{"id":116204,"date":"2025-12-13T03:43:51","date_gmt":"2025-12-13T03:43:51","guid":{"rendered":"https:\/\/www.dumpsbase.com\/freedumps\/?p=116204"},"modified":"2025-12-13T03:43:51","modified_gmt":"2025-12-13T03:43:51","slug":"prepare-with-dumpsbase-sap-c02-dumps-v12-02-to-advance-your-career-sap-c02-free-dumps-part-3-q81-q120-are-online-for-reading","status":"publish","type":"post","link":"https:\/\/www.dumpsbase.com\/freedumps\/prepare-with-dumpsbase-sap-c02-dumps-v12-02-to-advance-your-career-sap-c02-free-dumps-part-3-q81-q120-are-online-for-reading.html","title":{"rendered":"Prepare with DumpsBase SAP-C02 Dumps (V12.02) to Advance Your Career: SAP-C02 Free Dumps (Part 3, Q81-Q120) Are Online for Reading"},"content":{"rendered":"<p>It is a great way to pass the AWS Certified Solutions Architect &#8211; Professional (SAP-C02) exam, helping you show your skills and open doors to better career opportunities. DumpsBase provides updated SAP-C02 dumps (V12.02) that help you focus on the most important areas, making preparation more effective and stress-free. With the right exam questions and verified answers in V12.02, you can build strong knowledge, boost confidence, and perform better in the exam. You can read our free dumps first to verify the quality:<\/p>\n<ul>\n<li><a href=\"https:\/\/www.dumpsbase.com\/freedumps\/practice-sap-c02-dumps-v12-02-to-prepare-well-check-our-sap-c02-free-dumps-part-1-q1-q40-online.html\"><em>SAP-C02 free dumps (Part 1, Q1-Q40) of V12.02<\/em><\/a><\/li>\n<li><a href=\"https:\/\/www.dumpsbase.com\/freedumps\/choose-dumpsbase-sap-c02-dumps-v12-02-to-make-preparations-continue-to-check-the-sap-c02-free-dumps-part-2-q41-q80.html\"><em>SAP-C02 free dumps (Part 2, Q41-Q80) of V12.02<\/em><\/a><\/li>\n<\/ul>\n<p>Testing these free demos online will make you trust that preparing with DumpsBase often achieves your AWS Certified Solutions Architect &#8211; Professional certification faster. With the most updated SAP-C02 dumps (V8.02), you could simply enhance your abilities. And today, we will continue to share the SAP-C02 free demo questions. Then you can confirm that the dumps are the proper learning materials. These SAP-C02 dump questions not only build confidence but also increase your chances of scoring higher.<\/p>\n<p><!-- notionvc: 60b3df71-4afc-448a-969d-2803d11e79ba --><\/p>\n<h2><span style=\"background-color: #ccffff;\"><em>Read SAP-C02 free dumps (Part 3, Q81-Q120) of V12.02 below<\/em><\/span> to check more about the materials:<\/h2>\n<script>\n\t  window.fbAsyncInit = function() {\n\t    FB.init({\n\t      appId            : '622169541470367',\n\t      autoLogAppEvents : true,\n\t      xfbml            : true,\n\t      version          : 'v3.1'\n\t    });\n\t  };\n\t\n\t  (function(d, s, id){\n\t     var js, fjs = d.getElementsByTagName(s)[0];\n\t     if (d.getElementById(id)) {return;}\n\t     js = d.createElement(s); js.id = id;\n\t     js.src = \"https:\/\/connect.facebook.net\/en_US\/sdk.js\";\n\t     fjs.parentNode.insertBefore(js, fjs);\n\t   }(document, 'script', 'facebook-jssdk'));\n\t<\/script><script type=\"text\/javascript\" >\ndocument.addEventListener(\"DOMContentLoaded\", function(event) { \nif(!window.jQuery) alert(\"The important jQuery library is not properly loaded in your site. Your WordPress theme is probably missing the essential wp_head() call. You can switch to another theme and you will see that the plugin works fine and this notice disappears. If you are still not sure what to do you can contact us for help.\");\n});\n<\/script>  \n  \n<div  id=\"watupro_quiz\" class=\"quiz-area single-page-quiz\">\n<p id=\"submittingExam11062\" style=\"display:none;text-align:center;\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.dumpsbase.com\/freedumps\/wp-content\/plugins\/watupro\/img\/loading.gif\" width=\"16\" height=\"16\"><\/p>\n\n<div class=\"watupro-exam-description\" id=\"description-quiz-11062\"><\/div>\n\n<form action=\"\" method=\"post\" class=\"quiz-form\" id=\"quiz-11062\"  enctype=\"multipart\/form-data\" >\n<div class='watu-question ' id='question-1' style=';'><div id='questionWrap-1'  class='   watupro-question-id-435487'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>1. <\/span>A company that uses AWS Organizations allows developers to experiment on AWS. As part of the landing zone that the company has deployed, developers use their company email address to request an account. The company wants to ensure that developers are not launching costly services or running services unnecessarily. The company must give developers a fixed monthly budget to limit their AWS costs. <br \/>\r<br>Which combination of steps will meet these requirements? (Choose three.)<\/div><input type='hidden' name='question_id[]' id='qID_1' value='435487' \/><input type='hidden' id='answerType435487' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435487[]' id='answer-id-1685118' class='answer   answerof-435487 ' value='1685118'   \/><label for='answer-id-1685118' id='answer-label-1685118' class=' answer'><span>Create an SCP to set a fixed monthly account usage limit. Apply the SCP to the developer accounts.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435487[]' id='answer-id-1685119' class='answer   answerof-435487 ' value='1685119'   \/><label for='answer-id-1685119' id='answer-label-1685119' class=' answer'><span>Use AWS Budgets to create a fixed monthly budget for each developer's account as part of the account creation process.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435487[]' id='answer-id-1685120' class='answer   answerof-435487 ' value='1685120'   \/><label for='answer-id-1685120' id='answer-label-1685120' class=' answer'><span>Create an SCP to deny access to costly services and components. Apply the SCP to the developer accounts.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435487[]' id='answer-id-1685121' class='answer   answerof-435487 ' value='1685121'   \/><label for='answer-id-1685121' id='answer-label-1685121' class=' answer'><span>Create an IAM policy to deny access to costly services and components. Apply the IAM policy to the developer accounts.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435487[]' id='answer-id-1685122' class='answer   answerof-435487 ' value='1685122'   \/><label for='answer-id-1685122' id='answer-label-1685122' class=' answer'><span>Create an AWS Budgets alert action to terminate services when the budgeted amount is reached. \r\nConfigure the action to terminate all services.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435487[]' id='answer-id-1685123' class='answer   answerof-435487 ' value='1685123'   \/><label for='answer-id-1685123' id='answer-label-1685123' class=' answer'><span>Create an AWS Budgets alert action to send an Amazon Simple Notification Service (Amazon SNS) notification when the budgeted amount is reached. Invoke an AWS Lambda function to terminate all services.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-2' style=';'><div id='questionWrap-2'  class='   watupro-question-id-435488'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>2. <\/span>An AWS customer has a web application that runs on premises. The web application fetches data from a third-party API that is behind a firewall. The third party accepts only one public CIDR block in each client's allow list. <br \/>\r<br>The customer wants to migrate their web application to the AWS Cloud. The application will be hosted on a set of Amazon EC2 instances behind an Application Load Balancer (ALB) in a VPC. The ALB is located in public subnets. The EC2 instances are located in private subnets. NAT gateways provide internet access to the private subnets. <br \/>\r<br>How should a solutions architect ensure that the web application can continue to call the third-parly API after the migration?<\/div><input type='hidden' name='question_id[]' id='qID_2' value='435488' \/><input type='hidden' id='answerType435488' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435488[]' id='answer-id-1685124' class='answer   answerof-435488 ' value='1685124'   \/><label for='answer-id-1685124' id='answer-label-1685124' class=' answer'><span>Associate a block of customer-owned public IP addresses to the VP<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435488[]' id='answer-id-1685125' class='answer   answerof-435488 ' value='1685125'   \/><label for='answer-id-1685125' id='answer-label-1685125' class=' answer'><span>Enable public IP addressing for public subnets in the VP<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435488[]' id='answer-id-1685126' class='answer   answerof-435488 ' value='1685126'   \/><label for='answer-id-1685126' id='answer-label-1685126' class=' answer'><span>Register a block of customer-owned public IP addresses in the AWS account. Create Elastic IP addresses from the address block and assign them lo the NAT gateways in the VP<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435488[]' id='answer-id-1685127' class='answer   answerof-435488 ' value='1685127'   \/><label for='answer-id-1685127' id='answer-label-1685127' class=' answer'><span>Create Elastic IP addresses from the block of customer-owned IP addresses. Assign the static Elastic IP addresses to the AL<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435488[]' id='answer-id-1685128' class='answer   answerof-435488 ' value='1685128'   \/><label for='answer-id-1685128' id='answer-label-1685128' class=' answer'><span>Register a block of customer-owned public IP addresses in the AWS account. Set up AWS Global Accelerator to use Elastic IP addresses from the address block. Set the ALB as the accelerator \r\nendpoint.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-3' style=';'><div id='questionWrap-3'  class='   watupro-question-id-435489'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>3. <\/span>A company is developing a new service that will be accessed using TCP on a static port A solutions architect must ensure that the service is highly available, has redundancy across Availability Zones, and is accessible using the DNS name myservice.com, which is publicly accessible. The service must use fixed address assignments so other companies can add the addresses to their allow lists. <br \/>\r<br>Assuming that resources are deployed in multiple Availability Zones in a single Region, which solution will meet these requirements?<\/div><input type='hidden' name='question_id[]' id='qID_3' value='435489' \/><input type='hidden' id='answerType435489' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435489[]' id='answer-id-1685129' class='answer   answerof-435489 ' value='1685129'   \/><label for='answer-id-1685129' id='answer-label-1685129' class=' answer'><span>Create Amazon EC2 instances with an Elastic IP address for each instance Create a Network Load Balancer (NLB) and expose the static TCP port Register EC2instances with the NLB Create a new name server record set named my service com, and assign the Elastic IP addresses of the EC2 instances to the record set Provide the Elastic IP addresses of the EC2 instances to the other companies to add to their allow lists<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435489[]' id='answer-id-1685130' class='answer   answerof-435489 ' value='1685130'   \/><label for='answer-id-1685130' id='answer-label-1685130' class=' answer'><span>Create an Amazon ECS cluster and a service definition for the application Create and assign public IP addresses for the ECS cluster Create a Network Load Balancer (NLB) and expose the TCP port Create a target group and assign the ECS cluster name to the NLB Create a new A record set named my service com and assign the public IP addresses of the ECS cluster to the record set Provide the public IP addresses of the ECS cluster to the other companies to add to their allow lists<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435489[]' id='answer-id-1685131' class='answer   answerof-435489 ' value='1685131'   \/><label for='answer-id-1685131' id='answer-label-1685131' class=' answer'><span>Create Amazon EC2 instances for the service Create one Elastic IP address for each Availability Zone Create a Network Load Balancer (NLB) and expose the assigned TCP port Assign the Elastic IP addresses to the NLB for each Availability Zone Create a target group and register the EC2 instances with the NLB Create a new A (alias) record set named my service com, and assign the NLB DNS name \r\nto the record set.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435489[]' id='answer-id-1685132' class='answer   answerof-435489 ' value='1685132'   \/><label for='answer-id-1685132' id='answer-label-1685132' class=' answer'><span>Create an Amazon ECS cluster and a service definition for the application Create and assign public IP address for each host in the cluster Create an Application Load Balancer (ALB) and expose the static TCP port Create a target group and assign the ECS service definition name to the ALB Create a new CNAME record set and associate the public IP addresses to the record set Provide the Elastic IP addresses of the Amazon EC2 instances to the other companies to add to their allow lists<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-4' style=';'><div id='questionWrap-4'  class='   watupro-question-id-435490'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>4. <\/span>A company uses AWS Organizations for a multi-account setup in the AWS Cloud. The company uses AWS Control Tower for governance and uses AWS Transit Gateway for VPC connectivity across accounts. <br \/>\r<br>In an AWS application account, the company's application team has deployed a web application that uses AWS Lambda and Amazon RDS. The company's database administrators have a separate DBA account and use the account to centrally manage all the databases across the organization. The database administrators use an Amazon EC2 instance that is deployed in the DBA account to access an RDS database that is deployed in the application account. <br \/>\r<br>The application team has stored the database credentials as secrets in AWS Secrets Manager in the application account. The application team is manually sharing the secrets with the database administrators. The secrets are encrypted by the default AWS managed key for Secrets Manager in the application account. A solutions architect needs to implement a solution that gives the database administrators access to the database and eliminates the need to manually share the secrets. <br \/>\r<br>Which solution will meet these requirements?<\/div><input type='hidden' name='question_id[]' id='qID_4' value='435490' \/><input type='hidden' id='answerType435490' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435490[]' id='answer-id-1685133' class='answer   answerof-435490 ' value='1685133'   \/><label for='answer-id-1685133' id='answer-label-1685133' class=' answer'><span>Use AWS Resource Access Manager (AWS RAM) to share the secrets from the application account with the DBA account. In the DBA account, create an IAM role that is named DBA-Admin. Grant the role the required permissions to access the shared secrets. Attach the DBA-Admin role to the EC2 instance for access to the cross-account secrets.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435490[]' id='answer-id-1685134' class='answer   answerof-435490 ' value='1685134'   \/><label for='answer-id-1685134' id='answer-label-1685134' class=' answer'><span>In the application account, create an IAM role that is named DBA-Secret. Grant the role the required permissions to access the secrets. In the DBA account, create an IAM role that is named DBA-Admin. Grant the DBA-Admin role the required permissions to assume the DBA-Secret role in the application account. Attach the DBA-Admin role to the EC2 instance for access to the cross-account secrets.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435490[]' id='answer-id-1685135' class='answer   answerof-435490 ' value='1685135'   \/><label for='answer-id-1685135' id='answer-label-1685135' class=' answer'><span>In the DBA account, create an IAM role that is named DBA-Admin. Grant the role the required permissions to access the secrets and the default AWS managed key in the application account. In the application account, attach resource-based policies to the key to allow access from the DBA account. Attach the DBA-Admin role to the EC2 instance for access to the cross-account secrets.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435490[]' id='answer-id-1685136' class='answer   answerof-435490 ' value='1685136'   \/><label for='answer-id-1685136' id='answer-label-1685136' class=' answer'><span>In the DBA account, create an IAM role that is named DBA-Admin. Grant the role the required permissions to access the secrets in the application account. Attach an SCP to the application account to allow access to the secrets from the DBA account. Attach the DBA-Admin role to the EC2 instance for access to the cross-account secrets.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-5' style=';'><div id='questionWrap-5'  class='   watupro-question-id-435491'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>5. <\/span>A video streaming company recently launched a mobile app for video sharing. The app uploads various files to an Amazon S3 bucket in the us-east-1 Region. The files range in size from 1 GB to 10 GB. <br \/>\r<br>Users who access the app from Australia have experienced uploads that take long periods of time Sometimes the files fail to completely upload for these users. A solutions architect must improve the app' performance for these uploads <br \/>\r<br>Which solutions will meet these requirements? (Select TWO.)<\/div><input type='hidden' name='question_id[]' id='qID_5' value='435491' \/><input type='hidden' id='answerType435491' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435491[]' id='answer-id-1685137' class='answer   answerof-435491 ' value='1685137'   \/><label for='answer-id-1685137' id='answer-label-1685137' class=' answer'><span>Enable S3 Transfer Acceleration on the S3 bucket Configure the app to use the Transfer Acceleration endpoint for uploads<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435491[]' id='answer-id-1685138' class='answer   answerof-435491 ' value='1685138'   \/><label for='answer-id-1685138' id='answer-label-1685138' class=' answer'><span>Configure an S3 bucket in each Region to receive the uploads. Use S3 Cross-Region Replication to copy the files to the distribution S3 bucket.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435491[]' id='answer-id-1685139' class='answer   answerof-435491 ' value='1685139'   \/><label for='answer-id-1685139' id='answer-label-1685139' class=' answer'><span>Set up Amazon Route 53 with latency-based routing to route the uploads to the nearest S3 bucket Region.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435491[]' id='answer-id-1685140' class='answer   answerof-435491 ' value='1685140'   \/><label for='answer-id-1685140' id='answer-label-1685140' class=' answer'><span>Configure the app to break the video files into chunks Use a multipart upload to transfer files to Amazon S3.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435491[]' id='answer-id-1685141' class='answer   answerof-435491 ' value='1685141'   \/><label for='answer-id-1685141' id='answer-label-1685141' class=' answer'><span>Modify the app to add random prefixes to the files before uploading<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-6' style=';'><div id='questionWrap-6'  class='   watupro-question-id-435492'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>6. <\/span>A company has many AWS accounts and uses AWS Organizations to manage all of them. A solutions architect must implement a solution that the company can use to share a common network across multiple accounts. <br \/>\r<br>The company's infrastructure team has a dedicated infrastructure account that has a VPC. The infrastructure team must use this account to manage the network. Individual accounts cannot have the ability to manage their own networks. However, individual accounts must be able to create AWS resources within subnets. <br \/>\r<br>Which combination of actions should the solutions architect perform to meet these requirements? (Select TWO.)<\/div><input type='hidden' name='question_id[]' id='qID_6' value='435492' \/><input type='hidden' id='answerType435492' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435492[]' id='answer-id-1685142' class='answer   answerof-435492 ' value='1685142'   \/><label for='answer-id-1685142' id='answer-label-1685142' class=' answer'><span>Create a transit gateway in the infrastructure account.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435492[]' id='answer-id-1685143' class='answer   answerof-435492 ' value='1685143'   \/><label for='answer-id-1685143' id='answer-label-1685143' class=' answer'><span>Enable resource sharing from the AWS Organizations management account.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435492[]' id='answer-id-1685144' class='answer   answerof-435492 ' value='1685144'   \/><label for='answer-id-1685144' id='answer-label-1685144' class=' answer'><span>Create VPCs in each AWS account within the organization in AWS Organizations. Configure the VPCs to share the same CIDR range and subnets as the VPC in the infrastructure account. Peer the \r\nVPCs in each individual account with the VPC in the infrastructure account,<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435492[]' id='answer-id-1685145' class='answer   answerof-435492 ' value='1685145'   \/><label for='answer-id-1685145' id='answer-label-1685145' class=' answer'><span>Create a resource share in AWS Resource Access Manager in the infrastructure account. Select the specific AWS Organizations OU that will use the shared network. Select each subnet to associate with the resource share.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435492[]' id='answer-id-1685146' class='answer   answerof-435492 ' value='1685146'   \/><label for='answer-id-1685146' id='answer-label-1685146' class=' answer'><span>Create a resource share in AWS Resource Access Manager in the infrastructure account. Select the specific AWS Organizations OU that will use the shared network. Select each prefix list to associate with the resource share.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-7' style=';'><div id='questionWrap-7'  class='   watupro-question-id-435493'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>7. <\/span>A software company has deployed an application that consumes a REST API by using Amazon API Gateway. AWS Lambda functions, and an Amazon DynamoDB table. The application is showing an increase in the number of errors during PUT requests. Most of the PUT calls come from a small number of clients that are authenticated with specific API keys. <br \/>\r<br>A solutions architect has identified that a large number of the PUT requests originate from one client. The API is noncritical, and clients can tolerate retries of unsuccessful calls. However, the errors are displayed to customers and are causing damage to the API's reputation. <br \/>\r<br>What should the solutions architect recommend to improve the customer experience?<\/div><input type='hidden' name='question_id[]' id='qID_7' value='435493' \/><input type='hidden' id='answerType435493' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435493[]' id='answer-id-1685147' class='answer   answerof-435493 ' value='1685147'   \/><label for='answer-id-1685147' id='answer-label-1685147' class=' answer'><span>Implement retry logic with exponential backoff and irregular variation in the client application. \r\nEnsure that the errors are caught and handled with descriptive error messages.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435493[]' id='answer-id-1685148' class='answer   answerof-435493 ' value='1685148'   \/><label for='answer-id-1685148' id='answer-label-1685148' class=' answer'><span>Implement API throttling through a usage plan at the API Gateway level. Ensure that the client application handles code 429 replies without error.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435493[]' id='answer-id-1685149' class='answer   answerof-435493 ' value='1685149'   \/><label for='answer-id-1685149' id='answer-label-1685149' class=' answer'><span>Turn on API caching to enhance responsiveness for the production stage. Run 10-minute load tests. Verify that the cache capacity is appropriate for the workload.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435493[]' id='answer-id-1685150' class='answer   answerof-435493 ' value='1685150'   \/><label for='answer-id-1685150' id='answer-label-1685150' class=' answer'><span>Implement reserved concurrency at the Lambda function level to provide the resources that are needed during sudden increases in traffic.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-8' style=';'><div id='questionWrap-8'  class='   watupro-question-id-435494'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>8. <\/span>A company is using multiple AWS accounts. The DNS records are stored in a private hosted zone for Amazon Route 53 in Account A. The company's applications and databases are running in Account B. A solutions architect win deploy a two-net application In a new VPC To simplify the configuration, the db.example com CNAME record set tor the Amazon RDS endpoint was created in a private hosted zone for Amazon Route 53.<br \/>\r\n<br \/>\r\nDuring deployment, the application failed to start. Troubleshooting revealed that db.example com is not resolvable on the Amazon EC2 instance. The solutions architect confirmed that the record set was created correctly in Route 53.<br \/>\r\n<br \/>\r\nWhich combination of steps should the solutions architect take to resolve this issue? (Select TWO)<\/div><input type='hidden' name='question_id[]' id='qID_8' value='435494' \/><input type='hidden' id='answerType435494' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435494[]' id='answer-id-1685151' class='answer   answerof-435494 ' value='1685151'   \/><label for='answer-id-1685151' id='answer-label-1685151' class=' answer'><span>Deploy the database on a separate EC2 instance in the new VPC Create a record set for the instance's private IP in the private hosted zone<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435494[]' id='answer-id-1726115' class='answer   answerof-435494 ' value='1726115'   \/><label for='answer-id-1726115' id='answer-label-1726115' class=' answer'><span>Use SSH to connect to the application tier EC2 instance Add an RDS endpoint IP address to the \/eto\/resolv.conf file<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435494[]' id='answer-id-1726116' class='answer   answerof-435494 ' value='1726116'   \/><label for='answer-id-1726116' id='answer-label-1726116' class=' answer'><span>Create an authorization lo associate the private hosted zone in Account A with the new VPC In Account B<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435494[]' id='answer-id-1726117' class='answer   answerof-435494 ' value='1726117'   \/><label for='answer-id-1726117' id='answer-label-1726117' class=' answer'><span>Create a private hosted zone for the example.com domain m Account B Configure Route 53 replication between AWS accounts<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435494[]' id='answer-id-1726118' class='answer   answerof-435494 ' value='1726118'   \/><label for='answer-id-1726118' id='answer-label-1726118' class=' answer'><span>Associate a new VPC in Account B with a hosted zone in Account<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435494[]' id='answer-id-1726119' class='answer   answerof-435494 ' value='1726119'   \/><label for='answer-id-1726119' id='answer-label-1726119' class=' answer'><span>Delete the association authorization In Account A.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-9' style=';'><div id='questionWrap-9'  class='   watupro-question-id-435495'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>9. <\/span>A company uses a service to collect metadata from applications that the company hosts on premises. Consumer devices such as TVs and internet radios access the applications. Many older devices do not support certain HTTP headers and exhibit errors when these headers are present in responses. The company has configured an on-premises load balancer to remove the unsupported headers from responses sent to older devices, which the company identified by the User-Agent headers.<br \/>\r\n<br \/>\r\nThe company wants to migrate the service to AWS, adopt serverless technologies, and retain the ability to support the older devices. The company has already migrated the applications into a set of AWS Lambda functions.<br \/>\r\n<br \/>\r\nWhich solution will meet these requirements?<\/div><input type='hidden' name='question_id[]' id='qID_9' value='435495' \/><input type='hidden' id='answerType435495' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435495[]' id='answer-id-1685152' class='answer   answerof-435495 ' value='1685152'   \/><label for='answer-id-1685152' id='answer-label-1685152' class=' answer'><span>Create an Amazon CloudFront distribution for the metadata service. Create an Application Load Balancer (ALB). Configure the CloudFront distribution to forward requests to the AL<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435495[]' id='answer-id-1685153' class='answer   answerof-435495 ' value='1685153'   \/><label for='answer-id-1685153' id='answer-label-1685153' class=' answer'><span>Configure the ALB to invoke the correct Lambda function for each type of request. Create a CloudFront function to remove the problematic headers based on the value of the User-Agent header.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435495[]' id='answer-id-1685154' class='answer   answerof-435495 ' value='1685154'   \/><label for='answer-id-1685154' id='answer-label-1685154' class=' answer'><span>Create an Amazon API Gateway REST API for the metadata service. Configure API Gateway to invoke the correct Lambda function for each type of request. Modify the default gateway responses to remove the problematic headers based on the value of the User-Agent header.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435495[]' id='answer-id-1685155' class='answer   answerof-435495 ' value='1685155'   \/><label for='answer-id-1685155' id='answer-label-1685155' class=' answer'><span>Create an Amazon API Gateway HTTP API for the metadata service. Configure API Gateway to invoke the correct Lambda function for each type of request. Create a response mapping template to remove the problematic headers based on the value of the User-Agent. Associate the response data mapping with the HTTP AP<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435495[]' id='answer-id-1685156' class='answer   answerof-435495 ' value='1685156'   \/><label for='answer-id-1685156' id='answer-label-1685156' class=' answer'><span>Create an Amazon CloudFront distribution for the metadata service. Create an Application Load Balancer (ALB). Configure the CloudFront distribution to forward requests to the AL<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435495[]' id='answer-id-1685157' class='answer   answerof-435495 ' value='1685157'   \/><label for='answer-id-1685157' id='answer-label-1685157' class=' answer'><span>Configure the ALB to invoke the correct Lambda function for each type of request. Create a Lambda@Edge function that will remove the problematic headers in response to viewer requests based on the value of the User-Agent header.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-10' style=';'><div id='questionWrap-10'  class='   watupro-question-id-435496'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>10. <\/span>A solutions architect needs to implement a client-side encryption mechanism for objects that will be stored in a new Amazon S3 bucket. The solutions architect created a CMK that is stored in AWS Key Management Service (AWS KMS) for this purpose. <br \/>\r<br>The solutions architect created the following IAM policy and attached it to an IAM role: <br \/>\r<br><br><img decoding=\"async\" border=0 width=418 height=351 id=\"\u56fe\u7247 5\" src=\"https:\/\/www.dumpsbase.com\/freedumps\/wp-content\/uploads\/2025\/11\/image003-1.png\"><br><br \/>\r<br>During tests, me solutions architect was able to successfully get existing test objects m the S3 bucket However, attempts to upload a new object resulted in an error message. The error message stated that me action was forbidden. <br \/>\r<br>Which action must me solutions architect add to the IAM policy to meet all the requirements?<\/div><input type='hidden' name='question_id[]' id='qID_10' value='435496' \/><input type='hidden' id='answerType435496' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435496[]' id='answer-id-1685158' class='answer   answerof-435496 ' value='1685158'   \/><label for='answer-id-1685158' id='answer-label-1685158' class=' answer'><span>Kms:GenerateDataKey<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435496[]' id='answer-id-1685159' class='answer   answerof-435496 ' value='1685159'   \/><label for='answer-id-1685159' id='answer-label-1685159' class=' answer'><span>KmsGetKeyPolpcy<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435496[]' id='answer-id-1685160' class='answer   answerof-435496 ' value='1685160'   \/><label for='answer-id-1685160' id='answer-label-1685160' class=' answer'><span>kmsGetPubKKey<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435496[]' id='answer-id-1685161' class='answer   answerof-435496 ' value='1685161'   \/><label for='answer-id-1685161' id='answer-label-1685161' class=' answer'><span>kms:SKjn<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-11' style=';'><div id='questionWrap-11'  class='   watupro-question-id-435497'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>11. <\/span>An AWS partner company is building a service in AWS Organizations using Its organization named org. This service requires the partner company to have access to AWS resources in a customer account, which is in a separate organization named org2. The company must establish least privilege security access using an API or command line tool to the customer account. <br \/>\r<br>What is the MOST secure way to allow org1 to access resources h org2?<\/div><input type='hidden' name='question_id[]' id='qID_11' value='435497' \/><input type='hidden' id='answerType435497' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435497[]' id='answer-id-1685162' class='answer   answerof-435497 ' value='1685162'   \/><label for='answer-id-1685162' id='answer-label-1685162' class=' answer'><span>The customer should provide the partner company with their AWS account access keys to log in and perform the required tasks<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435497[]' id='answer-id-1685163' class='answer   answerof-435497 ' value='1685163'   \/><label for='answer-id-1685163' id='answer-label-1685163' class=' answer'><span>The customer should create an IAM user and assign the required permissions to the IAM user. The customer should then provide the credentials to the partner company to log In and perform the required tasks.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435497[]' id='answer-id-1685164' class='answer   answerof-435497 ' value='1685164'   \/><label for='answer-id-1685164' id='answer-label-1685164' class=' answer'><span>The customer should create an IAM role and assign the required permissions to the IAM role. The \r\npartner company should then use the IAM rote's Amazon Resource Name (ARN) when requesting access to perform the required tasks<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435497[]' id='answer-id-1685165' class='answer   answerof-435497 ' value='1685165'   \/><label for='answer-id-1685165' id='answer-label-1685165' class=' answer'><span>The customer should create an IAM rote and assign the required permissions to the IAM rote. The partner company should then use the IAM rote's Amazon Resource Name (ARN). Including the external ID in the IAM role's trust pokey, when requesting access to perform the required tasks<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-12' style=';'><div id='questionWrap-12'  class='   watupro-question-id-435498'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>12. <\/span>A health insurance company stores personally identifiable information (PII) in an Amazon S3 bucket. The company uses server-side encryption with S3 managed encryption keys (SSE-S3) to encrypt the objects. According to a new requirement, all current and future objects in the S3 bucket must be encrypted by keys that the company\u2019s security team manages. The S3 bucket does not have versioning enabled. <br \/>\r<br>Which solution will meet these requirements?<\/div><input type='hidden' name='question_id[]' id='qID_12' value='435498' \/><input type='hidden' id='answerType435498' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435498[]' id='answer-id-1685166' class='answer   answerof-435498 ' value='1685166'   \/><label for='answer-id-1685166' id='answer-label-1685166' class=' answer'><span>In the S3 bucket properties, change the default encryption to SSE-S3 with a customer managed key. Use the AWS CLI to re-upload all objects in the S3 bucket. Set an S3 bucket policy to deny unencrypted PutObject requests.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435498[]' id='answer-id-1685167' class='answer   answerof-435498 ' value='1685167'   \/><label for='answer-id-1685167' id='answer-label-1685167' class=' answer'><span>In the S3 bucket properties, change the default encryption to server-side encryption with AWS KMS managed encryption keys (SSE-KMS). Set an S3 bucket policy to deny unencrypted PutObject requests. Use the AWS CLI to re-upload all objects in the S3 bucket.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435498[]' id='answer-id-1685168' class='answer   answerof-435498 ' value='1685168'   \/><label for='answer-id-1685168' id='answer-label-1685168' class=' answer'><span>In the S3 bucket properties, change the default encryption to server-side encryption with AWS KMS managed encryption keys (SSE-KMS). Set an S3 bucket policy to automatically encrypt objects on GetObject and PutObject requests.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435498[]' id='answer-id-1685169' class='answer   answerof-435498 ' value='1685169'   \/><label for='answer-id-1685169' id='answer-label-1685169' class=' answer'><span>In the S3 bucket properties, change the default encryption to AES-256 with a customer managed key. Attach a policy to deny unencrypted PutObject requests to any entities that access the S3 bucket. Use the AWS CLI to re-upload all objects in the S3 bucket.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-13' style=';'><div id='questionWrap-13'  class='   watupro-question-id-435499'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>13. <\/span>A company is hosting an image-processing service on AWS in a VPC. The VPC extends across two Availability Zones. Each Availability Zone contains one public subnet and one private subnet. <br \/>\r<br>The service runs on Amazon EC2 instances in the private subnets. An Application Load Balancer in the public subnets is in front of the service. The service needs to communicate with the internet and does so through two NAT gateways. The service uses Amazon S3 for image storage. The EC2 instances retrieve approximately 1&#1472;&cent;&#1472;\u2019 of data from an S3 bucket each day. <br \/>\r<br>The company has promoted the service as highly secure. A solutions architect must reduce cloud <br \/>\r<br>expenditures as much as possible without compromising the service's security posture or increasing the time spent on ongoing operations. <br \/>\r<br>Which solution will meet these requirements?<\/div><input type='hidden' name='question_id[]' id='qID_13' value='435499' \/><input type='hidden' id='answerType435499' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435499[]' id='answer-id-1685170' class='answer   answerof-435499 ' value='1685170'   \/><label for='answer-id-1685170' id='answer-label-1685170' class=' answer'><span>Replace the NAT gateways with NAT instances. In the VPC route table, create a route from the private subnets to the NAT instances.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435499[]' id='answer-id-1685171' class='answer   answerof-435499 ' value='1685171'   \/><label for='answer-id-1685171' id='answer-label-1685171' class=' answer'><span>Move the EC2 instances to the public subnets. Remove the NAT gateways.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435499[]' id='answer-id-1685172' class='answer   answerof-435499 ' value='1685172'   \/><label for='answer-id-1685172' id='answer-label-1685172' class=' answer'><span>Set up an S3 gateway VPC endpoint in the VP<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435499[]' id='answer-id-1685173' class='answer   answerof-435499 ' value='1685173'   \/><label for='answer-id-1685173' id='answer-label-1685173' class=' answer'><span>Attach an endpoint policy to the endpoint to allow the required actions on the S3 bucket.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435499[]' id='answer-id-1685174' class='answer   answerof-435499 ' value='1685174'   \/><label for='answer-id-1685174' id='answer-label-1685174' class=' answer'><span>Attach an Amazon Elastic File System (Amazon EFS) volume to the EC2 instances. Host the image on the EFS volume.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-14' style=';'><div id='questionWrap-14'  class='   watupro-question-id-435500'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>14. <\/span>A company has migrated its forms-processing application to AWS. When users interact with the application, they upload scanned forms as files through a web application. A database stores user metadata and references to files that are stored in Amazon S3. The web application runs on Amazon EC2 instances and an Amazon RDS for PostgreSQL database. <br \/>\r<br>When forms are uploaded, the application sends notifications to a team through Amazon Simple Notification Service (Amazon SNS). A team member then logs in and processes each form. The team member performs data validation on the form and extracts relevant data before entering the information into another system that uses an API. <br \/>\r<br>A solutions architect needs to automate the manual processing of the forms. The solution must provide accurate form extraction, minimize time to market, and minimize long-term operational overhead. <br \/>\r<br>Which solution will meet these requirements?<\/div><input type='hidden' name='question_id[]' id='qID_14' value='435500' \/><input type='hidden' id='answerType435500' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435500[]' id='answer-id-1685175' class='answer   answerof-435500 ' value='1685175'   \/><label for='answer-id-1685175' id='answer-label-1685175' class=' answer'><span>Develop custom libraries to perform optical character recognition (OCR) on the forms. Deploy the libraries to an Amazon Elastic Kubernetes Service (Amazon EKS) cluster as an application tier. Use this tier to process the forms when forms are uploaded. Store the output in Amazon S3. Parse this output by extracting the data into an Amazon DynamoDB table. Submit the data to the target system's AP<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435500[]' id='answer-id-1685176' class='answer   answerof-435500 ' value='1685176'   \/><label for='answer-id-1685176' id='answer-label-1685176' class=' answer'><span>Host the new application tier on EC2 instances.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435500[]' id='answer-id-1685177' class='answer   answerof-435500 ' value='1685177'   \/><label for='answer-id-1685177' id='answer-label-1685177' class=' answer'><span>Extend the system with an application tier that uses AWS Step Functions and AWS Lambda. Configure this tier to use artificial intelligence and machine learning (AI\/ML) models that are trained and hosted on an EC2 instance to perform optical character recognition (OCR) on the forms when forms are uploaded. Store the output in Amazon S3. Parse this output by extracting the data that is required within the application tier. Submit the data to the target system's AP<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435500[]' id='answer-id-1685178' class='answer   answerof-435500 ' value='1685178'   \/><label for='answer-id-1685178' id='answer-label-1685178' class=' answer'><span>Host a new application tier on EC2 instances. Use this tier to call endpoints that host artificial intelligence and machine learning (Al\/ML) models that are trained and hosted in Amazon SageMaker to perform optical character recognition (OCR) on the forms. Store the output in Amazon ElastiCache. Parse this output by extracting the data that is required within the application tier. Submit the data to the target system's AP<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435500[]' id='answer-id-1685179' class='answer   answerof-435500 ' value='1685179'   \/><label for='answer-id-1685179' id='answer-label-1685179' class=' answer'><span>Extend the system with an application tier that uses AWS Step Functions and AWS Lambda. Configure this tier to use Amazon Textract and Amazon Comprehend to perform optical character recognition (OCR) on the forms when forms are uploaded. Store the output in Amazon S3. Parse this output by extracting the data that is required within the application tier. Submit the data to the target system's AP<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-15' style=';'><div id='questionWrap-15'  class='   watupro-question-id-435501'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>15. <\/span>A company wants to use a third-party software-as-a-service (SaaS) application. The third-party SaaS application is consumed through several API calls. The third-party SaaS application also runs on AWS inside a VPC. <br \/>\r<br>The company will consume the third-party SaaS application from inside a VPC. The company has internal security policies that mandate the use of private connectivity that does not traverse the internet. No resources that run in the company VPC are allowed to be accessed from outside the company\u2019s VPC. All permissions must conform to the principles of least privilege. <br \/>\r<br>Which solution meets these requirements?<\/div><input type='hidden' name='question_id[]' id='qID_15' value='435501' \/><input type='hidden' id='answerType435501' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435501[]' id='answer-id-1685180' class='answer   answerof-435501 ' value='1685180'   \/><label for='answer-id-1685180' id='answer-label-1685180' class=' answer'><span>Create an AWS PrivateLink interface VPC endpoint. Connect this endpoint to the endpoint service that the third-party SaaS application provides. Create a security group to limit the access to the endpoint. Associate the security group with the endpoint.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435501[]' id='answer-id-1685181' class='answer   answerof-435501 ' value='1685181'   \/><label for='answer-id-1685181' id='answer-label-1685181' class=' answer'><span>Create an AWS Site-to-Site VPN connection between the third-party SaaS application and thecompany VP<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435501[]' id='answer-id-1685182' class='answer   answerof-435501 ' value='1685182'   \/><label for='answer-id-1685182' id='answer-label-1685182' class=' answer'><span>Configure network ACLs to limit access across the VPN tunnels.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435501[]' id='answer-id-1685183' class='answer   answerof-435501 ' value='1685183'   \/><label for='answer-id-1685183' id='answer-label-1685183' class=' answer'><span>Create a VPC peering connection between the third-party SaaS application and the company VPUpdate route tables by adding the needed routes for the peering connection.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435501[]' id='answer-id-1685184' class='answer   answerof-435501 ' value='1685184'   \/><label for='answer-id-1685184' id='answer-label-1685184' class=' answer'><span>Create an AWS PrivateLink endpoint service. Ask the third-party SaaS provider to create an interface VPC endpoint for this endpoint service. Grant permissions for the endpoint service to the specific account of the third-party SaaS provider.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-16' style=';'><div id='questionWrap-16'  class='   watupro-question-id-435502'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>16. <\/span>A company is storing data in several Amazon DynamoDB tables. A solutions architect must use a serverless architecture to make the data accessible publicly through a simple API over HTTPS. The solution must scale automatically in response to demand. <br \/>\r<br>Which solutions meet these requirements? (Choose two.)<\/div><input type='hidden' name='question_id[]' id='qID_16' value='435502' \/><input type='hidden' id='answerType435502' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435502[]' id='answer-id-1685185' class='answer   answerof-435502 ' value='1685185'   \/><label for='answer-id-1685185' id='answer-label-1685185' class=' answer'><span>Create an Amazon API Gateway REST AP<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435502[]' id='answer-id-1685186' class='answer   answerof-435502 ' value='1685186'   \/><label for='answer-id-1685186' id='answer-label-1685186' class=' answer'><span>Configure this API with direct integrations to DynamoDB by using API Gateway\u2019s AWS integration type.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435502[]' id='answer-id-1685187' class='answer   answerof-435502 ' value='1685187'   \/><label for='answer-id-1685187' id='answer-label-1685187' class=' answer'><span>Create an Amazon API Gateway HTTP AP<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435502[]' id='answer-id-1685188' class='answer   answerof-435502 ' value='1685188'   \/><label for='answer-id-1685188' id='answer-label-1685188' class=' answer'><span>Configure this API with direct integrations to Dynamo DB by using API Gateway\u2019s AWS integration type.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435502[]' id='answer-id-1685189' class='answer   answerof-435502 ' value='1685189'   \/><label for='answer-id-1685189' id='answer-label-1685189' class=' answer'><span>Create an Amazon API Gateway HTTP AP<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435502[]' id='answer-id-1685190' class='answer   answerof-435502 ' value='1685190'   \/><label for='answer-id-1685190' id='answer-label-1685190' class=' answer'><span>Configure this API with integrations to AWS Lambda functions that return data from the DynamoDB tables.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435502[]' id='answer-id-1685191' class='answer   answerof-435502 ' value='1685191'   \/><label for='answer-id-1685191' id='answer-label-1685191' class=' answer'><span>Create an accelerator in AWS Global Accelerator. Configure this accelerator with AWS Lambda@Edge function integrations that return data from the DynamoDB tables.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435502[]' id='answer-id-1685192' class='answer   answerof-435502 ' value='1685192'   \/><label for='answer-id-1685192' id='answer-label-1685192' class=' answer'><span>Create a Network Load Balancer. Configure listener rules to forward requests to the appropriate AWS Lambda functions<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-17' style=';'><div id='questionWrap-17'  class='   watupro-question-id-435503'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>17. <\/span>A company is migrating some of its applications to AWS. The company wants to migrate and modernize the applications quickly after it finalizes networking and security strategies. The company has set up an AWS Direct Connection connection in a central network account. <br \/>\r<br>The company expects to have hundreds of AWS accounts and VPCs in the near future. The corporate network must be able to access the resources on AWS seamlessly and also must be able to communicate with all the VPCs. The company also wants to route its cloud resources to the internet through its on-premises data center. <br \/>\r<br>Which combination of steps will meet these requirements? (Choose three.)<\/div><input type='hidden' name='question_id[]' id='qID_17' value='435503' \/><input type='hidden' id='answerType435503' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435503[]' id='answer-id-1685193' class='answer   answerof-435503 ' value='1685193'   \/><label for='answer-id-1685193' id='answer-label-1685193' class=' answer'><span>Create a Direct Connect gateway in the central account. In each of the accounts, create an association proposal by using the Direct Connect gateway and the account ID for every virtual private gateway.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435503[]' id='answer-id-1685194' class='answer   answerof-435503 ' value='1685194'   \/><label for='answer-id-1685194' id='answer-label-1685194' class=' answer'><span>Create a Direct Connect gateway and a transit gateway in the central network account. Attach the transit gateway to the Direct Connect gateway by using a transit VI<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435503[]' id='answer-id-1685195' class='answer   answerof-435503 ' value='1685195'   \/><label for='answer-id-1685195' id='answer-label-1685195' class=' answer'><span>Provision an internet gateway. Attach the internet gateway to subnets. Allow internet traffic through the gateway.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435503[]' id='answer-id-1685196' class='answer   answerof-435503 ' value='1685196'   \/><label for='answer-id-1685196' id='answer-label-1685196' class=' answer'><span>Share the transit gateway with other accounts. Attach VPCs to the transit gateway.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435503[]' id='answer-id-1685197' class='answer   answerof-435503 ' value='1685197'   \/><label for='answer-id-1685197' id='answer-label-1685197' class=' answer'><span>Provision VPC peering as necessary.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435503[]' id='answer-id-1685198' class='answer   answerof-435503 ' value='1685198'   \/><label for='answer-id-1685198' id='answer-label-1685198' class=' answer'><span>Provision only private subnets. Open the necessary route on the transit gateway and customer gateway to allow outbound internet traffic from AWS to flow through NAT services that run in the data center.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-18' style=';'><div id='questionWrap-18'  class='   watupro-question-id-435504'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>18. <\/span>A company is running an application on several Amazon EC2 instances in an Auto Scaling group behind an Application Load Balancer. The load on the application varies throughout the day, and EC2 instances are scaled in and out on a regular basis. Log files from the EC2 instances are copied to a central Amazon S3 bucket every 15 minutes. The security team discovers that log files are missing from some of the terminated EC2 instances. <br \/>\r<br>Which set of actions will ensure that log files are copied to the central S3 bucket from the terminated EC2 instances?<\/div><input type='hidden' name='question_id[]' id='qID_18' value='435504' \/><input type='hidden' id='answerType435504' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435504[]' id='answer-id-1685199' class='answer   answerof-435504 ' value='1685199'   \/><label for='answer-id-1685199' id='answer-label-1685199' class=' answer'><span>Create a script to copy log files to Amazon S3, and store the script in a file on the EC2 instance. Create an Auto Scaling lifecycle hook and an Amazon EventBridge (Amazon CloudWatch Events) rule to detect lifecycle events from the Auto Scaling group. Invoke an AWS Lambda function on the autoscaling:EC2_INSTANCE_TERMINATING transition to send ABANDON to the Auto Scaling group to prevent termination, run the script to copy the log files, and terminate the instance using the AWS SD<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435504[]' id='answer-id-1685200' class='answer   answerof-435504 ' value='1685200'   \/><label for='answer-id-1685200' id='answer-label-1685200' class=' answer'><span>Create an AWS Systems Manager document with a script to copy log files to Amazon S3. Create an Auto Scaling lifecycle hook and an Amazon EventBridge (Amazon CloudWatch Events) rule to detect lifecycle events from the Auto Scaling group. Invoke an AWS Lambda function on the autoscaling:EC2_INSTANCE_TERMINATING transition to call the AWS Systems Manager API SendCommand operation to run the document to copy the log files and send CONTINUE to the Auto Scaling group to terminate the instance.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435504[]' id='answer-id-1685201' class='answer   answerof-435504 ' value='1685201'   \/><label for='answer-id-1685201' id='answer-label-1685201' class=' answer'><span>Change the log delivery rate to every 5 minutes. Create a script to copy log files to Amazon S3, and add the script to EC2 instance user data. Create an Amazon EventBridge (Amazon CloudWatch Events) rule to detect EC2 instance termination. Invoke an AWS Lambda function from the EventBridge (CloudWatch Events) rule that uses the AWS CLI to run the user-data script to copy the log files and terminate the instance.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435504[]' id='answer-id-1685202' class='answer   answerof-435504 ' value='1685202'   \/><label for='answer-id-1685202' id='answer-label-1685202' class=' answer'><span>Create an AWS Systems Manager document with a script to copy log files to Amazon S3. Create an Auto Scaling lifecycle hook that publishes a message to an Amazon Simple Notification Service (Amazon SNS) topic. From the SNS notification, call the AWS Systems Manager API SendCommand operation to run the document to copy the log files and send ABANDON to the Auto Scaling group to terminate the instance.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-19' style=';'><div id='questionWrap-19'  class='   watupro-question-id-435505'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>19. <\/span>A company is hosting a critical application on a single Amazon EC2 instance. The application uses an Amazon ElastiCache for Redis single-node cluster for an in-memory data store. The application uses an Amazon RDS for MariaDB DB instance for a relational database. For the application to function, each piece of the infrastructure must be healthy and must be in an active state. <br \/>\r<br>A solutions architect needs to improve the application's architecture so that the infrastructure can automatically recover from failure with the least possible downtime. <br \/>\r<br>Which combination of steps will meet these requirements? (Select THREE.)<\/div><input type='hidden' name='question_id[]' id='qID_19' value='435505' \/><input type='hidden' id='answerType435505' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435505[]' id='answer-id-1685203' class='answer   answerof-435505 ' value='1685203'   \/><label for='answer-id-1685203' id='answer-label-1685203' class=' answer'><span>Use an Elastic Load Balancer to distribute traffic across multiple EC2 instances. Ensure that the EC2 instances are part of an Auto Scaling group that has a minimum capacity of two instances.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435505[]' id='answer-id-1685204' class='answer   answerof-435505 ' value='1685204'   \/><label for='answer-id-1685204' id='answer-label-1685204' class=' answer'><span>Use an Elastic Load Balancer to distribute traffic across multiple EC2 instances Ensure that the EC2 \r\ninstances are configured in unlimited mode.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435505[]' id='answer-id-1685205' class='answer   answerof-435505 ' value='1685205'   \/><label for='answer-id-1685205' id='answer-label-1685205' class=' answer'><span>Modify the DB instance to create a read replica in the same Availability Zone. Promote the read replica to be the primary DB instance in failure scenarios.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435505[]' id='answer-id-1685206' class='answer   answerof-435505 ' value='1685206'   \/><label for='answer-id-1685206' id='answer-label-1685206' class=' answer'><span>Modify the DB instance to create a Multi-AZ deployment that extends across two Availability Zones.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435505[]' id='answer-id-1685207' class='answer   answerof-435505 ' value='1685207'   \/><label for='answer-id-1685207' id='answer-label-1685207' class=' answer'><span>Create a replication group for the ElastiCache for Redis cluster. Configure the cluster to use an Auto Scaling group that has a minimum capacity of two instances.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435505[]' id='answer-id-1685208' class='answer   answerof-435505 ' value='1685208'   \/><label for='answer-id-1685208' id='answer-label-1685208' class=' answer'><span>Create a replication group for the ElastiCache for Redis cluster. Enable Multi-AZ on the cluster.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-20' style=';'><div id='questionWrap-20'  class='   watupro-question-id-435506'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>20. <\/span>A company has created an OU in AWS Organizations for each of its engineering teams Each OU owns multiple AWS accounts. The organization has hundreds of AWS accounts A solutions architect must design a solution so that each OU can view a breakdown of usage costs across its AWS accounts. <br \/>\r<br>Which solution meets these requirements?<\/div><input type='hidden' name='question_id[]' id='qID_20' value='435506' \/><input type='hidden' id='answerType435506' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435506[]' id='answer-id-1685209' class='answer   answerof-435506 ' value='1685209'   \/><label for='answer-id-1685209' id='answer-label-1685209' class=' answer'><span>Create an AWS Cost and Usage Report (CUR) for each OU by using AWS Resource Access Manager Allow each team to visualize the CUR through an Amazon QuickSight dashboard.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435506[]' id='answer-id-1685210' class='answer   answerof-435506 ' value='1685210'   \/><label for='answer-id-1685210' id='answer-label-1685210' class=' answer'><span>Create an AWS Cost and Usage Report (CUR) from the AWS Organizations management account-Allow each team to visualize the CUR through an Amazon QuickSight dashboard<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435506[]' id='answer-id-1685211' class='answer   answerof-435506 ' value='1685211'   \/><label for='answer-id-1685211' id='answer-label-1685211' class=' answer'><span>Create an AWS Cost and Usage Report (CUR) in each AWS Organizations member account Allow each team to visualize the CUR through an Amazon QuickSight dashboard.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435506[]' id='answer-id-1685212' class='answer   answerof-435506 ' value='1685212'   \/><label for='answer-id-1685212' id='answer-label-1685212' class=' answer'><span>Create an AWS Cost and Usage Report (CUR) by using AWS Systems Manager Allow each team to visualize the CUR through Systems Manager OpsCenter dashboards<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-21' style=';'><div id='questionWrap-21'  class='   watupro-question-id-435507'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>21. <\/span>A company plans to refactor a monolithic application into a modern application designed deployed or AWS. The CLCD pipeline needs to be upgraded to support the modem design for the application with the following requirements <br \/>\r<br>&#8226; It should allow changes to be released several times every hour. <br \/>\r<br>* It should be able to roll back the changes as quickly as possible. <br \/>\r<br>Which design will meet these requirements?<\/div><input type='hidden' name='question_id[]' id='qID_21' value='435507' \/><input type='hidden' id='answerType435507' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435507[]' id='answer-id-1685213' class='answer   answerof-435507 ' value='1685213'   \/><label for='answer-id-1685213' id='answer-label-1685213' class=' answer'><span>Deploy a Cl-CD pipeline that incorporates AMIs to contain the application and their configurations Deploy the application by replacing Amazon EC2 instances<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435507[]' id='answer-id-1685214' class='answer   answerof-435507 ' value='1685214'   \/><label for='answer-id-1685214' id='answer-label-1685214' class=' answer'><span>Specify AWS Elastic Beanstak to sage in a secondary environment as the deployment target for the CI\/CD pipeline of the application. To deploy swap the staging and production environment URLs.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435507[]' id='answer-id-1685215' class='answer   answerof-435507 ' value='1685215'   \/><label for='answer-id-1685215' id='answer-label-1685215' class=' answer'><span>Use AWS Systems Manager to re-provision the infrastructure for each deployment Update the Amazon EC2 user data to pull the latest code art-fact from Amazon S3 and use Amazon Route 53 weighted routing to point to the new environment<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435507[]' id='answer-id-1685216' class='answer   answerof-435507 ' value='1685216'   \/><label for='answer-id-1685216' id='answer-label-1685216' class=' answer'><span>Roll out the application updates as pan of an Auto Scaling event using prebuilt AMIs. Use new versions of the AMIs to add instances, and phase out all instances that use the previous AMI version with the configured termination policy during a deployment event.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-22' style=';'><div id='questionWrap-22'  class='   watupro-question-id-435508'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>22. <\/span>A company built an application based on AWS Lambda deployed in an AWS CloudFormation stack. The last production release of the web application introduced an issue that resulted in an outage lasting several minutes. A solutions architect must adjust the deployment process to support a canary release. <br \/>\r<br>Which solution will meet these requirements?<\/div><input type='hidden' name='question_id[]' id='qID_22' value='435508' \/><input type='hidden' id='answerType435508' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435508[]' id='answer-id-1685217' class='answer   answerof-435508 ' value='1685217'   \/><label for='answer-id-1685217' id='answer-label-1685217' class=' answer'><span>Create an alias for every new deployed version of the Lambda function. Use the AWS CLIupdate-alias command with the routing-config parameter to distribute the load.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435508[]' id='answer-id-1685218' class='answer   answerof-435508 ' value='1685218'   \/><label for='answer-id-1685218' id='answer-label-1685218' class=' answer'><span>Deploy the application into a new CloudFormation stack. Use an Amazon Route 53 weighted routing policy to distribute the load.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435508[]' id='answer-id-1685219' class='answer   answerof-435508 ' value='1685219'   \/><label for='answer-id-1685219' id='answer-label-1685219' class=' answer'><span>Create a version for every new deployed Lambda function. Use the AWS CLI update-function-configuration command with the routing-config parameter to distribute the load.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435508[]' id='answer-id-1685220' class='answer   answerof-435508 ' value='1685220'   \/><label for='answer-id-1685220' id='answer-label-1685220' class=' answer'><span>Configure AWS CodeDeploy and use CodeDeployDefault.OneAtATime in the Deployment configuration to distribute the load.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-23' style=';'><div id='questionWrap-23'  class='   watupro-question-id-435509'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>23. <\/span>A company is refactoring its on-premises order-processing platform in the AWS Cloud. The platform includes a web front end that is hosted on a fleet of VMs RabbitMQ to connect the front end to the backend, and a Kubernetes cluster to run a containerized backend system to process the orders. The company does not want to make any major changes to the application <br \/>\r<br>Which solution will meet these requirements with the LEAST operational overhead?<\/div><input type='hidden' name='question_id[]' id='qID_23' value='435509' \/><input type='hidden' id='answerType435509' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435509[]' id='answer-id-1685221' class='answer   answerof-435509 ' value='1685221'   \/><label for='answer-id-1685221' id='answer-label-1685221' class=' answer'><span>Create an AMI of the web server VM Create an Amazon EC2 Auto Scaling group that uses the AMI and an Application Load Balancer Set up Amazon MQ to replace the on-premises messaging queue Configure Amazon Elastic Kubernetes Service (Amazon EKS) to host the order-processing backend<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435509[]' id='answer-id-1685222' class='answer   answerof-435509 ' value='1685222'   \/><label for='answer-id-1685222' id='answer-label-1685222' class=' answer'><span>Create a custom AWS Lambda runtime to mimic the web server environment Create an Amazon API Gateway API to replace the front-end web servers Set up Amazon MQ to replace the on-premises messaging queue Configure Amazon Elastic Kubernetes Service (Amazon EKS) to host the order-processing backend<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435509[]' id='answer-id-1685223' class='answer   answerof-435509 ' value='1685223'   \/><label for='answer-id-1685223' id='answer-label-1685223' class=' answer'><span>Create an AMI of the web server VM Create an Amazon EC2 Auto Scaling group that uses the AMI and an Application Load Balancer Set up Amazon MQ to replace the on-premises messaging queue Install Kubernetes on a fleet of different EC2 instances to host the order-processing backend<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435509[]' id='answer-id-1685224' class='answer   answerof-435509 ' value='1685224'   \/><label for='answer-id-1685224' id='answer-label-1685224' class=' answer'><span>Create an AMI of the web server VM Create an Amazon EC2 Auto Scaling group that uses the AMI and an Application Load Balancer Set up an Amazon Simple Queue Service (Amazon SQS) queue to replace the on-premises messaging queue Configure Amazon Elastic Kubernetes Service (Amazon EKS) to host the order-processing backend<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-24' style=';'><div id='questionWrap-24'  class='   watupro-question-id-435510'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>24. <\/span>A company has an asynchronous HTTP application that is hosted as an AWS Lambda function. A public Amazon API Gateway endpoint invokes the Lambda function. The Lambda function and the API Gateway endpoint reside in the us-east-1 Region. A solutions architect needs to redesign the application to support failover to another AWS Region. <br \/>\r<br>Which solution will meet these requirements?<\/div><input type='hidden' name='question_id[]' id='qID_24' value='435510' \/><input type='hidden' id='answerType435510' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435510[]' id='answer-id-1685225' class='answer   answerof-435510 ' value='1685225'   \/><label for='answer-id-1685225' id='answer-label-1685225' class=' answer'><span>Create an API Gateway endpoint in the us-west-2 Region to direct traffic to the Lambda function in us-east-1. Configure Amazon Route 53 to use a failover routing policy to route traffic for the two API Gateway endpoints.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435510[]' id='answer-id-1685226' class='answer   answerof-435510 ' value='1685226'   \/><label for='answer-id-1685226' id='answer-label-1685226' class=' answer'><span>Create an Amazon Simple Queue Service (Amazon SQS) queue. Configure API Gateway to direct traffic to the SQS queue instead of to the Lambda function. Configure the Lambda function to pull messages from the queue for processing.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435510[]' id='answer-id-1685227' class='answer   answerof-435510 ' value='1685227'   \/><label for='answer-id-1685227' id='answer-label-1685227' class=' answer'><span>Deploy the Lambda function to the us-west-2 Region. Create an API Gateway endpoint in us-west-2 to direct traffic to the Lambda function in us-west-2. Configure AWS Global Accelerator and an Application Load Balancer to manage traffic across the two API Gateway endpoints.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435510[]' id='answer-id-1685228' class='answer   answerof-435510 ' value='1685228'   \/><label for='answer-id-1685228' id='answer-label-1685228' class=' answer'><span>Deploy the Lambda function and an API Gateway endpoint to the us-west-2 Region. Configure Amazon Route 53 to use a failover routing policy to route traffic for the two API Gateway endpoints.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-25' style=';'><div id='questionWrap-25'  class='   watupro-question-id-435511'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>25. <\/span>A solutions architect is auditing the security setup of an AWS Lambda function for a company. The Lambda function retrieves the latest changes from an Amazon Aurora database. The Lambda function and the database run in the same VPC. Lambda environment variables are providing the database credentials to the Lambda function. <br \/>\r<br>The Lambda function aggregates data and makes the data available in an Amazon S3 bucket that is configured for server-side encryption with AWS KMS managed encryption keys (SSE-KMS). The data must not travel across the internet. If any database credentials become compromised, the company needs a solution that minimizes the impact of the compromise. <br \/>\r<br>What should the solutions architect recommend to meet these requirements?<\/div><input type='hidden' name='question_id[]' id='qID_25' value='435511' \/><input type='hidden' id='answerType435511' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435511[]' id='answer-id-1685229' class='answer   answerof-435511 ' value='1685229'   \/><label for='answer-id-1685229' id='answer-label-1685229' class=' answer'><span>Enable IAM database authentication on the Aurora DB cluster. Change the IAM role for the Lambda function to allow the function to access the database by using IAM database authentication. Deploy a gateway VPC endpoint for Amazon S3 in the VP<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435511[]' id='answer-id-1685230' class='answer   answerof-435511 ' value='1685230'   \/><label for='answer-id-1685230' id='answer-label-1685230' class=' answer'><span>Enable IAM database authentication on the Aurora DB cluster. Change the IAM role for the Lambda function to allow the function to access the database by using IAM database authentication. Enforce HTTPS on the connection to Amazon S3 during data transfers.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435511[]' id='answer-id-1685231' class='answer   answerof-435511 ' value='1685231'   \/><label for='answer-id-1685231' id='answer-label-1685231' class=' answer'><span>Save the database credentials in AWS Systems Manager Parameter Store. Set up password rotation on the credentials in Parameter Store. Change the IAM role for the Lambda function to allow the function to access Parameter Store. Modify the Lambda function to retrieve the credentials from Parameter Store. Deploy a gateway VPC endpoint for Amazon S3 in the VP<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435511[]' id='answer-id-1685232' class='answer   answerof-435511 ' value='1685232'   \/><label for='answer-id-1685232' id='answer-label-1685232' class=' answer'><span>Save the database credentials in AWS Secrets Manager. Set up password rotation on the credentials in Secrets Manager. Change the IAM role for the Lambda function to allow the function to access Secrets Manager. Modify the Lambda function to retrieve the credentials Om Secrets Manager. Enforce HTTPS on the connection to Amazon S3 during data transfers.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-26' style=';'><div id='questionWrap-26'  class='   watupro-question-id-435512'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>26. <\/span>A company is building a solution in the AWS Cloud. Thousands or devices will connect to the solution and send data. Each device needs to be able to send and receive data in real time over the MQTT protocol. Each device must authenticate by using a unique X.509 certificate. <br \/>\r<br>Which solution will meet these requirements with the LEAST operational overhead?<\/div><input type='hidden' name='question_id[]' id='qID_26' value='435512' \/><input type='hidden' id='answerType435512' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435512[]' id='answer-id-1685233' class='answer   answerof-435512 ' value='1685233'   \/><label for='answer-id-1685233' id='answer-label-1685233' class=' answer'><span>Set up AWS loT Core. For each device, create a corresponding Amazon MQ queue and provision a certificate. Connect each device to Amazon M<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435512[]' id='answer-id-1685234' class='answer   answerof-435512 ' value='1685234'   \/><label for='answer-id-1685234' id='answer-label-1685234' class=' answer'><span>Create a Network Load Balancer (NLB) and configure it with an AWS Lambda authorizer. Run an MQTT broker on Amazon EC2 instances in an Auto Scaling group. Set the Auto Scaling group as the target for the NL<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435512[]' id='answer-id-1685235' class='answer   answerof-435512 ' value='1685235'   \/><label for='answer-id-1685235' id='answer-label-1685235' class=' answer'><span>Connect each device to the NL<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435512[]' id='answer-id-1685236' class='answer   answerof-435512 ' value='1685236'   \/><label for='answer-id-1685236' id='answer-label-1685236' class=' answer'><span>Set up AWS loT Core. For each device, create a corresponding AWS loT thing and provision a certificate. Connect each device to AWS loT Core.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435512[]' id='answer-id-1685237' class='answer   answerof-435512 ' value='1685237'   \/><label for='answer-id-1685237' id='answer-label-1685237' class=' answer'><span>Set up an Amazon API Gateway HTTP API and a Network Load Balancer (NLB). Create integration between API Gateway and the NL<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435512[]' id='answer-id-1685238' class='answer   answerof-435512 ' value='1685238'   \/><label for='answer-id-1685238' id='answer-label-1685238' class=' answer'><span>Configure a mutual TLS certificate authorizer on the HTTP AP<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435512[]' id='answer-id-1685239' class='answer   answerof-435512 ' value='1685239'   \/><label for='answer-id-1685239' id='answer-label-1685239' class=' answer'><span>Run an MQTT broker on an Amazon EC2 instance that the NLB targets. Connect each device to the NL<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-27' style=';'><div id='questionWrap-27'  class='   watupro-question-id-435513'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>27. <\/span>A solutions architect is designing the data storage and retrieval architecture for a new application that a company will be launching soon. The application is designed to ingest millions of small records per minute from devices all around the world. Each record is less than 4 KB in size and needs to be stored in a durable location where it can be retrieved with low latency. The data is ephemeral and the company is required to store the data for 120 days only, after which the data can be deleted. The solutions architect calculates that, during the course of a year, the storage requirements would be about 10-15 TB. <br \/>\r<br>Which storage strategy is the MOST cost-effective and meets the design requirements?<\/div><input type='hidden' name='question_id[]' id='qID_27' value='435513' \/><input type='hidden' id='answerType435513' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435513[]' id='answer-id-1685240' class='answer   answerof-435513 ' value='1685240'   \/><label for='answer-id-1685240' id='answer-label-1685240' class=' answer'><span>Design the application to store each incoming record as a single .csv file in an Amazon S3 bucket to allow for indexed retrieval. Configure a lifecycle policy to delete data older than 120 days.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435513[]' id='answer-id-1685241' class='answer   answerof-435513 ' value='1685241'   \/><label for='answer-id-1685241' id='answer-label-1685241' class=' answer'><span>Design the application to store each incoming record in an Amazon DynamoDB table properly configured for the scale. Configure the DynamoOB Time to Live (TTL) feature to delete records older than 120 days.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435513[]' id='answer-id-1685242' class='answer   answerof-435513 ' value='1685242'   \/><label for='answer-id-1685242' id='answer-label-1685242' class=' answer'><span>Design the application to store each incoming record in a single table in an Amazon RDS MySQL database. Run a nightly cron job that executes a query to delete any records older than 120 days.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435513[]' id='answer-id-1685243' class='answer   answerof-435513 ' value='1685243'   \/><label for='answer-id-1685243' id='answer-label-1685243' class=' answer'><span>Design the application to batch incoming records before writing them to an Amazon S3 bucket. \r\nUpdate the metadata for the object to contain the list of records in the batch and use the Amazon S3 metadata search feature to retrieve the data. Configure a lifecycle policy to delete the data after 120 days.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-28' style=';'><div id='questionWrap-28'  class='   watupro-question-id-435514'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>28. <\/span>A company has a serverless application comprised of Amazon CloudFront, Amazon API Gateway, and AWS Lambda functions. The current deployment process of the application code is to create a new version number of the Lambda function and run an AWS CLI script to update. If the new function version has errors, another CLI script reverts by deploying the previous working version of the function. The company would like to decrease the time to deploy new versions of the application logic provided by the Lambda functions, and also reduce the time to detect and revert when errors are identified. <br \/>\r<br>How can this be accomplished?<\/div><input type='hidden' name='question_id[]' id='qID_28' value='435514' \/><input type='hidden' id='answerType435514' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435514[]' id='answer-id-1685244' class='answer   answerof-435514 ' value='1685244'   \/><label for='answer-id-1685244' id='answer-label-1685244' class=' answer'><span>Create and deploy nested AWS CloudFormation stacks with the parent stack consisting of the AWS CloudFront distribution and API Gateway, and the child stack containing the Lambda function. For changes to Lambda, create an AWS CloudFormation change set and deploy; if errors are triggered, revert the AWS CloudFormation change set to the previous version.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435514[]' id='answer-id-1685245' class='answer   answerof-435514 ' value='1685245'   \/><label for='answer-id-1685245' id='answer-label-1685245' class=' answer'><span>Use AWS SAM and built-in AWS CodeDeploy to deploy the new Lambda version, gradually shift traffic to the new version, and use pre-traffic and post-traffic test functions to verify code. Rollback if Amazon CloudWatch alarms are triggered.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435514[]' id='answer-id-1685246' class='answer   answerof-435514 ' value='1685246'   \/><label for='answer-id-1685246' id='answer-label-1685246' class=' answer'><span>Refactor the AWS CLI scripts into a single script that deploys the new Lambda version. When deployment is completed, the script tests execute. If errors are detected, revert to the previous Lambda version.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435514[]' id='answer-id-1685247' class='answer   answerof-435514 ' value='1685247'   \/><label for='answer-id-1685247' id='answer-label-1685247' class=' answer'><span>Create and deploy an AWS CloudFormation stack that consists of a new API Gateway endpoint that references the new Lambda version. Change the CloudFront origin to the new API Gateway endpoint, monitor errors and if detected, change the AWS CloudFront origin to the previous API Gateway endpoint.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-29' style=';'><div id='questionWrap-29'  class='   watupro-question-id-435515'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>29. <\/span>A company has a multi-tier web application that runs on a fleet of Amazon EC2 instances behind an Application Load Balancer (ALB). The instances are in an Auto Scaling group. The ALB and the Auto Scaling group are replicated in a backup AWS Region. The minimum value and the maximum value for the Auto Scaling group are set to zero. An Amazon RDS Multi-AZ DB instance stores the application\u2019s data. The DB instance has a read replica in the backup Region. The application presents an endpoint to end users by using an Amazon Route 53 record. <br \/>\r<br>The company needs to reduce its RTO to less than 15 minutes by giving the application the ability to automatically fail over to the backup Region. The company does not have a large enough budget for an active-active strategy. <br \/>\r<br>What should a solutions architect recommend to meet these requirements?<\/div><input type='hidden' name='question_id[]' id='qID_29' value='435515' \/><input type='hidden' id='answerType435515' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435515[]' id='answer-id-1685248' class='answer   answerof-435515 ' value='1685248'   \/><label for='answer-id-1685248' id='answer-label-1685248' class=' answer'><span>Reconfigure the application\u2019s Route 53 record with a latency-based routing policy that load balances traffic between the two ALBs. Create an AWS Lambda function in the backup Region to promote the read replica and modify the Auto Scaling group values. Create an Amazon CloudWatch alarm that is based on the HTTPCode_Target_5XX_Count metric for the ALB in the primary Region. Configure the CloudWatch alarm to invoke the Lambda function.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435515[]' id='answer-id-1685249' class='answer   answerof-435515 ' value='1685249'   \/><label for='answer-id-1685249' id='answer-label-1685249' class=' answer'><span>Create an AWS Lambda function in the backup Region to promote the read replica and modify the Auto Scaling group values. Configure Route 53 with a health check that monitors the web application and sends an Amazon Simple Notification Service (Amazon SNS) notification to the Lambda function when the health check status is unhealthy. Update the application\u2019s Route 53 record with a failover policy that routes traffic to the ALB in the backup Region when a health check failure occurs.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435515[]' id='answer-id-1685250' class='answer   answerof-435515 ' value='1685250'   \/><label for='answer-id-1685250' id='answer-label-1685250' class=' answer'><span>Configure the Auto Scaling group in the backup Region to have the same values as the Auto Scaling group in the primary Region. Reconfigure the application\u2019s Route 53 record with a latency-based routing policy that load balances traffic between the two ALBs. Remove the read replica. Replace the read replica with a standalone RDS DB instance. Configure Cross-Region Replicationbetween the RDS DB instances by using snapshots and Amazon S3.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435515[]' id='answer-id-1685251' class='answer   answerof-435515 ' value='1685251'   \/><label for='answer-id-1685251' id='answer-label-1685251' class=' answer'><span>Configure an endpoint in AWS Global Accelerator with the two ALBs as equal weighted targets. \r\nCreate an AWS Lambda function in the backup Region to promote the read replica and modify the \r\nAuto Scaling group values. Create an Amazon CloudWatch alarm that is based on the \r\nHTTPCode_Target_5XX_Count metric for the ALB in the primary Region. Configure the CloudWatch \r\nalarm to invoke the Lambda function.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-30' style=';'><div id='questionWrap-30'  class='   watupro-question-id-435516'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>30. <\/span>A company runs a Java application that has complex dependencies on VMs that are in the company's data center. The application is stable. but the company wants to modernize the technology stack. The company wants to migrate the application to AWS and minimize the administrative overhead to maintain the servers. <br \/>\r<br>Which solution will meet these requirements with the LEAST code changes?<\/div><input type='hidden' name='question_id[]' id='qID_30' value='435516' \/><input type='hidden' id='answerType435516' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435516[]' id='answer-id-1685252' class='answer   answerof-435516 ' value='1685252'   \/><label for='answer-id-1685252' id='answer-label-1685252' class=' answer'><span>Migrate the application to Amazon Elastic Container Service (Amazon ECS) on AWS Fargate by using AWS App2Container. Store container images in Amazon Elastic Container Registry (Amazon ECR). Grant the ECS task execution role permission 10 access the ECR image repository. Configure Amazon ECS to use an Application Load Balancer (ALB). Use the ALB to interact with the application.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435516[]' id='answer-id-1685253' class='answer   answerof-435516 ' value='1685253'   \/><label for='answer-id-1685253' id='answer-label-1685253' class=' answer'><span>Migrate the application code to a container that runs in AWS Lambda. Build an Amazon API Gateway REST API with Lambda integration. Use API Gateway to interact with the application.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435516[]' id='answer-id-1685254' class='answer   answerof-435516 ' value='1685254'   \/><label for='answer-id-1685254' id='answer-label-1685254' class=' answer'><span>Migrate the application to Amazon Elastic Kubernetes Service (Amazon EKS) on EKS managed node groups by using AWS App2Container. Store container images in Amazon Elastic Container Registry (Amazon ECR). Give the EKS nodes permission to access the ECR image repository. Use Amazon API Gateway to interact with the application.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435516[]' id='answer-id-1685255' class='answer   answerof-435516 ' value='1685255'   \/><label for='answer-id-1685255' id='answer-label-1685255' class=' answer'><span>Migrate the application code to a container that runs in AWS Lambda. Configure Lambda to use an Application Load Balancer (ALB). Use the ALB to interact with the application.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-31' style=';'><div id='questionWrap-31'  class='   watupro-question-id-435517'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>31. <\/span>A large company is running a popular web application. The application runs on several Amazon EC2 Linux Instances in an Auto Scaling group in a private subnet. An Application Load Balancer is targeting <br \/>\r<br>the Instances In the Auto Scaling group in the private subnet. AWS Systems Manager Session Manager Is configured, and AWS Systems Manager Agent is running on all the EC2 instances. <br \/>\r<br>The company recently released a new version of the application Some EC2 instances are now being marked as unhealthy and are being terminated As a result, the application is running at reduced capacity A solutions architect tries to determine the root cause by analyzing Amazon CloudWatch logs that are collected from the application, but the logs are inconclusive <br \/>\r<br>How should the solutions architect gain access to an EC2 instance to troubleshoot the issue1?<\/div><input type='hidden' name='question_id[]' id='qID_31' value='435517' \/><input type='hidden' id='answerType435517' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435517[]' id='answer-id-1685256' class='answer   answerof-435517 ' value='1685256'   \/><label for='answer-id-1685256' id='answer-label-1685256' class=' answer'><span>Suspend the Auto Scaling group's HealthCheck scaling process. Use Session Manager to log in to an instance that is marked as unhealthy<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435517[]' id='answer-id-1685257' class='answer   answerof-435517 ' value='1685257'   \/><label for='answer-id-1685257' id='answer-label-1685257' class=' answer'><span>Enable EC2 instance termination protection Use Session Manager to log In to an instance that is marked as unhealthy.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435517[]' id='answer-id-1685258' class='answer   answerof-435517 ' value='1685258'   \/><label for='answer-id-1685258' id='answer-label-1685258' class=' answer'><span>Set the termination policy to Oldestinstance on the Auto Scaling group. Use Session Manager to log in to an instance that is marked as unhealthy<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435517[]' id='answer-id-1685259' class='answer   answerof-435517 ' value='1685259'   \/><label for='answer-id-1685259' id='answer-label-1685259' class=' answer'><span>Suspend the Auto Scaling group's Terminate process. Use Session Manager to log in to an instance that is marked as unhealthy<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-32' style=';'><div id='questionWrap-32'  class='   watupro-question-id-435518'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>32. <\/span>A security engineer determined that an existing application retrieves credentials to an Amazon RDS for MySQL database from an encrypted file in Amazon S3. For the next version of the application, the security engineer wants to implement the following application design changes to improve security:. The database must use strong, randomly generated passwords stored in a secure AWS managed service. <br \/>\r<br>The application resources must be deployed through AWS CloudFormation. <br \/>\r<br>The application must rotate credentials for the database every 90 days. <br \/>\r<br>A solutions architect will generate a CloudFormation template to deploy the application. <br \/>\r<br>Which resources specified in the CloudFormation template will meet the security engineer's requirements with the LEAST amount of operational overhead?<\/div><input type='hidden' name='question_id[]' id='qID_32' value='435518' \/><input type='hidden' id='answerType435518' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435518[]' id='answer-id-1685260' class='answer   answerof-435518 ' value='1685260'   \/><label for='answer-id-1685260' id='answer-label-1685260' class=' answer'><span>Generate the database password as a secret resource using AWS Secrets Manager. Create an AWS Lambda function resource to rotate the database password. Specify a Secrets Manager RotationSchedule resource to rotate the database password every 90 days.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435518[]' id='answer-id-1685261' class='answer   answerof-435518 ' value='1685261'   \/><label for='answer-id-1685261' id='answer-label-1685261' class=' answer'><span>Generate the database password as a SecureString parameter type using AWS Systems Manager Parameter Store. Create an AWS Lambda function resource to rotate the database password. Specifya Parameter Store RotationSchedule resource to rotate the database password every 90 days.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435518[]' id='answer-id-1685262' class='answer   answerof-435518 ' value='1685262'   \/><label for='answer-id-1685262' id='answer-label-1685262' class=' answer'><span>Generate the database password as a secret resource using AWS Secrets Manager. Create an AWS Lambda function resource to rotate the database password. Create an Amazon EventBridge scheduled rule resource to trigger the Lambda function password rotation every 90 days.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435518[]' id='answer-id-1685263' class='answer   answerof-435518 ' value='1685263'   \/><label for='answer-id-1685263' id='answer-label-1685263' class=' answer'><span>Generate the database password as a SecureString parameter type using AWS Systems Manager Parameter Store. Specify an AWS AppSync DataSource resource to automatically rotate the database password every 90 days.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-33' style=';'><div id='questionWrap-33'  class='   watupro-question-id-435519'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>33. <\/span>A company has an application that runs on Amazon EC2 instances. A solutions architect is designing VPC infrastructure in an AWS Region where the application needs to access an Amazon Aurora DB cluster. The EC2 instances are all associated with the same security group. The DB cluster is associated with its own security group. <br \/>\r<br>The solutions architect needs to add rules to the security groups to provide the application with least privilege access to the DB cluster. <br \/>\r<br>Which combination of steps will meet these requirements? (Select TWO.)<\/div><input type='hidden' name='question_id[]' id='qID_33' value='435519' \/><input type='hidden' id='answerType435519' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435519[]' id='answer-id-1685264' class='answer   answerof-435519 ' value='1685264'   \/><label for='answer-id-1685264' id='answer-label-1685264' class=' answer'><span>Add an inbound rule to the EC2 instances' security group. Specify the DB cluster's security group as the source over the default Aurora port.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435519[]' id='answer-id-1685265' class='answer   answerof-435519 ' value='1685265'   \/><label for='answer-id-1685265' id='answer-label-1685265' class=' answer'><span>Add an outbound rule to the EC2 instances' security group. Specify the DB cluster's security group as the destination over the default Aurora port.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435519[]' id='answer-id-1685266' class='answer   answerof-435519 ' value='1685266'   \/><label for='answer-id-1685266' id='answer-label-1685266' class=' answer'><span>Add an inbound rule to the DB cluster's security group. Specify the EC2 instances' security group as the source over the default Aurora port.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435519[]' id='answer-id-1685267' class='answer   answerof-435519 ' value='1685267'   \/><label for='answer-id-1685267' id='answer-label-1685267' class=' answer'><span>Add an outbound rule to the DB cluster's security group. Specify the EC2 instances' security group as the destination over the default Aurora port.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435519[]' id='answer-id-1685268' class='answer   answerof-435519 ' value='1685268'   \/><label for='answer-id-1685268' id='answer-label-1685268' class=' answer'><span>Add an outbound rule to the DB cluster's security group. Specify the EC2 instances' security group as the destination over the ephemeral ports.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-34' style=';'><div id='questionWrap-34'  class='   watupro-question-id-435520'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>34. <\/span>A company is hosting a three-tier web application in an on-premises environment. Due to a recentsurge in traffic that resulted in downtime and a significant financial impact, company management has ordered that the application be moved to AWS. The application is written in .NET and has a dependency on a MySQL database A solutions architect must design a scalable and highly available solution to meet the demand of 200000 daily users. <br \/>\r<br>Which steps should the solutions architect take to design an appropriate solution?<\/div><input type='hidden' name='question_id[]' id='qID_34' value='435520' \/><input type='hidden' id='answerType435520' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435520[]' id='answer-id-1685269' class='answer   answerof-435520 ' value='1685269'   \/><label for='answer-id-1685269' id='answer-label-1685269' class=' answer'><span>Use AWS Elastic Beanstalk to create a new application with a web server environment and an Amazon RDS MySQL Multi-AZ DB instance. The environment should launch a Network Load Balancer (NLB) in front of an Amazon EC2 Auto Scaling group in multiple Availability Zones Use an Amazon \r\nRoute 53 alias record to route traffic from the company's domain to the NL<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435520[]' id='answer-id-1685270' class='answer   answerof-435520 ' value='1685270'   \/><label for='answer-id-1685270' id='answer-label-1685270' class=' answer'><span>Use AWS CloudFormation to launch a stack containing an Application Load Balancer (ALB) in front of an Amazon EC2 Auto Scaling group spanning three Availability Zones. The stack should launch a Multi-AZ deployment of an Amazon Aurora MySQL DB cluster with a Retain deletion policy. Use an Amazon Route 53 alias record to route traffic from the company's domain to the ALB<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435520[]' id='answer-id-1685271' class='answer   answerof-435520 ' value='1685271'   \/><label for='answer-id-1685271' id='answer-label-1685271' class=' answer'><span>Use AWS Elastic Beanstalk to create an automatically scaling web server environment that spans two separate Regions with an Application Load Balancer (ALB) in each Region. Create a Multi-AZ deployment of an Amazon Aurora MySQL DB cluster with a cross-Region read replica Use Amazon Route 53 with a geoproximity routing policy to route traffic between the two Regions.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435520[]' id='answer-id-1685272' class='answer   answerof-435520 ' value='1685272'   \/><label for='answer-id-1685272' id='answer-label-1685272' class=' answer'><span>Use AWS CloudFormation to launch a stack containing an Application Load Balancer (ALB) in front of an Amazon ECS cluster of Spot Instances spanning three Availability Zones. The stack should launch an Amazon RDS MySQL DB instance with a Snapshot deletion policy Use an Amazon Route 53 alias record to route traffic from the company's domain to the ALB<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-35' style=';'><div id='questionWrap-35'  class='   watupro-question-id-435521'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>35. <\/span>A company is running a critical application that uses an Amazon RDS for MySQL database to store data. The RDS DB instance is deployed in Multi-AZ mode. <br \/>\r<br>A recent RDS database failover test caused a 40-second outage to the application A solutions architect needs to design a solution to reduce the outage time to less than 20 seconds. <br \/>\r<br>Which combination of steps should the solutions architect take to meet these requirements? (Select THREE.)<\/div><input type='hidden' name='question_id[]' id='qID_35' value='435521' \/><input type='hidden' id='answerType435521' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435521[]' id='answer-id-1685273' class='answer   answerof-435521 ' value='1685273'   \/><label for='answer-id-1685273' id='answer-label-1685273' class=' answer'><span>Use Amazon ElastiCache for Memcached in front of the database<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435521[]' id='answer-id-1685274' class='answer   answerof-435521 ' value='1685274'   \/><label for='answer-id-1685274' id='answer-label-1685274' class=' answer'><span>Use Amazon ElastiCache for Redis in front of the database.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435521[]' id='answer-id-1685275' class='answer   answerof-435521 ' value='1685275'   \/><label for='answer-id-1685275' id='answer-label-1685275' class=' answer'><span>Use RDS Proxy in front of the database<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435521[]' id='answer-id-1685276' class='answer   answerof-435521 ' value='1685276'   \/><label for='answer-id-1685276' id='answer-label-1685276' class=' answer'><span>Migrate the database to Amazon Aurora MySQL<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435521[]' id='answer-id-1685277' class='answer   answerof-435521 ' value='1685277'   \/><label for='answer-id-1685277' id='answer-label-1685277' class=' answer'><span>Create an Amazon Aurora Replica<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-435521[]' id='answer-id-1685278' class='answer   answerof-435521 ' value='1685278'   \/><label for='answer-id-1685278' id='answer-label-1685278' class=' answer'><span>Create an RDS for MySQL read replica<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-36' style=';'><div id='questionWrap-36'  class='   watupro-question-id-435522'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>36. <\/span>A company runs its application in the eu-west-1 Region and has one account for each of its environments development, testing, and production All the environments are running 24 hours a day 7 days a week by using stateful Amazon EC2 instances and Amazon RDS for MySQL databases. The databases are between 500 GB and 800 GB in size. The development team and testing team work on business days during business hours, but the production environment operates 24 hours a day. 7 days a week. The company wants to reduce costs AH resources are tagged with an environment tag with either development, testing, or production as the key. <br \/>\r<br>What should a solutions architect do to reduce costs with the LEAST operational effort?<\/div><input type='hidden' name='question_id[]' id='qID_36' value='435522' \/><input type='hidden' id='answerType435522' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435522[]' id='answer-id-1685279' class='answer   answerof-435522 ' value='1685279'   \/><label for='answer-id-1685279' id='answer-label-1685279' class=' answer'><span>Create an Amazon EventBridge (Amazon CloudWatch Events) rule that runs once every day Configure the rule to invoke one AWS Lambda function that starts or stops instances based on the tag day and time.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435522[]' id='answer-id-1685280' class='answer   answerof-435522 ' value='1685280'   \/><label for='answer-id-1685280' id='answer-label-1685280' class=' answer'><span>Create an Amazon EventBridge (Amazon CloudWatch Events) rule that runs every business day in the evening. Configure the rule to invoke an AWS Lambda function that stops instances based on the tag-Create a second EventBridge (CloudWatch Events) rule that runs every business day in the morning Configure the second rule to invoke another Lambda function that starts instances based on the tag<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435522[]' id='answer-id-1685281' class='answer   answerof-435522 ' value='1685281'   \/><label for='answer-id-1685281' id='answer-label-1685281' class=' answer'><span>Create an Amazon EventBridge (Amazon CloudWatch Events) rule that runs every business day in the evening Configure the rule to invoke an AWS Lambda function that terminates instances based on the tag Create a second EventBridge (CloudWatch Events) rule that runs every business day in the morning Configure the second rule to invoke another Lambda function that restores the instances from their last backup based on the tag.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435522[]' id='answer-id-1685282' class='answer   answerof-435522 ' value='1685282'   \/><label for='answer-id-1685282' id='answer-label-1685282' class=' answer'><span>Create an Amazon EventBridge rule that runs every hour. Configure the rule to invoke one AWS Lambda function that terminates or restores instances from their last backup based on the tag. day, and time.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-37' style=';'><div id='questionWrap-37'  class='   watupro-question-id-435523'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>37. <\/span>A company is planning to host a web application on AWS and works to load balance the traffic across a group of Amazon EC2 instances. One of the security requirements is to enable end-to-end encryption in transit between the client and the web server. <br \/>\r<br>Which solution will meet this requirement?<\/div><input type='hidden' name='question_id[]' id='qID_37' value='435523' \/><input type='hidden' id='answerType435523' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435523[]' id='answer-id-1685283' class='answer   answerof-435523 ' value='1685283'   \/><label for='answer-id-1685283' id='answer-label-1685283' class=' answer'><span>Place the EC2 instances behind an Application Load Balancer (ALB) Provision an SSL certificate using AWS Certificate Manager (ACM), and associate the SSL certificate with the AL<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435523[]' id='answer-id-1685284' class='answer   answerof-435523 ' value='1685284'   \/><label for='answer-id-1685284' id='answer-label-1685284' class=' answer'><span>Export the SSL certificate and install it on each EC2 instance. Configure the ALB to listen on port443 and to forward traffic to port 443 on the instances.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435523[]' id='answer-id-1685285' class='answer   answerof-435523 ' value='1685285'   \/><label for='answer-id-1685285' id='answer-label-1685285' class=' answer'><span>Associate the EC2 instances with a target group. Provision an SSL certificate using AWS Certificate Manager (ACM). Create an Amazon CloudFront distribution and configure It to use the SSL certificate. Set CloudFront to use the target group as the origin server<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435523[]' id='answer-id-1685286' class='answer   answerof-435523 ' value='1685286'   \/><label for='answer-id-1685286' id='answer-label-1685286' class=' answer'><span>Place the EC2 instances behind an Application Load Balancer (ALB). Provision an SSL certificate using AWS Certificate Manager (ACM), and associate the SSL certificate with the AL<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435523[]' id='answer-id-1685287' class='answer   answerof-435523 ' value='1685287'   \/><label for='answer-id-1685287' id='answer-label-1685287' class=' answer'><span>Provision a third-party SSL certificate and install it on each EC2 instance. Configure the ALB to listen on port 443 and to forward traffic to port 443 on the instances.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435523[]' id='answer-id-1685288' class='answer   answerof-435523 ' value='1685288'   \/><label for='answer-id-1685288' id='answer-label-1685288' class=' answer'><span>Place the EC2 instances behind a Network Load Balancer (NLB). Provision a third-party SSL certificate and install it on the NLB and on each EC2 instance. Configure the NLB to listen on port 443 and to forward traffic to port 443 on the instances.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-38' style=';'><div id='questionWrap-38'  class='   watupro-question-id-435524'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>38. <\/span>A company is running an application in the AWS Cloud. Recent application metrics show inconsistent response times and a significant increase in error rates. Calls to third-party services are causing the delays. Currently, the application calls third-party services synchronously by directly invoking an AWS Lambda function. <br \/>\r<br>A solutions architect needs to decouple the third-party service calls and ensure that all the calls are eventually completed. <br \/>\r<br>Which solution will meet these requirements?<\/div><input type='hidden' name='question_id[]' id='qID_38' value='435524' \/><input type='hidden' id='answerType435524' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435524[]' id='answer-id-1685289' class='answer   answerof-435524 ' value='1685289'   \/><label for='answer-id-1685289' id='answer-label-1685289' class=' answer'><span>Use an Amazon Simple Queue Service (Amazon SQS) queue to store events and invoke the Lambda function.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435524[]' id='answer-id-1685290' class='answer   answerof-435524 ' value='1685290'   \/><label for='answer-id-1685290' id='answer-label-1685290' class=' answer'><span>Use an AWS Step Functions state machine to pass events to the Lambda function.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435524[]' id='answer-id-1685291' class='answer   answerof-435524 ' value='1685291'   \/><label for='answer-id-1685291' id='answer-label-1685291' class=' answer'><span>Use an Amazon EventBridge rule to pass events to the Lambda function.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435524[]' id='answer-id-1685292' class='answer   answerof-435524 ' value='1685292'   \/><label for='answer-id-1685292' id='answer-label-1685292' class=' answer'><span>Use an Amazon Simple Notification Service (Amazon SNS) topic to store events and Invoke the Lambda function.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-39' style=';'><div id='questionWrap-39'  class='   watupro-question-id-435525'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>39. <\/span>A company is running a web application in the AWS Cloud. The application consists of dynamic content that is created on a set of Amazon EC2 instances. The <br \/>\r<br>EC2 instances run in an Auto Scaling group that is configured as a target group for an Application Load Balancer (ALB). <br \/>\r<br>The company is using an Amazon CloudFront distribution to distribute the application globally. The CloudFront distribution uses the ALB as an origin. The company uses Amazon Route 53 for DNS and has created an A record of www.example.com for the CloudFront distribution. <br \/>\r<br>A solutions architect must configure the application so that itis highly available and fault tolerant. <br \/>\r<br>Which solution meets these requirements?<\/div><input type='hidden' name='question_id[]' id='qID_39' value='435525' \/><input type='hidden' id='answerType435525' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435525[]' id='answer-id-1685293' class='answer   answerof-435525 ' value='1685293'   \/><label for='answer-id-1685293' id='answer-label-1685293' class=' answer'><span>Provision a full, secondary application deployment in a different AWS Region. Update the Route 53 A record to be a failover record. Add both of the CloudFront distributions as values. Create Route 53 health checks.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435525[]' id='answer-id-1685294' class='answer   answerof-435525 ' value='1685294'   \/><label for='answer-id-1685294' id='answer-label-1685294' class=' answer'><span>Provision an ALB, an Auto Scaling group, and EC2 instances in a different AWS Region. Update the CloudFront distribution, and create a second origin for the new AL<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435525[]' id='answer-id-1685295' class='answer   answerof-435525 ' value='1685295'   \/><label for='answer-id-1685295' id='answer-label-1685295' class=' answer'><span>Create an origin group for the two origins. Configure one origin as primary and one origin as secondary.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435525[]' id='answer-id-1685296' class='answer   answerof-435525 ' value='1685296'   \/><label for='answer-id-1685296' id='answer-label-1685296' class=' answer'><span>Provision an Auto Scaling group and EC2 instances in a different AWS Region. Create a second target for the new Auto Scaling group in the AL<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435525[]' id='answer-id-1685297' class='answer   answerof-435525 ' value='1685297'   \/><label for='answer-id-1685297' id='answer-label-1685297' class=' answer'><span>Set up the failover routing algorithm on the AL<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435525[]' id='answer-id-1685298' class='answer   answerof-435525 ' value='1685298'   \/><label for='answer-id-1685298' id='answer-label-1685298' class=' answer'><span>Provision a full, secondary application deployment in a different AWS Region. Create a second CloudFront distribution, and add the new application setup as an origin. Create an AWS Global Accelerator accelerator. Add both of the CloudFront distributions as endpoints.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-40' style=';'><div id='questionWrap-40'  class='   watupro-question-id-435526'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>40. <\/span>A startup company hosts a fleet of Amazon EC2 instances in private subnets using the latest Amazon Linux 2 AMI. The company's engineers rely heavily on SSH access to the instances for troubleshooting. <br \/>\r<br>The company's existing architecture includes the following: <br \/>\r<br>&#8226; A VPC with private and public subnets, and a NAT gateway <br \/>\r<br>&#8226; Site-to-Site VPN for connectivity with the on-premises environment <br \/>\r<br>&#8226; EC2 security groups with direct SSH access from the on-premises environment <br \/>\r<br>The company needs to increase security controls around SSH access and provide auditing of commands executed by the engineers. <br \/>\r<br>Which strategy should a solutions architect use?<\/div><input type='hidden' name='question_id[]' id='qID_40' value='435526' \/><input type='hidden' id='answerType435526' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435526[]' id='answer-id-1685299' class='answer   answerof-435526 ' value='1685299'   \/><label for='answer-id-1685299' id='answer-label-1685299' class=' answer'><span>Install and configure EC2 Instance Connect on the fleet of EC2 instances. Remove all security group rules attached to EC2 instances that allow inbound TCP on port 22. Advise the engineers to remotely access the instances by using the EC2 Instance Connect CL<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435526[]' id='answer-id-1685300' class='answer   answerof-435526 ' value='1685300'   \/><label for='answer-id-1685300' id='answer-label-1685300' class=' answer'><span>Update the EC2 security groups to only allow inbound TCP on port 22 to the IP addresses of the engineer's devices. Install the Amazon CloudWatch agent on all EC2 instances and send operating system audit logs to CloudWatch Logs.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435526[]' id='answer-id-1685301' class='answer   answerof-435526 ' value='1685301'   \/><label for='answer-id-1685301' id='answer-label-1685301' class=' answer'><span>Update the EC2 security groups to only allow inbound TCP on port 22 to the IP addresses of the engineer's devices. Enable AWS Config for EC2 security group resource changes. Enable AWS Firewall Manager and apply a security group policy that automatically remediates changes to rules.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-435526[]' id='answer-id-1685302' class='answer   answerof-435526 ' value='1685302'   \/><label for='answer-id-1685302' id='answer-label-1685302' class=' answer'><span>Create an IAM role with the AmazonSSMManagedInstanceCore managed policy attached. Attach the IAM role to all the EC2 instances. Remove all security group rules attached to the EC2 instances that allow inbound TCP on port 22. Have the engineers install the AWS Systems Manager Session Manager plugin for their devices and remotely access the instances by using the start-session API call from Systems Manager.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div style='display:none' id='question-41'>\n\t<div class='question-content'>\n\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.dumpsbase.com\/freedumps\/wp-content\/plugins\/watupro\/img\/loading.gif\" width=\"16\" height=\"16\" alt=\"Loading...\" title=\"Loading...\" \/>&nbsp;Loading...\t<\/div>\n<\/div>\n\n<br \/>\n\t\n\t\t\t<div class=\"watupro_buttons flex \" id=\"watuPROButtons11062\" >\n\t\t  <div id=\"prev-question\" style=\"display:none;\"><input type=\"button\" value=\"&lt; Previous\" onclick=\"WatuPRO.nextQuestion(event, 'previous');\"\/><\/div>\t\t  \t\t  \t\t   \n\t\t   \t  \t\t<div><input type=\"button\" name=\"action\" class=\"watupro-submit-button\" onclick=\"WatuPRO.submitResult(event)\" id=\"action-button\" value=\"View Results\"  \/>\n\t\t<\/div>\n\t\t<\/div>\n\t\t\n\t<input type=\"hidden\" name=\"quiz_id\" value=\"11062\" id=\"watuPROExamID\"\/>\n\t<input type=\"hidden\" name=\"start_time\" id=\"startTime\" value=\"2026-05-05 22:57:34\" \/>\n\t<input type=\"hidden\" name=\"start_timestamp\" id=\"startTimeStamp\" value=\"1778021854\" \/>\n\t<input type=\"hidden\" name=\"question_ids\" value=\"\" \/>\n\t<input type=\"hidden\" name=\"watupro_questions\" value=\"435487:1685118,1685119,1685120,1685121,1685122,1685123 | 435488:1685124,1685125,1685126,1685127,1685128 | 435489:1685129,1685130,1685131,1685132 | 435490:1685133,1685134,1685135,1685136 | 435491:1685137,1685138,1685139,1685140,1685141 | 435492:1685142,1685143,1685144,1685145,1685146 | 435493:1685147,1685148,1685149,1685150 | 435494:1685151,1726115,1726116,1726117,1726118,1726119 | 435495:1685152,1685153,1685154,1685155,1685156,1685157 | 435496:1685158,1685159,1685160,1685161 | 435497:1685162,1685163,1685164,1685165 | 435498:1685166,1685167,1685168,1685169 | 435499:1685170,1685171,1685172,1685173,1685174 | 435500:1685175,1685176,1685177,1685178,1685179 | 435501:1685180,1685181,1685182,1685183,1685184 | 435502:1685185,1685186,1685187,1685188,1685189,1685190,1685191,1685192 | 435503:1685193,1685194,1685195,1685196,1685197,1685198 | 435504:1685199,1685200,1685201,1685202 | 435505:1685203,1685204,1685205,1685206,1685207,1685208 | 435506:1685209,1685210,1685211,1685212 | 435507:1685213,1685214,1685215,1685216 | 435508:1685217,1685218,1685219,1685220 | 435509:1685221,1685222,1685223,1685224 | 435510:1685225,1685226,1685227,1685228 | 435511:1685229,1685230,1685231,1685232 | 435512:1685233,1685234,1685235,1685236,1685237,1685238,1685239 | 435513:1685240,1685241,1685242,1685243 | 435514:1685244,1685245,1685246,1685247 | 435515:1685248,1685249,1685250,1685251 | 435516:1685252,1685253,1685254,1685255 | 435517:1685256,1685257,1685258,1685259 | 435518:1685260,1685261,1685262,1685263 | 435519:1685264,1685265,1685266,1685267,1685268 | 435520:1685269,1685270,1685271,1685272 | 435521:1685273,1685274,1685275,1685276,1685277,1685278 | 435522:1685279,1685280,1685281,1685282 | 435523:1685283,1685284,1685285,1685286,1685287,1685288 | 435524:1685289,1685290,1685291,1685292 | 435525:1685293,1685294,1685295,1685296,1685297,1685298 | 435526:1685299,1685300,1685301,1685302\" \/>\n\t<input type=\"hidden\" name=\"no_ajax\" value=\"0\">\t\t\t<\/form>\n\t<p>&nbsp;<\/p>\n<\/div>\n\n<script type=\"text\/javascript\">\n\/\/jQuery(document).ready(function(){\ndocument.addEventListener(\"DOMContentLoaded\", function(event) { \t\nvar question_ids = \"435487,435488,435489,435490,435491,435492,435493,435494,435495,435496,435497,435498,435499,435500,435501,435502,435503,435504,435505,435506,435507,435508,435509,435510,435511,435512,435513,435514,435515,435516,435517,435518,435519,435520,435521,435522,435523,435524,435525,435526\";\nWatuPROSettings[11062] = {};\nWatuPRO.qArr = question_ids.split(',');\nWatuPRO.exam_id = 11062;\t    \nWatuPRO.post_id = 116204;\nWatuPRO.store_progress = 0;\nWatuPRO.curCatPage = 1;\nWatuPRO.requiredIDs=\"0\".split(\",\");\nWatuPRO.hAppID = \"0.07418600 1778021854\";\nvar url = \"https:\/\/www.dumpsbase.com\/freedumps\/wp-content\/plugins\/watupro\/show_exam.php\";\nWatuPRO.examMode = 1;\nWatuPRO.siteURL=\"https:\/\/www.dumpsbase.com\/freedumps\/wp-admin\/admin-ajax.php\";\nWatuPRO.emailIsNotRequired = 0;\nWatuPROIntel.init(11062);\nWatuPRO.inCategoryPages=1;});    \t \n<\/script>\n","protected":false},"excerpt":{"rendered":"<p>It is a great way to pass the AWS Certified Solutions Architect &#8211; Professional (SAP-C02) exam, helping you show your skills and open doors to better career opportunities. DumpsBase provides updated SAP-C02 dumps (V12.02) that help you focus on the most important areas, making preparation more effective and stress-free. With the right exam questions and [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[175,15637],"tags":[20618,20619],"class_list":["post-116204","post","type-post","status-publish","format-standard","hentry","category-amazon","category-aws-certification","tag-aws-certified-solutions-architect-professional-sap-c02-exam","tag-sap-c02-dump-questions"],"_links":{"self":[{"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/posts\/116204","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/comments?post=116204"}],"version-history":[{"count":1,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/posts\/116204\/revisions"}],"predecessor-version":[{"id":116205,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/posts\/116204\/revisions\/116205"}],"wp:attachment":[{"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/media?parent=116204"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/categories?post=116204"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/tags?post=116204"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}