aws003

更新时间：试题数量：购买人数：提供作者：

有效期：个月

章节介绍：共有个章节

我的练习

我的错题
(0道)

我的收藏
(0道)

我的斩题
(0道)

我的笔记
(0道)

专项练习

顺序练习 练习进度 0 / 0

随机练习 自定义设置练习量

模拟考试 仿真模拟

题型练习 按题型分类练习

易错题 精选高频易错题

学习资料 考试学习相关信息

搜索

题库预览

A Solutions Architect is designing the cloud architecture for the enterprise application suite of the company. Both the web and application tiers need to access the Internet to fetch data from public APIs. However, these servers should be inaccessible from the Internet.

Which of the following steps should the Architect implement to meet the above requirements?

A company has a web application hosted in AWS cloud where the application logs are sent to Amazon CloudWatch. Lately, the web application has recently been encountering some errors which can be resolved simply by restarting the instance.

What will you do to automatically restart the EC2 instances whenever the same application error occurs?

A company has hundreds of VPCs with multiple VPN connections to their data centers spanning 5 AWS Regions. As the number of its workloads grows, the company must be able to scale its networks across multiple accounts and VPCs to keep up. A Solutions Architect is tasked to interconnect all of the company's on-premises networks, VPNs, and VPCs into a single gateway, which includes support for inter- region peering across multiple AWS regions.

Which of the following is the BEST solution that the architect should set up to support the required
interconnectivity?

A new company policy requires IAM users to change their passwords' minimum length to 12 characters. After a random inspection, you found out that there are still employees who do not follow the policy. How can you automatically check and evaluate whether the current password policy for an account complies with the company password policy?

A company has stored 200 TB of backup files in Amazon S3. The files are in a vendor-proprietary format. The Solutions Architect needs to use the vendor's proprietary file conversion software to retrieve the files from their Amazon S3 bucket, transform the files to an industry-standard format, and re-upload the files back to Amazon S3. The solution must minimize the data transfer costs. Which of the following options can satisfy the given requirement?

A web application requires a minimum of six Amazon Elastic Compute Cloud (EC2) instances running at
all times. You are tasked to deploy the application to three availability zones in the EU Ireland region (eu- west-
1a, eu-west-1b, and eu-west-1c). It is required that the system is fault-tolerant up to the loss of one Availability
Zone.
Which of the following setup is the most cost-effective solution which also maintains the fault-tolerance of your
system?

The company you are working for has a set of AWS resources hosted in ap-northeast-1 region. You have been asked by your IT Manager to create an AWS CLI shell script that will call an AWS service which could create duplicate resources in another region in the event that ap-northeast-1 region fails. The duplicated resources should also contain the VPC Peering configuration and other networking components from the primary stack.
Which of the following AWS services could help fulfill this task?

A data analytics company, which uses machine learning to collect and analyze consumer data, is using Redshift cluster as their data warehouse. You are instructed to implement a disaster recovery plan for their systems to ensure business continuity even in the event of an AWS region outage.

Which of the following is the best approach to meet this requirement?

A company has a distributed application in AWS that periodically processes large volumes of data across multiple instances. The Solutions Architect designed the application to recover gracefully from any instance failures. He is then required to launch the application in the most cost-effective way.

Which type of EC2 instance will meet this requirement?

A company plans to migrate a NoSQL database to an EC2 instance. The database is configured to replicate the data automatically to keep multiple copies of data for redundancy. The Solutions Architect needs to launch an instance that has a high IOPS and sequential read/write access. Which of the following options fulfills the requirement if I/O throughput is the highest priority?

A company is using an On-Demand EC2 instance to host a legacy web application that uses an Amazon Instance Store-Backed AMI. The web application should be decommissioned as soon as possible and hence, you need to terminate the EC2 instance.
When the instance is terminated, what happens to the data on the root volume?

A company is using the AWS Directory Service to integrate their on-premises Microsoft Active Directory (AD) domain with their Amazon EC2 instances via an AD connector. The below identity-based policy is attached to the IAM Identities that use the AWS Directory service:

{
"Version":"2012-10-17",
"Statement":[
{
"Sid":"DirectoryTutorialsDojo1234",
"Effect":"Allow",
"Action":[
"ds:*"
],
"Resource":"arn:aws:ds:us-east-1:987654321012:directory/d-1234567890"11. }, {
"Effect":"Allow",
"Action":[
"ec2:*"
],
"Resource":"*"
}
]
}

Which of the following BEST describes what the above resource policy does?

A newly hired Solutions Architect is checking all of the security groups and network access control list rules of the company's AWS resources. For security purposes, the MS SQL connection via port 1433 of the database tier should be secured. Below is the security group configuration of their Microsoft SQL Server database:The application tier hosted in an Auto Scaling group of EC2 instances is the only identified resource that needs to connect to the database. The Architect should ensure that the architecture complies with the best practice of granting least privilege.
Which of the following changes should be made to the security group configuration?

A company has a set of Linux servers running on multiple On-Demand EC2 Instances. The Audit team wants to collect and process the application log files generated from these servers for their report. Which of the following services is best to use in this case?

A startup launched a new FTP server using an On-Demand EC2 instance in a newly created VPC with default settings. The server should not be accessible publicly but only through the IP address45.116.100 and nowhere else.
Which of the following is the most suitable way to implement this requirement?

A company is using an Auto Scaling group which is configured to launch new t2.micro EC2 instances when there is a significant load increase in the application. To cope with the demand, you now need to replace those instances with a larger t2.2xlarge instance type. How would you implement this change?

A company has a two-tier environment in its on-premises data center which is composed of an application
tier and database tier. You are instructed to migrate their environment to the AWS cloud, and to design the
subnets in their VPC with the following requirements:

1.There is an application load balancer that would distribute the incoming traffic among the servers in the
application tier.

2. The application tier and the database tier must not be accessible from the public
Internet. The application tier should only accept traffic coming from the load balancer.

3. The database tier contains very sensitive data. It must not share the same subnet with other AWS resources and its custom route table with other instances in the environment.

4. The environment must be highly available and scalable to handle a surge of incoming traffic over the Internet.

How many subnets should you create to meet the above requirements?

A financial firm is designing an application architecture for its online trading platform that must have high availability and fault tolerance. Their Solutions Architect configured the application to use an Amazon S3 bucket located in the us-east-1 region to store large amounts of intraday financial data. The stored financial data in the bucket must not be affected even if there is an outage in one of the Availability Zones or if there's a regional service failure.

What should the Architect do to avoid any costly service disruptions and ensure data durability?

A company has a web application hosted in an On-Demand EC2 instance. You are creating a shell script that needs the instance's public and private IP addresses. What is the best way to get the instance's associated IP addresses which your shell script can use?

1 2 3 4 5