A start-up company has a web applica

单选题 A start-up company has a web application based in the us-east-1 Region with multiple Amazon EC2 instances running behind an Application Load Balancer across multiple Availability Zones.As the company's user base grows in the us-west-1 Region, it needs a solution with low latency and high availability.What should a solutions architect do to accomplish this？

A、 Provision EC2 instances in us-west-1Switch the Application Load Balancer to a Network Load Balancer to achieve cross-Region load balancing

B、 Provision EC2 instances and an Application Load Balancer in us-west-1Make the load balancer distribute the traffic based on the location of the request

C、 Provision EC2 instances and configure an Application Load Balancer in us-west-1 Create an accelerator in AWS Global Accelerator that uses an endpoint group that includes the load balancer endpoints in both Regions

D、 Provision EC2 instances and configure an Application Load Balancer in us-west-1Configure Amazon Route 53 with a weighted routing policy Create alias records in Route 53 that point to the Application Load Balancer.

查看答案

下载APP答题

由4l***ag提供分享举报纠错

相关试题

单选题 A product team is creating a new application that will store a large amount of data. The data will be analyzed hourly and modified by multiple Amazon EC2 Linux instances. The application team believes the amount of space needed will continue to grow for the next 6 months.Which set of actions should a solutions architect take to support these needs？

A、 Store the data in an Amazon EBS volume Mount the EBS volume on the application instances

B、 Store the data in an Amazon EFS file system. Mount the file system on the application instances

C、 Store the data in Amazon S3 Glacier. Update the vault policy to allow access to the application instances

D、 Store the data in Amazon S3 Standard-Infrequent Access（S3 Standard-IA） Update the bucket policy to allow access to the application Instances

查看答案

单选题 A solutions architect is designing a web application that will run on Amazon EC2 instances behind an Application Load Balancer （ALB）The company strictly requires that the application be resilient against malicious internet activity and attacks, and protect against new common vulnerabilities and exposuresWhat should the solutions architect recommend？

A、 Leverage Amazon CloudFront with the ALB endpoint as the origin

B、 Deploy an appropriate managed rule for AWS WAF and associate it with the ALB

C、 Subscribe to AWS Shield Advanced and ensure common vulnerabilities and exposures are blocked

D、 Configure network ACLs and security groups to allow only ports 80 and 443 to access the EC2 instances

查看答案

单选题 A company serves content to its subscribers across the world using an application running on AWS. The application has several Amazon EC2 instances in a private subnet behind an Application Load Balancer（ALB）. Due to a recent change in copyright restrictions, the chief information officer（CIO）wants to block access for certain countriesWhich action will meet these requirements？

A、 Modify the ALB security group to deny incoming traffic from blocked countries

B、 Modify the security group for EC2 instances to deny incoming traffic from blocked countries

C、 Use Amazon CloudFront to serve the application and deny access to blocked countries

D、 Use ALB listener rules to return access denied responses to incoming traffic from blocked countries

查看答案

单选题 A company has an application that calls AWS Lambda functions. A recent code review found database credentials stored in the source code. The database credentials need to be removed from the Lambda source code. The credentials must then be securely stored and rotated on an ongoing basis to meet security policy requirementsWhat should a solutions architect recommend to meet these requirements？

A、 Store the password in AWS CloudHSM. Associate the Lambda function with a role that can retrieve the password from CloudHSM given its key ID

B、 Store the password in AWS Secrets Manager. Associate the Lambda function with a role that can retrieve the password from Secrets Manager given its secret ID

C、 Move the database password to an environment variable associated with the Lambda function. Retrieve the password from the environment variable upon execution

D、 Store the password in AWS Key Management Service（AWS KMS）. Associate the Lambda function with a role that can retrieve the password from AWS KMS given its key ID

查看答案

单选题 An application running on AWS uses an Amazon Aurora Multi-AZ deployment for its database. When evaluating performance metrics, a solutions architect discovered that the database reads are causing high l/O and adding latency to the write requests against the database.What should the solutions architect do to separate the read requests from the write requests？

A、 Enable read-through caching on the Amazon Aurora database.

B、 Update the application to read from the Multi-AZ standby instance

C、 Create a read replica and modify the application to use the appropriate endpoint

D、 Create a second Amazon Aurora database and link it to the primary database as a read replica

查看答案

单选题 A company is planning to use Amazon S3 to store images uploaded by its users. The images must be encrypted at rest in Amazon S3. The company does not want to spend time managing and rotating the keys, but it does want to control who can access those keys.What should a solutions architect use to accomplish this？

A、 Server-Side Encryption with keys stored in an S3 bucket

B、 Server-Side Encryption with Customer-Provided Keys（SSE-C）

C、 Server-Side Encryption with Amazon S3-Managed Keys（SSE-S3）

D、 Server-Side Encryption with AWS KMS-Managed Keys（SSE-KMS）

查看答案

单选题 A company's legacy application is currently relying on a single-instance Amazon RDS MySQL database without encryption. Due to new compliance requirements, all existing and new data in this database must be encrypted.How should this be accomplished？

A、 Create an Amazon S3 bucket with server-side encryption enabled Move all the data to Amazon S3. Delete the RDS instance

B、 Enable RDS Multi-AZ mode with encryption at rest enabled. Perform a failover to the standby instance to delete the original Instance

C、 Take a snapshot of the RDS instance. Create an encrypted copy of the snapshot Restore the RDS instance from the encrypted snapshot

D、 Create an RDS read replica with encryption at rest enabled. Promote the read replica to master and switch the application over to the new master Delete the old RDS instance

查看答案

单选题 A company currently operates a web application backed by an Amazon RDS MySQL database. It has automated backups that are run daily and are not encrypted. A security audit requires future backups to be encrypted and the unencrypted backups to be destroyed. The company will make at least one encrypted backup before destroying the old backups.What should be done to enable encryption for future backups?

A、 Enable default encryption for the Amazon S3 bucket where backups are stored.

B、 Modify the backup section of the database configuration to toggle the Enable encryption check box

C、 Create a snapshot of the database. Copy it to an encrypted snapshot. Restore the database from the encrypted snapshot

D、 Enable an encrypted read replica on RDS for MySQL. Promote the encrypted read replica to primary. Remove the original database instance

查看答案