248bc44c
Database servers: subnet-9189c6f9
Route Tables:
rrb-218bc449
rtb-238bc44b
Associations:
subnet-258bc44d : rtb-218bc449
subnet-248bc44c : rtb-238bc44b
subnet-9189c6f9 : rtb-238bc44b
You are now ready to begin deploying EC2 instances into the VPC Web servers must have
direct access to the internet Application and database servers cannot have direct access to
the internet.
Which configuration below will allow you the ability to remotely administer your application
and database servers, as well as allow these servers to retrieve updates from the Internet?
A newspaper organization has a on-premises application which allows the public to search
its back catalogue and retrieve individual newspaper pages via a website written in Java
They have scanned the old newspapers into JPEGs (approx 17TB) and used Optical
Character Recognition (OCR) to populate a commercial search product. The hosting
platform and software are now end of life and the organization wants to migrate Its archive
to AWS and produce a cost efficient architecture and still be designed for availability and
durability. Which is the most appropriate?
A newspaper organization has a on-premises application which allows the public to search
its back catalogue and retrieve individual newspaper pages via a website written in Java
They have scanned the old newspapers into JPEGs (approx 17TB) and used Optical
Character Recognition (OCR) to populate a commercial search product. The hosting
platform and software are now end of life and the organization wants to migrate Its archive
to AWS and produce a cost efficient architecture and still be designed for availability and
durability. Which is the most appropriate?
A web company is looking to implement an intrusion detection and prevention system into
their deployed VPC. This platform should have the ability to scale to thousands of
instances running inside of the VPC. How should they architect their solution to achieve these goals?
A web company is looking to implement an intrusion detection and prevention system into
their deployed VPC. This platform should have the ability to scale to thousands of
instances running inside of the VPC. How should they architect their solution to achieve these goals?
An AWS customer runs a public blogging website. The site users upload two million blog
entries a month The average blog entry size is 200 KB. The access rate to blog entries
drops to negligible 6 months after publication and users rarely access a blog entry 1 year
after publication. Additionally, blog entries have a high update rate during the first 3 months
following publication, this drops to no updates after 6 months. The customer wants to use
CloudFront to improve his user's load times. Which of the following recommendations
would you make to the customer?
An AWS customer runs a public blogging website. The site users upload two million blog
entries a month The average blog entry size is 200 KB. The access rate to blog entries
drops to negligible 6 months after publication and users rarely access a blog entry 1 year
after publication. Additionally, blog entries have a high update rate during the first 3 months
following publication, this drops to no updates after 6 months. The customer wants to use
CloudFront to improve his user's load times. Which of the following recommendations
would you make to the customer?
You have a periodic Image analysis application that gets some files In Input analyzes them
and tor each file writes some data in output to a ten file the number of files in input per day
is high and concentrated in a few hours of the day.
Currently you have a server on EC2 with a large EBS volume that hosts the input data and
the results it takes almost 20 hours per day to complete the process
What services could be used to reduce the elaboration time and improve the availability of
the solution?
You have a periodic Image analysis application that gets some files In Input analyzes them
and tor each file writes some data in output to a ten file the number of files in input per day
is high and concentrated in a few hours of the day.
Currently you have a server on EC2 with a large EBS volume that hosts the input data and
the results it takes almost 20 hours per day to complete the process
What services could be used to reduce the elaboration time and improve the availability of
the solution?
Your team has a tomcat-based Java application you need to deploy into development, test
and production environments. After some research, you opt to use Elastic Beanstalk due to
its tight integration with your developer tools and RDS due to its ease of management.
Your QA team lead points out that you need to roll a sanitized set of production data into
your environment on a nightly basis. Similarly, other software teams in your org want
access to that same restored data via their EC2 instances in your VPC .The optimal setup
for persistence and security that meets the above requirements would be the following.
Your team has a tomcat-based Java application you need to deploy into development, test
and production environments. After some research, you opt to use Elastic Beanstalk due to
its tight integration with your developer tools and RDS due to its ease of management.
Your QA team lead points out that you need to roll a sanitized set of production data into
your environment on a nightly basis. Similarly, other software teams in your org want
access to that same restored data via their EC2 instances in your VPC .The optimal setup
for persistence and security that meets the above requirements would be the following.
Your fortune 500 company has under taken a TCO analysis evaluating the use of Amazon
S3 versus acquiring more hardware The outcome was that ail employees would be granted
access to use Amazon S3 for storage of their personal documents.
Which of the following you will not need to consider so you can set up a solution that
incorporates single sign-on from your corporate AD or LDAP directory and restricts access
for each user to a designated user folder in a bucket?
Your fortune 500 company has under taken a TCO analysis evaluating the use of Amazon
S3 versus acquiring more hardware The outcome was that ail employees would be granted
access to use Amazon S3 for storage of their personal documents.
Which of the following you will not need to consider so you can set up a solution that
incorporates single sign-on from your corporate AD or LDAP directory and restricts access
for each user to a designated user folder in a bucket?
You're running an application on-premises due to its dependency on non-x86 hardware
and want to use AWS for data backup. Your backup application is only able to write to
POSIX-compatible block-based storage. You have 140TB of data and would like to mount it
as a single folder on your file server Users must be able to access portions of this data
while the backups are taking place. What backup solution would be most appropriate for
this use case?
You're running an application on-premises due to its dependency on non-x86 hardware
and want to use AWS for data backup. Your backup application is only able to write to
POSIX-compatible block-based storage. You have 140TB of data and would like to mount it
as a single folder on your file server Users must be able to access portions of this data
while the backups are taking place. What backup solution would be most appropriate for
this use case?
When you run a DB Instance as a Multi-AZ deployment, the "_____" serves database writes and reads
When you run a DB Instance as a Multi-AZ deployment, the "_____" serves database writes and reads
Your company policies require encryption of sensitive data at rest. You are considering the
possible options for protecting data while storing it at rest on an EBS data volume, attached
to an EC2 instance. Which of these options would not allow you to encrypt your data at rest?
Your company policies require encryption of sensitive data at rest. You are considering the
possible options for protecting data while storing it at rest on an EBS data volume, attached
to an EC2 instance. Which of these options would not allow you to encrypt your data at rest?
A company is building a voting system for a popular TV show, viewers win watch the
performances then visit the show's website to vote for their favorite performer. It is
expected that in a short period of time after the show has finished the site will receive
millions of visitors. The visitors will first login to the site using their Amazon.com credentials
and then submit their vote. After the voting is completed the page will display the vote
totals. The company needs to build the site such that can handle the rapid influx of traffic
while maintaining good performance but also wants to keep costs to a minimum. Which of
the design patterns below should they use?
A company is building a voting system for a popular TV show, viewers win watch the
performances then visit the show's website to vote for their favorite performer. It is
expected that in a short period of time after the show has finished the site will receive
millions of visitors. The visitors will first login to the site using their Amazon.com credentials
and then submit their vote. After the voting is completed the page will display the vote
totals. The company needs to build the site such that can handle the rapid influx of traffic
while maintaining good performance but also wants to keep costs to a minimum. Which of
the design patterns below should they use?
-
-
-
-
A read only news reporting site with a combined web and application tier and a database
tier that receives large and unpredictable traffic demands must be able to respond to these
traffic fluctuations automatically. What AWS services should be used meet these
requirements?
A read only news reporting site with a combined web and application tier and a database
tier that receives large and unpredictable traffic demands must be able to respond to these
traffic fluctuations automatically. What AWS services should be used meet these
requirements?
You are designing a connectivity solution between on-premises infrastructure and Amazon
VPC Your server’s on-premises will De communicating with your VPC instances You will
De establishing IPSec tunnels over the internet You will be using VPN gateways and
terminating the IPsec tunnels on AWS-supported customer gateways.
Which of the following objectives would you achieve by implementing an IPSec tunnel as
outlined above? (Choose 4 answers)
You are designing a connectivity solution between on-premises infrastructure and Amazon
VPC Your server’s on-premises will De communicating with your VPC instances You will
De establishing IPSec tunnels over the internet You will be using VPN gateways and
terminating the IPsec tunnels on AWS-supported customer gateways.
Which of the following objectives would you achieve by implementing an IPSec tunnel as
outlined above? (Choose 4 answers)
Fill in the blanks: Resources that are created in AWS are identified by a unique identifier
called an __________
Fill in the blanks: Resources that are created in AWS are identified by a unique identifier
called an __________
A web design company currently runs several FTP servers that their 250 customers use to
upload and download large graphic files They wish to move this system to AWS to make it
more scalable, but they wish to maintain customer privacy and Keep costs to a minimum.
What AWS architecture would you recommend?
A web design company currently runs several FTP servers that their 250 customers use to
upload and download large graphic files They wish to move this system to AWS to make it
more scalable, but they wish to maintain customer privacy and Keep costs to a minimum.
What AWS architecture would you recommend?
You are looking to migrate your Development (Dev) and Test environments to AWS. You
have decided to use separate AWS accounts to host each environment. You plan to link
each accounts bill to a Master AWS account using Consolidated Billing. To make sure you
Keep within budget you would like to implement a way for administrators in the Master
account to have access to stop, delete and/or terminate resources in both the Dev and Test
accounts. Identify which option will allow you to achieve this goal.
You are looking to migrate your Development (Dev) and Test environments to AWS. You
have decided to use separate AWS accounts to host each environment. You plan to link
each accounts bill to a Master AWS account using Consolidated Billing. To make sure you
Keep within budget you would like to implement a way for administrators in the Master
account to have access to stop, delete and/or terminate resources in both the Dev and Test
accounts. Identify which option will allow you to achieve this goal.
Your startup wants to implement an order fulfillment process for selling a personalized gadget that needs an average of 3-4 days to produce with some orders taking up to 6 months you expect 10 orders per day on your first day. 1000 orders per day after 6 months and 10,000 orders after 12 months. Orders coming in are checked for consistency men dispatched to your manufacturing plant for production quality control packaging shipment and payment processing If the product does not meet the quality standards at any stage of the process employees may force the process to repeat a step Customers are notified via email about order status and any critical issues with their orders such as payment failure. Your case architecture includes AWS Elastic Beanstalk for your website with an RDS MySQL instance for customer data and orders.
How can you implement the order fulfillment process while making sure that the emails are delivered reliably?
Your startup wants to implement an order fulfillment process for selling a personalized gadget that needs an average of 3-4 days to produce with some orders taking up to 6 months you expect 10 orders per day on your first day. 1000 orders per day after 6 months and 10,000 orders after 12 months. Orders coming in are checked for consistency men dispatched to your manufacturing plant for production quality control packaging shipment and payment processing If the product does not meet the quality standards at any stage of the process employees may force the process to repeat a step Customers are notified via email about order status and any critical issues with their orders such as payment failure. Your case architecture includes AWS Elastic Beanstalk for your website with an RDS MySQL instance for customer data and orders.
How can you implement the order fulfillment process while making sure that the emails are delivered reliably?
An administrator is using Amazon CloudFormation to deploy a three tier web application
that consists of a web tier and application tier that will utilize Amazon DynamoDB for
storage when creating the CloudFormation template which of the following would allow the
application instance access to the DynamoDB tables without exposing API credentials?
An administrator is using Amazon CloudFormation to deploy a three tier web application
that consists of a web tier and application tier that will utilize Amazon DynamoDB for
storage when creating the CloudFormation template which of the following would allow the
application instance access to the DynamoDB tables without exposing API credentials?
Your company has na on premise multi tier PHP web application which recently experienced down timer due to alarge burst in web traffic due to company announcement. Over the coming days you are expecting similar unpredictable bursts announcements to drive and are looking to find ways to quickly improve your infrastructure ability to handle unexpected increase in traffic. The application currently consists of 2 tiers a web tier which consists of a load balancer and several Linux Apache web servers as well as a database tier which hosts a Linux serverhosting a MySQL database. Which scenario below will provide full site functionality, while helping to improve the ability
of your application in the short timeframe required?
Your company has na on premise multi tier PHP web application which recently experienced down timer due to alarge burst in web traffic due to company announcement. Over the coming days you are expecting similar unpredictable bursts announcements to drive and are looking to find ways to quickly improve your infrastructure ability to handle unexpected increase in traffic. The application currently consists of 2 tiers a web tier which consists of a load balancer and several Linux Apache web servers as well as a database tier which hosts a Linux serverhosting a MySQL database. Which scenario below will provide full site functionality, while helping to improve the ability
of your application in the short timeframe required?
-
-
-
-
Your customer wishes to deploy an enterprise application to AWS which will consist of
several web servers, several application servers and a small (50GB) Oracle database
information is stored, both in the database and the file systems of the various servers. The
backup system must support database recovery whole server and whole disk restores, and
individual file restores with a recovery time of no more than two hours. They have chosen
to use RDS Oracle as the database Which backup architecture will meet these requirements?
Your customer wishes to deploy an enterprise application to AWS which will consist of
several web servers, several application servers and a small (50GB) Oracle database
information is stored, both in the database and the file systems of the various servers. The
backup system must support database recovery whole server and whole disk restores, and
individual file restores with a recovery time of no more than two hours. They have chosen
to use RDS Oracle as the database Which backup architecture will meet these requirements?
Your website is serving on-demand training videos to your workforce. Videos are uploaded
monthly in high resolution MP4 format. Your workforce is distributed globally often on the
move and using company-provided tablets that require the HTTP Live Streaming (HLS)
protocol to watch a video. Your company has no video transcoding expertise and it
required you may need to pay for a consultant.
How do you implement the most cost-efficient architecture without compromising high
availability and quality of video delivery'?
Your website is serving on-demand training videos to your workforce. Videos are uploaded
monthly in high resolution MP4 format. Your workforce is distributed globally often on the
move and using company-provided tablets that require the HTTP Live Streaming (HLS)
protocol to watch a video. Your company has no video transcoding expertise and it
required you may need to pay for a consultant.
How do you implement the most cost-efficient architecture without compromising high
availability and quality of video delivery'?
Your application is using an ELB in front of an Auto Scaling group of web/application
servers deployed across two AZs and a Multi-AZ RDS Instance for data persistence.
The database CPU is often above 80% usage and 90% of I/O operations on the database
are reads. To improve performance you recently added a single-node Memcached
ElastiCache Cluster to cache frequent DB query results. In the next weeks the overall
workload is expected to grow by 30%.
Do you need to change anything in the architecture to maintain the high availability or the
application with the anticipated additional load? Why?
Your application is using an ELB in front of an Auto Scaling group of web/application
servers deployed across two AZs and a Multi-AZ RDS Instance for data persistence.
The database CPU is often above 80% usage and 90% of I/O operations on the database
are reads. To improve performance you recently added a single-node Memcached
ElastiCache Cluster to cache frequent DB query results. In the next weeks the overall
workload is expected to grow by 30%.
Do you need to change anything in the architecture to maintain the high availability or the
application with the anticipated additional load? Why?
You are designing the network infrastructure for an application server in Amazon VPC Users will access all the application instances from the Internet as well as from an onpremises
network The on-premises network is connected to your VPC over an AWS Direct Connect link.
How would you design routing to meet the above requirements?
You are designing the network infrastructure for an application server in Amazon VPC Users will access all the application instances from the Internet as well as from an onpremises
network The on-premises network is connected to your VPC over an AWS Direct Connect link.
How would you design routing to meet the above requirements?
You are migrating a legacy client-server application to AWS. The application responds to a
specific DNS domain (e.g. www.example.com) and has a 2-tier architecture, with multiple
application servers and a database server. Remote clients use TCP to connect to the
application servers. The application servers need to know the IP address of the clients in
order to function properly and are currently taking that information from the TCP socket. A
Multi-AZ RDS MySQL instance will be used for the database. During the migration you can change the application code, but you have to file a change request. How would you implement the architecture on AWS in order to maximize scalability and high availability?
You are migrating a legacy client-server application to AWS. The application responds to a
specific DNS domain (e.g. www.example.com) and has a 2-tier architecture, with multiple
application servers and a database server. Remote clients use TCP to connect to the
application servers. The application servers need to know the IP address of the clients in
order to function properly and are currently taking that information from the TCP socket. A
Multi-AZ RDS MySQL instance will be used for the database. During the migration you can change the application code, but you have to file a change request. How would you implement the architecture on AWS in order to maximize scalability and high availability?
Your company runs a customer facing event registration site This site is built with a 3-tier
architecture with web and application tier servers and a MySQL database The application
requires 6 web tier servers and 6 application tier servers for normal operation, but can run
on a minimum of 65% server capacity and a single MySQL database. When deploying this
application in a region with three availability zones (AZs) which architecture provides high
availability?
Your company runs a customer facing event registration site This site is built with a 3-tier
architecture with web and application tier servers and a MySQL database The application
requires 6 web tier servers and 6 application tier servers for normal operation, but can run
on a minimum of 65% server capacity and a single MySQL database. When deploying this
application in a region with three availability zones (AZs) which architecture provides high
availability?
A customer has established an AWS Direct Connect connection to AWS. The link is up and
routes are being advertised from the customer's end, however the customer is unable to
connect from EC2 instances inside its VPC to servers residing in its datacenter.
Which of the following options provide a viable solution to remedy this situation?
A customer has established an AWS Direct Connect connection to AWS. The link is up and
routes are being advertised from the customer's end, however the customer is unable to
connect from EC2 instances inside its VPC to servers residing in its datacenter.
Which of the following options provide a viable solution to remedy this situation?
You are implementing AWS Direct Connect. You intend to use AWS public service end
points such as Amazon S3, across the AWS Direct Connect link. You want other Internet
traffic to use your existing link to an Internet Service Provider.
What is the correct way to configure AWS Direct connect for access to services such as
Amazon S3?
You are implementing AWS Direct Connect. You intend to use AWS public service end
points such as Amazon S3, across the AWS Direct Connect link. You want other Internet
traffic to use your existing link to an Internet Service Provider.
What is the correct way to configure AWS Direct connect for access to services such as
Amazon S3?
You are designing Internet connectivity for your VPC. The Web servers must be available on the Internet. The application must have a highly available architecture. Which alternatives should you consider?
You are designing Internet connectivity for your VPC. The Web servers must be available on the Internet. The application must have a highly available architecture. Which alternatives should you consider?
To serve Web traffic for a popular product your chief financial officer and IT director have
purchased 10 ml large heavy utilization Reserved Instances (RIs) evenly spread across two
availability zones: Route 53 is used to deliver the traffic to an Elastic Load Balancer (ELB).
After several months, the product grows even more popular and you need additional
capacity As a result, your company purchases two C3.2xlarge medium utilization Ris You
register the two c3 2xlarge instances with your ELB and quickly find that the ml large
instances are at 100% of capacity and the c3 2xlarge instances have significant capacity
that's unused Which option is the most cost effective and uses EC2 capacity most
effectively?
To serve Web traffic for a popular product your chief financial officer and IT director have
purchased 10 ml large heavy utilization Reserved Instances (RIs) evenly spread across two
availability zones: Route 53 is used to deliver the traffic to an Elastic Load Balancer (ELB).
After several months, the product grows even more popular and you need additional
capacity As a result, your company purchases two C3.2xlarge medium utilization Ris You
register the two c3 2xlarge instances with your ELB and quickly find that the ml large
instances are at 100% of capacity and the c3 2xlarge instances have significant capacity
that's unused Which option is the most cost effective and uses EC2 capacity most
effectively?
Does Amazon RDS allow direct host access via Telnet, Secure Shell (SSH), or Windows Remote Desktop Connection?
Does Amazon RDS allow direct host access via Telnet, Secure Shell (SSH), or Windows Remote Desktop Connection?
You've been hired to enhance the overall security posture for a very large e-commerce site
They have a well architected multi-tier application running in a VPC that uses ELBs in front
of both the web and the app tier with static assets served directly from S3 They are using a
combination of RDS and DynamoOB for their dynamic data and then archiving nightly into
S3 for further processing with EMR They are concerned because they found questionable
log entries and suspect someone is attempting to gain unauthorized access.
Which approach provides a cost effective scalable mitigation to this kind of attack?
You've been hired to enhance the overall security posture for a very large e-commerce site
They have a well architected multi-tier application running in a VPC that uses ELBs in front
of both the web and the app tier with static assets served directly from S3 They are using a
combination of RDS and DynamoOB for their dynamic data and then archiving nightly into
S3 for further processing with EMR They are concerned because they found questionable
log entries and suspect someone is attempting to gain unauthorized access.
Which approach provides a cost effective scalable mitigation to this kind of attack?
Your department creates regular analytics reports from your company's log files All log data
is collected in Amazon S3 and processed by daily Amazon Elastic MapReduce (EMR) jobs
that generate daily PDF reports and aggregated tables in CSV format for an Amazon
Redshift data warehouse. Your CFO requests that you optimize the cost structure for this system.
Which of the following alternatives will lower costs without compromising average
performance of the system or data integrity for the raw data?
Your department creates regular analytics reports from your company's log files All log data
is collected in Amazon S3 and processed by daily Amazon Elastic MapReduce (EMR) jobs
that generate daily PDF reports and aggregated tables in CSV format for an Amazon
Redshift data warehouse. Your CFO requests that you optimize the cost structure for this system.
Which of the following alternatives will lower costs without compromising average
performance of the system or data integrity for the raw data?
You are designing a photo sharing mobile app the application will store all pictures in a
single Amazon S3 bucket.
Users will upload pictures from their mobile device directly to Amazon S3 and will be able
to view and download their own pictures directly from Amazon S3.
You want to configure security to handle potentially millions of users in the most secure
manner possible. What should your server-side application do when a new user registers
on the photo-sharing mobile application?
You are designing a photo sharing mobile app the application will store all pictures in a
single Amazon S3 bucket.
Users will upload pictures from their mobile device directly to Amazon S3 and will be able
to view and download their own pictures directly from Amazon S3.
You want to configure security to handle potentially millions of users in the most secure
manner possible. What should your server-side application do when a new user registers
on the photo-sharing mobile application?
Your company currently has a 2-tier web application running in an on-premises data center.
You have experienced several infrastructure failures in the past two months resulting in
significant financial losses. Your CIO is strongly agreeing to move the application to AWS.
While working on achieving buy-in from the other company executives, he asks you to
develop a disaster recovery plan to help improve Business continuity in the short term. He
specifies a target Recovery Time Objective (RTO) of 4 hours and a Recovery Point
Objective (RPO) of 1 hour or less. He also asks you to implement the solution within 2
weeks. Your database is 200GB in size and you have a 20Mbps Internet connection. How would you do this while minimizing costs?
Your company currently has a 2-tier web application running in an on-premises data center.
You have experienced several infrastructure failures in the past two months resulting in
significant financial losses. Your CIO is strongly agreeing to move the application to AWS.
While working on achieving buy-in from the other company executives, he asks you to
develop a disaster recovery plan to help improve Business continuity in the short term. He
specifies a target Recovery Time Objective (RTO) of 4 hours and a Recovery Point
Objective (RPO) of 1 hour or less. He also asks you to implement the solution within 2
weeks. Your database is 200GB in size and you have a 20Mbps Internet connection. How would you do this while minimizing costs?
What does Amazon SWF stand for?
What does Amazon SWF stand for?
Your system recently experienced down time during the troubleshooting process. You
found that a new administrator mistakenly terminated several production EC2 instances.
Which of the following strategies will help prevent a similar situation in the future?
The administrator still must be able to:
- launch, start stop, and terminate development resources.
- launch and start production instances.
Your system recently experienced down time during the troubleshooting process. You
found that a new administrator mistakenly terminated several production EC2 instances.
Which of the following strategies will help prevent a similar situation in the future?
The administrator still must be able to:
- launch, start stop, and terminate development resources.
- launch and start production instances.
You would like to create a mirror image of your production environment in another region
for disaster recovery purposes. Which of the following AWS resources do not need to be
recreated in the second region?
You would like to create a mirror image of your production environment in another region
for disaster recovery purposes. Which of the following AWS resources do not need to be
recreated in the second region?
In the Launch Db Instance Wizard, where can I select the backup and maintenance
options?
In the Launch Db Instance Wizard, where can I select the backup and maintenance
options?
You are designing a social media site and are considering how to mitigate distributed
denial-of-service (DDoS) attacks. Which of the below are viable mitigation techniques?
You are designing a social media site and are considering how to mitigate distributed
denial-of-service (DDoS) attacks. Which of the below are viable mitigation techniques?
Your customer is willing to consolidate their log streams (access logs application logs
security logs etc.) in one single system. Once consolidated, the customer wants to analyze
these logs in real time based on heuristics. From time to time, the customer needs to
validate heuristics, which requires going back to data samples extracted from the last 12
hours?
What is the best approach to meet your customer’s requirements?
Your customer is willing to consolidate their log streams (access logs application logs
security logs etc.) in one single system. Once consolidated, the customer wants to analyze
these logs in real time based on heuristics. From time to time, the customer needs to
validate heuristics, which requires going back to data samples extracted from the last 12
hours?
What is the best approach to meet your customer’s requirements?
Your company is in the process of developing a next generation pet collar that collects biometric information to assist families with promoting healthy lifestyles for their pets Each collar will push 30kb of biometric data In JSON format every 2 seconds to a collection platform that will process and analyze the data providing health trending information back to the pet owners and veterinarians via a web portal Management has tasked you to architect the collection platform ensuring the following requirements are met. Provide the ability for real-time analytics of the inbound biometric data Ensure processing of the biometric data is highly durable. Elastic and parallel The results of the analytic processing should be persisted for data mining. Which architecture outlined below win meet the initial requirements for the collection platform?
Your company is in the process of developing a next generation pet collar that collects biometric information to assist families with promoting healthy lifestyles for their pets Each collar will push 30kb of biometric data In JSON format every 2 seconds to a collection platform that will process and analyze the data providing health trending information back to the pet owners and veterinarians via a web portal Management has tasked you to architect the collection platform ensuring the following requirements are met. Provide the ability for real-time analytics of the inbound biometric data Ensure processing of the biometric data is highly durable. Elastic and parallel The results of the analytic processing should be persisted for data mining. Which architecture outlined below win meet the initial requirements for the collection platform?
You are designing an SSUTLS solution that requires HTTPS clients to be authenticated by
the Web server using client certificate authentication. The solution must be resilient.
Which of the following options would you consider for configuring the web server
infrastructure? (Choose 2 answers)
You are designing an SSUTLS solution that requires HTTPS clients to be authenticated by
the Web server using client certificate authentication. The solution must be resilient.
Which of the following options would you consider for configuring the web server
infrastructure? (Choose 2 answers)