{"id":117331,"date":"2026-01-08T09:08:11","date_gmt":"2026-01-08T09:08:11","guid":{"rendered":"https:\/\/www.dumpsbase.com\/freedumps\/?p=117331"},"modified":"2026-01-12T08:05:04","modified_gmt":"2026-01-12T08:05:04","slug":"latest-aws-sap-c02-dumps-v13-02-sap-c02-free-dumps-part-1-q1-q40-pass-confidently-jan-2026","status":"publish","type":"post","link":"https:\/\/www.dumpsbase.com\/freedumps\/latest-aws-sap-c02-dumps-v13-02-sap-c02-free-dumps-part-1-q1-q40-pass-confidently-jan-2026.html","title":{"rendered":"Latest AWS SAP-C02 Dumps (V13.02) + SAP-C02 Free Dumps (Part 1, Q1-Q40) \u2013 Pass Confidently (Jan 2026)"},"content":{"rendered":"<p>DumpsBase offers the latest AWS SAP-C02 dumps (V13.02) to ensure you pass the AWS Certified Solutions Architect &#8211; Professional exam confidently. These updated dumps have been completely revamped to help you achieve top results in the AWS Certified Solutions Architect &#8211; Professional certification. All 585 practice exam questions and answers are aligned with the latest exam objectives and topic distribution, which are designed to help you identify weak areas, improve problem-solving speed, and build confidence through realistic scenarios. Trust DumpsBase. With the right preparation strategy and access to quality SAP-C02 dumps (V13.02), passing the exam and advancing your career in cloud architecture becomes an achievable goal.<\/p>\n<h2>Today, we have <span style=\"background-color: #ccffff;\"><em>SAP-C02 free dumps (Part 1, Q1-Q40) of V13.02 below<\/em><\/span> for reading:<\/h2>\n<script>\n\t  window.fbAsyncInit = function() {\n\t    FB.init({\n\t      appId            : '622169541470367',\n\t      autoLogAppEvents : true,\n\t      xfbml            : true,\n\t      version          : 'v3.1'\n\t    });\n\t  };\n\t\n\t  (function(d, s, id){\n\t     var js, fjs = d.getElementsByTagName(s)[0];\n\t     if (d.getElementById(id)) {return;}\n\t     js = d.createElement(s); js.id = id;\n\t     js.src = \"https:\/\/connect.facebook.net\/en_US\/sdk.js\";\n\t     fjs.parentNode.insertBefore(js, fjs);\n\t   }(document, 'script', 'facebook-jssdk'));\n\t<\/script><script type=\"text\/javascript\" >\ndocument.addEventListener(\"DOMContentLoaded\", function(event) { \nif(!window.jQuery) alert(\"The important jQuery library is not properly loaded in your site. Your WordPress theme is probably missing the essential wp_head() call. You can switch to another theme and you will see that the plugin works fine and this notice disappears. If you are still not sure what to do you can contact us for help.\");\n});\n<\/script>  \n  \n<div  id=\"watupro_quiz\" class=\"quiz-area single-page-quiz\">\n<p id=\"submittingExam11412\" style=\"display:none;text-align:center;\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.dumpsbase.com\/freedumps\/wp-content\/plugins\/watupro\/img\/loading.gif\" width=\"16\" height=\"16\"><\/p>\n\n<div class=\"watupro-exam-description\" id=\"description-quiz-11412\"><\/div>\n\n<form action=\"\" method=\"post\" class=\"quiz-form\" id=\"quiz-11412\"  enctype=\"multipart\/form-data\" >\n<div class='watu-question ' id='question-1' style=';'><div id='questionWrap-1'  class='   watupro-question-id-448392'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>1. <\/span>A delivery company needs to migrate its third-party route planning application to AWS. The third party supplies a supported Docker image from a public registry. The image can run in as many containers as required to generate the route map. <br \/>\r<br>The company has divided the delivery area into sections with supply hubs so that delivery drivers travel the shortest distance possible from the hubs to the customers. To reduce the time necessary to generate route maps, each section uses its own set of Docker containers with a custom configuration that processes orders only in the section's area. <br \/>\r<br>The company needs the ability to allocate resources cost-effectively based on the number of running containers. <br \/>\r<br>Which solution will meet these requirements with the LEAST operational overhead?<\/div><input type='hidden' name='question_id[]' id='qID_1' value='448392' \/><input type='hidden' id='answerType448392' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448392[]' id='answer-id-1734857' class='answer   answerof-448392 ' value='1734857'   \/><label for='answer-id-1734857' id='answer-label-1734857' class=' answer'><span>Create an Amazon Elastic Kubernetes Service (Amazon EKS) cluster on Amazon EC2. Use the Amazon EKS CLI to launch the planning application in pods by using the -tags option to assign a custom tag to the pod.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448392[]' id='answer-id-1734858' class='answer   answerof-448392 ' value='1734858'   \/><label for='answer-id-1734858' id='answer-label-1734858' class=' answer'><span>Create an Amazon Elastic Kubernetes Service (Amazon EKS) cluster on AWS Fargate. Use the Amazon EKS CLI to launch the planning application. Use the AWS CLI tag-resource API call to assign a custom tag to the pod.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448392[]' id='answer-id-1734859' class='answer   answerof-448392 ' value='1734859'   \/><label for='answer-id-1734859' id='answer-label-1734859' class=' answer'><span>Create an Amazon Elastic Container Service (Amazon ECS) cluster on Amazon EC2. Use the AWS CLI with run-tasks set to true to launch the planning application by using the -tags option to assign a custom tag to the task.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448392[]' id='answer-id-1734860' class='answer   answerof-448392 ' value='1734860'   \/><label for='answer-id-1734860' id='answer-label-1734860' class=' answer'><span>Create an Amazon Elastic Container Service (Amazon ECS) cluster on AWS Fargate. Use the AWS CLI run-task command and set enableECSManagedTags to true to launch the planning application. Use the --tags option to assign a custom tag to the task.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-2' style=';'><div id='questionWrap-2'  class='   watupro-question-id-448393'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>2. <\/span>An enterprise company wants to allow its developers to purchase third-party software through AWS <br \/>\r<br>Marketplace. The company uses an AWS Organizations account structure with full features enabled, and has a shared services account in each organizational unit (OU) that will be used by procurement managers. The procurement team's policy indicates that developers should be able to obtain third-party software from an approved list only and use Private Marketplace in AWS Marketplace to achieve this requirement . The procurement team wants administration of Private Marketplace to be restricted to a role named procurement-manager-role, which could be assumed by procurement managers Other IAM users groups, roles, and account administrators in the company should be denied Private Marketplace administrative access <br \/>\r<br>What is the MOST efficient way to design an architecture to meet these requirements?<\/div><input type='hidden' name='question_id[]' id='qID_2' value='448393' \/><input type='hidden' id='answerType448393' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448393[]' id='answer-id-1734861' class='answer   answerof-448393 ' value='1734861'   \/><label for='answer-id-1734861' id='answer-label-1734861' class=' answer'><span>Create an IAM role named procurement-manager-role in all AWS accounts in the organization Add the PowerUserAccess managed policy to the role Apply an inline policy to all IAM users and roles in every AWS account to deny permissions on the AWSPrivateMarketplaceAdminFullAccess managed policy.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448393[]' id='answer-id-1734862' class='answer   answerof-448393 ' value='1734862'   \/><label for='answer-id-1734862' id='answer-label-1734862' class=' answer'><span>Create an IAM role named procurement-manager-role in all AWS accounts in the organization Add the AdministratorAccess managed policy to the role Define a permissions boundary with the AWSPrivateMarketplaceAdminFullAccess managed policy and attach it to all the developer roles.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448393[]' id='answer-id-1734863' class='answer   answerof-448393 ' value='1734863'   \/><label for='answer-id-1734863' id='answer-label-1734863' class=' answer'><span>Create an IAM role named procurement-manager-role in all the shared services accounts in the organization Add the AWSPrivateMarketplaceAdminFullAccess managed policy to the role Create an organization root-level SCP to deny permissions to administer Private Marketplace to everyone except the role named procurement-manager-role Create another organization root-level SCP to deny permissions to create an IAM role named procurement-manager-role to everyone in the organization.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448393[]' id='answer-id-1734864' class='answer   answerof-448393 ' value='1734864'   \/><label for='answer-id-1734864' id='answer-label-1734864' class=' answer'><span>Create an IAM role named procurement-manager-role in all AWS accounts that will be used by developers. Add the AWSPrivateMarketplaceAdminFullAccess managed policy to the role. Create an SCP inOrganizations to deny permissions to administer Private Marketplace to everyone except the role named procurement-manager-role. Apply the SCP to all the shared services accounts in the organization.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-3' style=';'><div id='questionWrap-3'  class='   watupro-question-id-448394'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>3. <\/span>A company has an organization that has many AWS accounts in AWS Organizations. A solutions architect must improve how the company manages common security group rules for the AWS accounts in the organization. <br \/>\r<br>The company has a common set of IP CIDR ranges in an allow list in each AWS account to allow access to and from the company's on-premises network. <br \/>\r<br>Developers within each account are responsible for adding new IP CIDR ranges to their security groups. The security team has its own AWS account. Currently, the security team notifies the owners of the other AWS accounts when changes are made to the allow list. <br \/>\r<br>The solutions architect must design a solution that distributes the common set of CIDR ranges across all accounts. <br \/>\r<br>Which solution meets these requirements with the LEAST amount of operational overhead?<\/div><input type='hidden' name='question_id[]' id='qID_3' value='448394' \/><input type='hidden' id='answerType448394' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448394[]' id='answer-id-1734865' class='answer   answerof-448394 ' value='1734865'   \/><label for='answer-id-1734865' id='answer-label-1734865' class=' answer'><span>Set up an Amazon Simple Notification Service (Amazon SNS) topic in the security team's AWS account. Deploy an AWS Lambda function in each AWS account. Configure the Lambda function to run every time an SNS topic receives a message. Configure the Lambda function to take an IP address as input and add it to a list of security groups in the account. Instruct the security team to distribute changes by publishing messages to its SNS topic.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448394[]' id='answer-id-1734866' class='answer   answerof-448394 ' value='1734866'   \/><label for='answer-id-1734866' id='answer-label-1734866' class=' answer'><span>Create new customer-managed prefix lists in each AWS account within the organization. Populate \r\nthe prefix lists in each account with all internal CIDR ranges. Notify the owner of each AWS account to allow the new customer-managed prefix list IDs in their accounts in their security groups. Instruct the security team to share updates with each AWS account owner.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448394[]' id='answer-id-1734867' class='answer   answerof-448394 ' value='1734867'   \/><label for='answer-id-1734867' id='answer-label-1734867' class=' answer'><span>Create a new customer-managed prefix list in the security team's AWS account. Populate the customer-managed prefix list with all internal CIDR ranges. Share the customer-managed prefix list with the organization by using AWS Resource Access Manager. Notify the owner of each AWS account to allow the new customer-managed prefix list ID in their security groups.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448394[]' id='answer-id-1734868' class='answer   answerof-448394 ' value='1734868'   \/><label for='answer-id-1734868' id='answer-label-1734868' class=' answer'><span>Create an IAM role in each account in the organization. Grant permissions to update security groups. Deploy an AWS Lambda function in the security team's AWS account. Configure the Lambda function to take a list of internal IP addresses as input, assume a role in each organization account, and add the list of IP addresses to the security groups in each account.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-4' style=';'><div id='questionWrap-4'  class='   watupro-question-id-448395'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>4. <\/span>A company has a serverless application comprised of Amazon CloudFront, Amazon API Gateway, and AWS Lambda functions. The current deployment process of the application code is to create a new version number of the Lambda function and run an AWS CLI script to update. If the new function version has errors, another CLI script reverts by deploying the previous working version of the function. The company would like to decrease the time to deploy new versions of the application logic provided by the Lambda functions, and also reduce the time to detect and revert when errors are identified. <br \/>\r<br>How can this be accomplished?<\/div><input type='hidden' name='question_id[]' id='qID_4' value='448395' \/><input type='hidden' id='answerType448395' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448395[]' id='answer-id-1734869' class='answer   answerof-448395 ' value='1734869'   \/><label for='answer-id-1734869' id='answer-label-1734869' class=' answer'><span>Create and deploy nested AWS CloudFormation stacks with the parent stack consisting of the AWS CloudFront distribution and API Gateway, and the child stack containing the Lambda function. For changes to Lambda, create an AWS CloudFormation change set and deploy; if errors are triggered, revert the AWS CloudFormation change set to the previous version.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448395[]' id='answer-id-1734870' class='answer   answerof-448395 ' value='1734870'   \/><label for='answer-id-1734870' id='answer-label-1734870' class=' answer'><span>Use AWS SAM and built-in AWS CodeDeploy to deploy the new Lambda version, gradually shift traffic to the new version, and use pre-traffic and post-traffic test functions to verify code. Rollback if Amazon CloudWatch alarms are triggered.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448395[]' id='answer-id-1734871' class='answer   answerof-448395 ' value='1734871'   \/><label for='answer-id-1734871' id='answer-label-1734871' class=' answer'><span>Refactor the AWS CLI scripts into a single script that deploys the new Lambda version. When deployment is completed, the script tests execute. If errors are detected, revert to the previous Lambda version.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448395[]' id='answer-id-1734872' class='answer   answerof-448395 ' value='1734872'   \/><label for='answer-id-1734872' id='answer-label-1734872' class=' answer'><span>Create and deploy an AWS CloudFormation stack that consists of a new API Gateway endpoint that references the new Lambda version. Change the CloudFront origin to the new API Gateway endpoint, monitor errors and if detected, change the AWS CloudFront origin to the previous API Gateway endpoint.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-5' style=';'><div id='questionWrap-5'  class='   watupro-question-id-448396'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>5. <\/span>A solutions architect is designing the data storage and retrieval architecture for a new application that a company will be launching soon. The application is designed to ingest millions of small records per minute from devices all around the world. Each record is less than 4 KB in size and needs to be <br \/>\r<br>stored in a durable location where it can be retrieved with low latency. The data is ephemeral and the company is required to store the data for 120 days only, after which the data can be deleted. The solutions architect calculates that, during the course of a year, the storage requirements would be about 10-15 TB. <br \/>\r<br>Which storage strategy is the MOST cost-effective and meets the design requirements?<\/div><input type='hidden' name='question_id[]' id='qID_5' value='448396' \/><input type='hidden' id='answerType448396' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448396[]' id='answer-id-1734873' class='answer   answerof-448396 ' value='1734873'   \/><label for='answer-id-1734873' id='answer-label-1734873' class=' answer'><span>Design the application to store each incoming record as a single .csv file in an Amazon S3 bucket to allow for indexed retrieval. Configure a lifecycle policy to delete data older than 120 days.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448396[]' id='answer-id-1734874' class='answer   answerof-448396 ' value='1734874'   \/><label for='answer-id-1734874' id='answer-label-1734874' class=' answer'><span>Design the application to store each incoming record in an Amazon DynamoDB table properly configured for the scale. Configure the DynamoOB Time to Live (TTL) feature to delete records older than 120 days.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448396[]' id='answer-id-1734875' class='answer   answerof-448396 ' value='1734875'   \/><label for='answer-id-1734875' id='answer-label-1734875' class=' answer'><span>Design the application to store each incoming record in a single table in an Amazon RDS MySQL database. Run a nightly cron job that executes a query to delete any records older than 120 days.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448396[]' id='answer-id-1734876' class='answer   answerof-448396 ' value='1734876'   \/><label for='answer-id-1734876' id='answer-label-1734876' class=' answer'><span>Design the application to batch incoming records before writing them to an Amazon S3 bucket. \r\nUpdate the metadata for the object to contain the list of records in the batch and use the Amazon S3 metadata search feature to retrieve the data. Configure a lifecycle policy to delete the data after 120 days.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-6' style=';'><div id='questionWrap-6'  class='   watupro-question-id-448397'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>6. <\/span>A company is running several workloads in a single AWS account. A new company policy states that engineers can provision only approved resources and that engineers must use AWS CloudFormation to provision these resources. A solutions architect needs to create a solution to enforce the new restriction on the IAM role that the engineers use for access. <br \/>\r<br>What should the solutions architect do to create the solution?<\/div><input type='hidden' name='question_id[]' id='qID_6' value='448397' \/><input type='hidden' id='answerType448397' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448397[]' id='answer-id-1734877' class='answer   answerof-448397 ' value='1734877'   \/><label for='answer-id-1734877' id='answer-label-1734877' class=' answer'><span>Upload AWS CloudFormation templates that contain approved resources to an Amazon S3 bucket. Update the IAM policy for the engineers' IAM role to only allow access to Amazon S3 and AWS CloudFormation. Use AWS CloudFormation templates to provision resources.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448397[]' id='answer-id-1734878' class='answer   answerof-448397 ' value='1734878'   \/><label for='answer-id-1734878' id='answer-label-1734878' class=' answer'><span>Update the IAM policy for the engineers' IAM role with permissions to only allow provisioning of approved resources and AWS CloudFormation. Use AWS CloudFormation templates to create stacks with approved resources.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448397[]' id='answer-id-1734879' class='answer   answerof-448397 ' value='1734879'   \/><label for='answer-id-1734879' id='answer-label-1734879' class=' answer'><span>Update the IAM policy for the engineers' IAM role with permissions to only allow AWS CloudFormation actions. Create a new IAM policy with permission to provision approved resources, and assign the policy to a new IAM service role. Assign the IAM service role to AWS CloudFormation during stack creation.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448397[]' id='answer-id-1734880' class='answer   answerof-448397 ' value='1734880'   \/><label for='answer-id-1734880' id='answer-label-1734880' class=' answer'><span>Provision resources in AWS CloudFormation stacks. Update the IAM policy for the engineers' IAM role to only allow access to their own AWS CloudFormation stack.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-7' style=';'><div id='questionWrap-7'  class='   watupro-question-id-448398'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>7. <\/span>A company uses an on-premises data analytics platform. The system is highly available in a fully redundant configuration across 12 servers in the company's data center.<br \/>\r\n<br \/>\r\nThe system runs scheduled jobs, both hourly and daily, in addition to one-time requests from users.Scheduled jobs can take between 20 minutes and 2 hours to finish running and have tight SLAs. The scheduled jobs account for 65% of the system usage. User jobs typically finish running in less than 5 minutes and have no SL<br \/>\r\nA. The user jobs account for 35% of system usage. During system failures, scheduled jobs must continue to meet SLAs. However, user jobs can be delayed.<br \/>\r\n<br \/>\r\nA solutions architect needs to move the system to Amazon EC2 instances and adopt a consumption-based model to reduce costs with no long-term commitments. The solution must maintain high availability and must not affect the SLAs.<br \/>\r\n<br \/>\r\nWhich solution will meet these requirements MOST cost-effectively?<\/div><input type='hidden' name='question_id[]' id='qID_7' value='448398' \/><input type='hidden' id='answerType448398' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448398[]' id='answer-id-1734881' class='answer   answerof-448398 ' value='1734881'   \/><label for='answer-id-1734881' id='answer-label-1734881' class=' answer'><span>Split the 12 instances across two Availability Zones in the chosen AWS Region. Run two instances in each Availability Zone as On-Demand Instances with Capacity Reservations. Run four instances in each Availability Zone as Spot Instances.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448398[]' id='answer-id-1738144' class='answer   answerof-448398 ' value='1738144'   \/><label for='answer-id-1738144' id='answer-label-1738144' class=' answer'><span>Split the 12 instances across three Availability Zones in the chosen AWS Region. In one of the Availability Zones, run all four instances as On-Demand Instances with Capacity Reservations. Run the remaining instances as Spot Instances.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448398[]' id='answer-id-1738145' class='answer   answerof-448398 ' value='1738145'   \/><label for='answer-id-1738145' id='answer-label-1738145' class=' answer'><span>Split the 12 instances across three Availability Zones in the chosen AWS Region. Run two instances in each Availability Zone as On-Demand Instances with a Savings Plan. Run two instances in each\r\n\r\nAvailability Zone as Spot Instances.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448398[]' id='answer-id-1738146' class='answer   answerof-448398 ' value='1738146'   \/><label for='answer-id-1738146' id='answer-label-1738146' class=' answer'><span>Split the 12 instances across three Availability Zones in the chosen AWS Region. Run three instances in each Availability Zone as On-Demand Instances with Capacity Reservations. Run one instance in each Availability Zone as a Spot Instance.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-8' style=';'><div id='questionWrap-8'  class='   watupro-question-id-448399'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>8. <\/span>A company has an organization in AWS Organizations that has a large number of AWS accounts. One of the AWS accounts is designated as a transit account and has a transit gateway that is shared with all of the other AWS accounts AWS Site-to-Site VPN connections are configured between ail of the company's global offices and the transit account The company has AWS Config enabled on all of its accounts. <br \/>\r<br>The company's networking team needs to centrally manage a list of internal IP address ranges thatbelong to the global offices Developers Will reference this list to gain access to applications securely. <br \/>\r<br>Which solution meets these requirements with the LEAST amount of operational overhead?<\/div><input type='hidden' name='question_id[]' id='qID_8' value='448399' \/><input type='hidden' id='answerType448399' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448399[]' id='answer-id-1734882' class='answer   answerof-448399 ' value='1734882'   \/><label for='answer-id-1734882' id='answer-label-1734882' class=' answer'><span>Create a JSON file that is hosted in Amazon S3 and that lists all of the internal IP address ranges Configure an Amazon Simple Notification Service (Amazon SNS) topic in each of the accounts that can be involved when the JSON file is updated. Subscribe an AWS Lambda function to the SNS topic to update all relevant security group rules with Vie updated IP address ranges.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448399[]' id='answer-id-1734883' class='answer   answerof-448399 ' value='1734883'   \/><label for='answer-id-1734883' id='answer-label-1734883' class=' answer'><span>Create a new AWS Config managed rule that contains all of the internal IP address ranges Use the rule to check the security groups in each of the accounts to ensure compliance with the list of IP address ranges. Configure the rule to automatically remediate any noncompliant security group that is detected.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448399[]' id='answer-id-1734884' class='answer   answerof-448399 ' value='1734884'   \/><label for='answer-id-1734884' id='answer-label-1734884' class=' answer'><span>In the transit account, create a VPC prefix list with all of the internal IP address ranges. Use AWS Resource Access Manager to share the prefix list with all of the other accounts. Use the shared prefix list to configure security group rules is the other accounts.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448399[]' id='answer-id-1734885' class='answer   answerof-448399 ' value='1734885'   \/><label for='answer-id-1734885' id='answer-label-1734885' class=' answer'><span>In the transit account create a security group with all of the internal IP address ranges. Configure the security groups in me other accounts to reference the transit account's securitygroup by using a nested security group reference of *&lt;transit-account-id&gt;.\/sg-1a2b3c4d&quot;.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-9' style=';'><div id='questionWrap-9'  class='   watupro-question-id-448400'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>9. <\/span>A company that has multiple AWS accounts is using AWS Organizations. The company\u2019s AWS accounts host VPCs, Amazon EC2 instances, and containers. <br \/>\r<br>The company\u2019s compliance team has deployed a security tool in each VPC where the company has deployments. The security tools run on EC2 instances and send information to the AWS account that is dedicated for the compliance team. The company has tagged all the compliance-related resources with a key of \u201ccostCenter\u201d and a value or \u201ccompliance\u201d. <br \/>\r<br>The company wants to identify the cost of the security tools that are running on the EC2 instances so that the company can charge the compliance team\u2019s AWS account. The cost calculation must be as accurate as possible. <br \/>\r<br>What should a solutions architect do to meet these requirements?<\/div><input type='hidden' name='question_id[]' id='qID_9' value='448400' \/><input type='hidden' id='answerType448400' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448400[]' id='answer-id-1734886' class='answer   answerof-448400 ' value='1734886'   \/><label for='answer-id-1734886' id='answer-label-1734886' class=' answer'><span>In the management account of the organization, activate the costCenter user-defined tag. Configure monthly AWS Cost and Usage Reports to save to an Amazon S3 bucket in the management account. Use the tag breakdown in the report to obtain the total cost for the costCenter tagged resources.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448400[]' id='answer-id-1734887' class='answer   answerof-448400 ' value='1734887'   \/><label for='answer-id-1734887' id='answer-label-1734887' class=' answer'><span>In the member accounts of the organization, activate the costCenter user-defined tag. Configure monthly AWS Cost and Usage Reports to save to an Amazon S3 bucket in the management account. Schedule a monthly AWS Lambda function to retrieve the reports and calculate the total cost for the costCenter tagged resources.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448400[]' id='answer-id-1734888' class='answer   answerof-448400 ' value='1734888'   \/><label for='answer-id-1734888' id='answer-label-1734888' class=' answer'><span>In the member accounts of the organization activate the costCenter user-defined tag. From the management account, schedule a monthly AWS Cost and Usage Report. Use the tag breakdown in the report to calculate the total cost for the costCenter tagged resources.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448400[]' id='answer-id-1734889' class='answer   answerof-448400 ' value='1734889'   \/><label for='answer-id-1734889' id='answer-label-1734889' class=' answer'><span>Create a custom report in the organization view in AWS Trusted Advisor. Configure the report to generate a monthly billing summary for the costCenter tagged resources in the compliance team\u2019s AWS account.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-10' style=';'><div id='questionWrap-10'  class='   watupro-question-id-448401'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>10. <\/span>A company manages multiple AWS accounts by using AWS Organizations. Under the root OU. the company has two OUs: Research and DataOps. <br \/>\r<br>Because of regulatory requirements, all resources that the company deploys in the organizationmust reside in the ap-northeast-1 Region. Additionally. EC2 instances that the company deploys in the DataOps OU must use a predefined list of instance types <br \/>\r<br>A solutions architect must implement a solution that applies these restrictions. The solution must maximize operational efficiency and must minimize ongoing maintenance Which combination of steps will meet these requirements? (Select TWO )<\/div><input type='hidden' name='question_id[]' id='qID_10' value='448401' \/><input type='hidden' id='answerType448401' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448401[]' id='answer-id-1734890' class='answer   answerof-448401 ' value='1734890'   \/><label for='answer-id-1734890' id='answer-label-1734890' class=' answer'><span>Create an IAM role in one account under the DataOps OU Use the ec2 Instance Type condition key in an inline policy on the role to restrict access to specific instance types.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448401[]' id='answer-id-1734891' class='answer   answerof-448401 ' value='1734891'   \/><label for='answer-id-1734891' id='answer-label-1734891' class=' answer'><span>Create an IAM user in all accounts under the root OU Use the aws RequestedRegion condition key in an inline policy on each user to restrict access to all AWS Regions except ap-northeast-1.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448401[]' id='answer-id-1734892' class='answer   answerof-448401 ' value='1734892'   \/><label for='answer-id-1734892' id='answer-label-1734892' class=' answer'><span>Create an SCP Use the aws:RequestedRegion condition key to restrict access to all AWS Regions except ap-northeast-1 Apply the SCP to the root O<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448401[]' id='answer-id-1734893' class='answer   answerof-448401 ' value='1734893'   \/><label for='answer-id-1734893' id='answer-label-1734893' class=' answer'><span>Create an SCP Use the ec2Reo&raquo;on condition key to restrict access to all AWS Regions except ap-northeast-1. Apply the SCP to the root O<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448401[]' id='answer-id-1734894' class='answer   answerof-448401 ' value='1734894'   \/><label for='answer-id-1734894' id='answer-label-1734894' class=' answer'><span>the DataOps O<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448401[]' id='answer-id-1734895' class='answer   answerof-448401 ' value='1734895'   \/><label for='answer-id-1734895' id='answer-label-1734895' class=' answer'><span>and the Research O<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448401[]' id='answer-id-1734896' class='answer   answerof-448401 ' value='1734896'   \/><label for='answer-id-1734896' id='answer-label-1734896' class=' answer'><span>Create an SCP Use the ec2:lnstanceType condition key to restrict access to specific instance types Apply the SCP to the DataOps O<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-11' style=';'><div id='questionWrap-11'  class='   watupro-question-id-448402'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>11. <\/span>A company with global offices has a single 1 Gbps AWS Direct Connect connection to a single AWS Region. The company's on-premises network uses the connection to communicate with the company's resources in the AWS Cloud. The connection has a single private virtual interface that connects to a single VPC. <br \/>\r<br>A solutions architect must implement a solution that adds a redundant Direct Connect connection in the same Region. The solution also must provide connectivity to other Regions through the same pair of Direct Connect connections as the company expands into other Regions. <br \/>\r<br>Which solution meets these requirements?<\/div><input type='hidden' name='question_id[]' id='qID_11' value='448402' \/><input type='hidden' id='answerType448402' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448402[]' id='answer-id-1734897' class='answer   answerof-448402 ' value='1734897'   \/><label for='answer-id-1734897' id='answer-label-1734897' class=' answer'><span>Provision a Direct Connect gateway. Delete the existing private virtual interface from the existing connection. Create the second Direct Connect connection. Create a new private virtual interlace on each connection, and connect both private victual interfaces to the Direct Connect gateway. Connect the Direct Connect gateway to the single VP<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448402[]' id='answer-id-1734898' class='answer   answerof-448402 ' value='1734898'   \/><label for='answer-id-1734898' id='answer-label-1734898' class=' answer'><span>Keep the existing private virtual interface. Create the second Direct Connect connection. Create a new private virtual interface on the new connection, and connect the new private virtual interface to the single VP<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448402[]' id='answer-id-1734899' class='answer   answerof-448402 ' value='1734899'   \/><label for='answer-id-1734899' id='answer-label-1734899' class=' answer'><span>Keep the existing private virtual interface. Create the second Direct Connect connection. Create a new public virtual interface on the new connection, and connect the new public virtual interface to the single VP<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448402[]' id='answer-id-1734900' class='answer   answerof-448402 ' value='1734900'   \/><label for='answer-id-1734900' id='answer-label-1734900' class=' answer'><span>Provision a transit gateway. Delete the existing private virtual interface from the existing connection. Create the second Direct Connect connection. Create a new private virtual interface on each connection, and connect both private virtual interfaces to the transit gateway. Associate the transit gateway with the single VP<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-12' style=';'><div id='questionWrap-12'  class='   watupro-question-id-448403'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>12. <\/span>A company is planning to migrate 1,000 on-premises servers to AWS. The servers run on several VMware clusters in the company\u2019s data center. As part of the migration plan, the company wants to gather server metrics such as CPU details, RAM usage, operating system information, and running processes. The company then wants to query and analyze the data. <br \/>\r<br>Which solution will meet these requirements?<\/div><input type='hidden' name='question_id[]' id='qID_12' value='448403' \/><input type='hidden' id='answerType448403' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448403[]' id='answer-id-1734901' class='answer   answerof-448403 ' value='1734901'   \/><label for='answer-id-1734901' id='answer-label-1734901' class=' answer'><span>Deploy and configure the AWS Agentless Discovery Connector virtual appliance on the on-premises hosts. Configure Data Exploration in AWS Migration Hub. Use AWS Glue to perform an ETL job against the data. Query the data by using Amazon S3 Select.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448403[]' id='answer-id-1734902' class='answer   answerof-448403 ' value='1734902'   \/><label for='answer-id-1734902' id='answer-label-1734902' class=' answer'><span>Export only the VM performance information from the on-premises hosts. Directly import the required data into AWS Migration Hub. Update any missing information in Migration Hub. Query the data by using Amazon QuickSight.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448403[]' id='answer-id-1734903' class='answer   answerof-448403 ' value='1734903'   \/><label for='answer-id-1734903' id='answer-label-1734903' class=' answer'><span>Create a script to automatically gather the server information from the on-premises hosts. Use the AWS CLI to run the put-resource-attributes command to store the detailed server data in AWS Migration Hub. Query the data directly in the Migration Hub console.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448403[]' id='answer-id-1734904' class='answer   answerof-448403 ' value='1734904'   \/><label for='answer-id-1734904' id='answer-label-1734904' class=' answer'><span>Deploy the AWS Application Discovery Agent to each on-premises server. Configure Data Exploration in AWS Migration Hub. Use Amazon Athena to run predefined queries against the data in Amazon S3.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-13' style=';'><div id='questionWrap-13'  class='   watupro-question-id-448404'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>13. <\/span>A company has an on-premises monitoring solution using a PostgreSQL database for persistence of events. The database is unable to scale due to heavy ingestion and it frequently runs out of storage. The company wants to create a hybrid solution and has already set up a VPN connection between its network and AWS. The solution should include the following attributes: <br \/>\r<br>&#8226; Managed AWS services to minimize operational complexity <br \/>\r<br>&#8226; A buffer that automatically scales to match the throughput of data and requires no on-going administration. <br \/>\r<br>&#8226; A visualization toot to create dashboards to observe events in near-real time. <br \/>\r<br>&#8226; Support for semi -structured JSON data and dynamic schemas. <br \/>\r<br>Which combination of components will enabled&copy; company to create a monitoring solution that will satisfy these requirements'' (Select TWO.)<\/div><input type='hidden' name='question_id[]' id='qID_13' value='448404' \/><input type='hidden' id='answerType448404' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448404[]' id='answer-id-1734905' class='answer   answerof-448404 ' value='1734905'   \/><label for='answer-id-1734905' id='answer-label-1734905' class=' answer'><span>Use Amazon Kinesis Data Firehose to buffer events Create an AWS Lambda function 10 process and transform events<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448404[]' id='answer-id-1734906' class='answer   answerof-448404 ' value='1734906'   \/><label for='answer-id-1734906' id='answer-label-1734906' class=' answer'><span>Create an Amazon Kinesis data stream to buffer events Create an AWS Lambda function to process and transform evens<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448404[]' id='answer-id-1734907' class='answer   answerof-448404 ' value='1734907'   \/><label for='answer-id-1734907' id='answer-label-1734907' class=' answer'><span>Configure an Amazon Aurora PostgreSQL DB cluster to receive events Use Amazon Quick Sight to read from the database and create near-real-time visualizations and dashboards<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448404[]' id='answer-id-1734908' class='answer   answerof-448404 ' value='1734908'   \/><label for='answer-id-1734908' id='answer-label-1734908' class=' answer'><span>Configure Amazon Elasticsearch Service (Amazon ES) to receive events Use the Kibana endpoint deployed with Amazon ES to create near-real-time visualizations and dashboards.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448404[]' id='answer-id-1734909' class='answer   answerof-448404 ' value='1734909'   \/><label for='answer-id-1734909' id='answer-label-1734909' class=' answer'><span>Configure an Amazon Neptune 0 DB instance to receive events Use Amazon QuickSight to read from the database and create near-real-time visualizations and dashboards<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-14' style=';'><div id='questionWrap-14'  class='   watupro-question-id-448405'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>14. <\/span>A company recently completed the migration from an on-premises data center to the AWS Cloud by using a replatforming strategy. One of the migrated servers is running a legacy Simple Mail Transfer Protocol (SMTP) service that a critical application relies upon. The application sends outbound email messages to the company\u2019s customers. The legacy SMTP server does not support TLS encryption and uses TCP port 25. The application can use SMTP only. <br \/>\r<br>The company decides to use Amazon Simple Email Service (Amazon SES) and to decommission the legacy SMTP server. The company has created and validated the SES domain. The company has lifted the SES limits. <br \/>\r<br>What should the company do to modify the application to send email messages from Amazon SES?<\/div><input type='hidden' name='question_id[]' id='qID_14' value='448405' \/><input type='hidden' id='answerType448405' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448405[]' id='answer-id-1734910' class='answer   answerof-448405 ' value='1734910'   \/><label for='answer-id-1734910' id='answer-label-1734910' class=' answer'><span>Configure the application to connect to Amazon SES by using TLS Wrapper. Create an IAM role that has ses:SendEmail and ses:SendRawEmail permissions. Attach the IAM role to an Amazon EC2 instance.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448405[]' id='answer-id-1734911' class='answer   answerof-448405 ' value='1734911'   \/><label for='answer-id-1734911' id='answer-label-1734911' class=' answer'><span>Configure the application to connect to Amazon SES by using STARTTL<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448405[]' id='answer-id-1734912' class='answer   answerof-448405 ' value='1734912'   \/><label for='answer-id-1734912' id='answer-label-1734912' class=' answer'><span>Obtain Amazon SES SMTP credentials. Use the credentials to authenticate with Amazon SE<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448405[]' id='answer-id-1734913' class='answer   answerof-448405 ' value='1734913'   \/><label for='answer-id-1734913' id='answer-label-1734913' class=' answer'><span>Configure the application to use the SES API to send email messages. Create an IAM role that has ses:SendEmail and ses:SendRawEmail permissions. Use the IAM role as a service role for Amazon SE<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448405[]' id='answer-id-1734914' class='answer   answerof-448405 ' value='1734914'   \/><label for='answer-id-1734914' id='answer-label-1734914' class=' answer'><span>Configure the application to use AWS SDKs to send email messages. Create an IAM user for Amazon SE<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448405[]' id='answer-id-1734915' class='answer   answerof-448405 ' value='1734915'   \/><label for='answer-id-1734915' id='answer-label-1734915' class=' answer'><span>Generate API access keys. Use the access keys to authenticate with Amazon SE<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-15' style=';'><div id='questionWrap-15'  class='   watupro-question-id-448406'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>15. <\/span>The company needs to determine which costs on the monthly AWS bill are attributable to each application or team. The company also must be able to create reports to compare costs from the last 12 months and to help forecast costs for the next 12 months. A solutions architect must recommend an AWS Billing and Cost Management solution that provides these cost reports. <br \/>\r<br>Which combination of actions will meet these requirements? (Select THREE.)<\/div><input type='hidden' name='question_id[]' id='qID_15' value='448406' \/><input type='hidden' id='answerType448406' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448406[]' id='answer-id-1734916' class='answer   answerof-448406 ' value='1734916'   \/><label for='answer-id-1734916' id='answer-label-1734916' class=' answer'><span>Activate the user-defined cost allocation tags that represent the application and the team.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448406[]' id='answer-id-1734917' class='answer   answerof-448406 ' value='1734917'   \/><label for='answer-id-1734917' id='answer-label-1734917' class=' answer'><span>Activate the AWS generated cost allocation tags that represent the application and the team.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448406[]' id='answer-id-1734918' class='answer   answerof-448406 ' value='1734918'   \/><label for='answer-id-1734918' id='answer-label-1734918' class=' answer'><span>Create a cost category for each application in Billing and Cost Management.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448406[]' id='answer-id-1734919' class='answer   answerof-448406 ' value='1734919'   \/><label for='answer-id-1734919' id='answer-label-1734919' class=' answer'><span>Activate IAM access to Billing and Cost Management.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448406[]' id='answer-id-1734920' class='answer   answerof-448406 ' value='1734920'   \/><label for='answer-id-1734920' id='answer-label-1734920' class=' answer'><span>Create a cost budget.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448406[]' id='answer-id-1734921' class='answer   answerof-448406 ' value='1734921'   \/><label for='answer-id-1734921' id='answer-label-1734921' class=' answer'><span>Enable Cost Explorer.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-16' style=';'><div id='questionWrap-16'  class='   watupro-question-id-448407'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>16. <\/span>A company has a web application that allows users to upload short videos. The videos are stored on Amazon EBS volumes and analyzed by custom recognition software for categorization. <br \/>\r<br>The website contains stat c content that has variable traffic with peaks in certain months. The architecture consists of Amazon EC2 instances running in an Auto Scaling group for the web application and EC2 instances running in an Auto Scaling group to process an Amazon SQS queue The company wants to re-architect the application to reduce operational overhead using AWS managed services where possible and remove dependencies on third-party software. <br \/>\r<br>Which solution meets these requirements?<\/div><input type='hidden' name='question_id[]' id='qID_16' value='448407' \/><input type='hidden' id='answerType448407' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448407[]' id='answer-id-1734922' class='answer   answerof-448407 ' value='1734922'   \/><label for='answer-id-1734922' id='answer-label-1734922' class=' answer'><span>Use Amazon ECS containers for the web application and Spot Instances for the Auto Scaling group that processes the SQS queue. Replace the custom software with Amazon Recognition to categorize the videos.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448407[]' id='answer-id-1734923' class='answer   answerof-448407 ' value='1734923'   \/><label for='answer-id-1734923' id='answer-label-1734923' class=' answer'><span>Store the uploaded videos n Amazon EFS and mount the file system to the EC2 instances for Te web application. Process the SOS queue with an AWS Lambda function that calls the Amazon Rekognition API to categorize the videos.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448407[]' id='answer-id-1734924' class='answer   answerof-448407 ' value='1734924'   \/><label for='answer-id-1734924' id='answer-label-1734924' class=' answer'><span>Host the web application in Amazon S3. Store the uploaded videos in Amazon S3. Use S3 event notifications to publish events to the SQS queue Process the SQS queue with an AWS Lambda function that calls the Amazon Rekognition API to categorize the videos.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448407[]' id='answer-id-1734925' class='answer   answerof-448407 ' value='1734925'   \/><label for='answer-id-1734925' id='answer-label-1734925' class=' answer'><span>Use AWS Elastic Beanstalk to launch EC2 instances in an Auto Scaling group for the web application and launch a worker environment to process the SQS queue Replace the custom software with Amazon Rekognition to categorize the videos.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-17' style=';'><div id='questionWrap-17'  class='   watupro-question-id-448408'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>17. <\/span>A solutions architect must analyze a company's Amazon EC2 Instances and Amazon Elastic Block Store (Amazon EBS) volumes to determine whether the company is using resources efficiently The company is running several large, high-memory EC2 instances lo host database dusters that are deployed in active\/passive configurations The utilization of these EC2 instances varies by the applications that use the databases, and the company has not identified a pattern <br \/>\r<br>The solutions architect must analyze the environment and take action based on the findings. <br \/>\r<br>Which solution meets these requirements MOST cost-effectively?<\/div><input type='hidden' name='question_id[]' id='qID_17' value='448408' \/><input type='hidden' id='answerType448408' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448408[]' id='answer-id-1734926' class='answer   answerof-448408 ' value='1734926'   \/><label for='answer-id-1734926' id='answer-label-1734926' class=' answer'><span>Create a dashboard by using AWS Systems Manager OpsConter Configure visualizations tor Amazon CloudWatch metrics that are associated with the EC2 instances and their EBS volumes Review the dashboard periodically and identify usage patterns Right size the EC2 instances based on the peaks in the metrics<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448408[]' id='answer-id-1734927' class='answer   answerof-448408 ' value='1734927'   \/><label for='answer-id-1734927' id='answer-label-1734927' class=' answer'><span>Turn on Amazon CloudWatch detailed monitoring for the EC2 instances and their EBS volumes Create and review a dashboard that is based on the metrics Identify usage patterns Right size the FC? instances based on the peaks In the metrics<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448408[]' id='answer-id-1734928' class='answer   answerof-448408 ' value='1734928'   \/><label for='answer-id-1734928' id='answer-label-1734928' class=' answer'><span>Install the Amazon CloudWatch agent on each of the EC2 Instances Turn on AWS Compute Optimizer, and let it run for at least 12 hours Review the recommendations from Compute Optimizer, and right size the EC2 instances as directed<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448408[]' id='answer-id-1734929' class='answer   answerof-448408 ' value='1734929'   \/><label for='answer-id-1734929' id='answer-label-1734929' class=' answer'><span>Sign up for the AWS Enterprise Support plan Turn on AWS Trusted Advisor Wait 12 hours Review the recommendations from Trusted Advisor, and rightsize the EC2 instances as directed<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-18' style=';'><div id='questionWrap-18'  class='   watupro-question-id-448409'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>18. <\/span>A company has developed a web application. The company is hosting the application on a group of Amazon EC2 instances behind an Application Load Balancer. The company wants to improve the security posture of the application and plans to use AWS WAF web ACLs. The solution must not adversely affect legitimate traffic to the application. <br \/>\r<br>How should a solutions architect configure the web ACLs to meet these requirements?<\/div><input type='hidden' name='question_id[]' id='qID_18' value='448409' \/><input type='hidden' id='answerType448409' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448409[]' id='answer-id-1734930' class='answer   answerof-448409 ' value='1734930'   \/><label for='answer-id-1734930' id='answer-label-1734930' class=' answer'><span>Set the action of the web ACL rules to Count. Enable AWS WAF logging Analyze the requests for false positives Modify the rules to avoid any false positive Over time change the action of the web ACL rules from Count to Block.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448409[]' id='answer-id-1734931' class='answer   answerof-448409 ' value='1734931'   \/><label for='answer-id-1734931' id='answer-label-1734931' class=' answer'><span>Use only rate-based rules in the web ACLs. and set the throttle limit as high as possible Temporarily block all requests that exceed the limit. Define nested rules to narrow the scope of the rate tracking.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448409[]' id='answer-id-1734932' class='answer   answerof-448409 ' value='1734932'   \/><label for='answer-id-1734932' id='answer-label-1734932' class=' answer'><span>Set the action o' the web ACL rules to Block. Use only AWS managed rule groups in the web ACLs Evaluate the rule groups by using Amazon CloudWatch metrics with AWS WAF sampled requests or AWS WAF logs.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448409[]' id='answer-id-1734933' class='answer   answerof-448409 ' value='1734933'   \/><label for='answer-id-1734933' id='answer-label-1734933' class=' answer'><span>Use only custom rule groups in the web ACLs. and set the action to Allow Enable AWS WAF logging Analyze the requests tor false positives Modify the rules to avoid any false positive Over time, change the action of the web ACL rules from Allow to Block.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-19' style=';'><div id='questionWrap-19'  class='   watupro-question-id-448410'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>19. <\/span>A publishing company's design team updates the icons and other static assets that an ecommerce web application uses. The company serves the icons and assets from an Amazon S3 bucket that is hosted in the company's production account. The company also uses a development account that members of the design team canaccess.<br \/>\r\n<br \/>\r\nAfter the design team tests the static assets in the development account, the design team needs to load the assets into the S3 bucket in the production account. A solutions architect must provide the design team with access to the production account without exposing other parts of the web application to the risk of unwanted changes.<br \/>\r\n<br \/>\r\nWhich combination of steps will meet these requirements? (Select THREE.)<\/div><input type='hidden' name='question_id[]' id='qID_19' value='448410' \/><input type='hidden' id='answerType448410' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448410[]' id='answer-id-1734934' class='answer   answerof-448410 ' value='1734934'   \/><label for='answer-id-1734934' id='answer-label-1734934' class=' answer'><span>In the production account, create a new IAM policy that allows read and write access to the S3 bucket.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448410[]' id='answer-id-1738147' class='answer   answerof-448410 ' value='1738147'   \/><label for='answer-id-1738147' id='answer-label-1738147' class=' answer'><span>In the development account, create a new IAM policy that allows read and write access to the S3 bucket.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448410[]' id='answer-id-1738148' class='answer   answerof-448410 ' value='1738148'   \/><label for='answer-id-1738148' id='answer-label-1738148' class=' answer'><span>In the production account, create a role. Attach the new policy to the role. Define the development account as a trusted entity.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448410[]' id='answer-id-1738149' class='answer   answerof-448410 ' value='1738149'   \/><label for='answer-id-1738149' id='answer-label-1738149' class=' answer'><span>In the development account, create a role. Attach the new policy to the role. Define the production account as a trusted entity.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448410[]' id='answer-id-1738150' class='answer   answerof-448410 ' value='1738150'   \/><label for='answer-id-1738150' id='answer-label-1738150' class=' answer'><span>In the development account, create a group that contains all the IAM users of the design team. Attach a different IAM policy to the group to allow the sts:AssumeRole action on the role in the production account.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448410[]' id='answer-id-1738151' class='answer   answerof-448410 ' value='1738151'   \/><label for='answer-id-1738151' id='answer-label-1738151' class=' answer'><span>In the development account, create a group that contains all tfje IAM users of the design team. Attach a different IAM policy to the group to allow the sts;AssumeRole action on the role in the development account.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-20' style=';'><div id='questionWrap-20'  class='   watupro-question-id-448411'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>20. <\/span>A retail company has an on-premises data center in Europe. The company also has a multi-Region AWS presence that includes the eu-west-1 and us-east-1 Regions. The company wants to be able to route network traffic from its on-premises infrastructure into VPCs in either of those Regions. The company also needs to support traffic that is routed directly between VPCs in those Regions. No single points of failure can exist on the network. <br \/>\r<br>The company already has created two 1 Gbps AWS Direct Connect connections from its on-premises data center. Each connection goes into a separate Direct Connect location in Europe for high availability. These two locations are named DX-A and DX-B, respectively. Each Region has a single AWS Transit Gateway that is configured to route all inter-VPC traffic within that Region. <br \/>\r<br>Which solution will meet these requirements?<\/div><input type='hidden' name='question_id[]' id='qID_20' value='448411' \/><input type='hidden' id='answerType448411' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448411[]' id='answer-id-1734935' class='answer   answerof-448411 ' value='1734935'   \/><label for='answer-id-1734935' id='answer-label-1734935' class=' answer'><span>Create a private VIF from the DX-A connection into a Direct Connect gateway. Create a private VIF from the DX-B connection into the same Direct Connect gateway for high availability. Associate both the eu-west-1 and us-east-1 transit gateways with the Direct Connect gateway. Peer the transit gateways with each other to support cross-Region routing.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448411[]' id='answer-id-1734936' class='answer   answerof-448411 ' value='1734936'   \/><label for='answer-id-1734936' id='answer-label-1734936' class=' answer'><span>Create a transit VIF from the DX-A connection into a Direct Connect gateway. Associate the eu-west-1 transit gateway with this Direct Connect gateway. Create a transit VIF from the DX-B connection into a separate Direct Connect gateway. Associate the us-east-1 transit gateway with this separate Direct Connect gateway. Peer the Direct Connect gateways with each other to support high availability and cross-Region routing.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448411[]' id='answer-id-1734937' class='answer   answerof-448411 ' value='1734937'   \/><label for='answer-id-1734937' id='answer-label-1734937' class=' answer'><span>Create a transit VIF from the DX-A connection into a Direct Connect gateway. Create a transit VIF from the DX-B connection into the same Direct Connect gateway for high availability. Associate both the eu-west-1 and us-east-1 transit gateways with this Direct Connect gateway. Configure the Direct Connect gateway to route traffic between the transit gateways.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448411[]' id='answer-id-1734938' class='answer   answerof-448411 ' value='1734938'   \/><label for='answer-id-1734938' id='answer-label-1734938' class=' answer'><span>Create a transit VIF from the DX-A connection into a Direct Connect gateway. Create a transit VIF from the DX-B connection into the same Direct Connect gateway for high availability. Associate both the eu-west-1 and us-east-1 transit gateways with this Direct Connect gateway. Peer the transit gateways with each other to support cross-Region routing.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-21' style=';'><div id='questionWrap-21'  class='   watupro-question-id-448412'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>21. <\/span>A company is migrating some of its applications to AWS. The company wants to migrate and modernize the applications quickly after it finalizes networking and security strategies. The company has set up an AWS Direct Connection connection in a central network account. <br \/>\r<br>The company expects to have hundreds of AWS accounts and VPCs in the near future. The corporate network must be able to access the resources on AWS seamlessly and also must be able to communicate with all the VPCs. The company also wants to route its cloud resources to the internet through its on-premises data center. <br \/>\r<br>Which combination of steps will meet these requirements? (Choose three.)<\/div><input type='hidden' name='question_id[]' id='qID_21' value='448412' \/><input type='hidden' id='answerType448412' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448412[]' id='answer-id-1734939' class='answer   answerof-448412 ' value='1734939'   \/><label for='answer-id-1734939' id='answer-label-1734939' class=' answer'><span>Create a Direct Connect gateway in the central account. In each of the accounts, create an association proposal by using the Direct Connect gateway and the account ID for every virtual private gateway.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448412[]' id='answer-id-1734940' class='answer   answerof-448412 ' value='1734940'   \/><label for='answer-id-1734940' id='answer-label-1734940' class=' answer'><span>Create a Direct Connect gateway and a transit gateway in the central network account. Attach the transit gateway to the Direct Connect gateway by using a transit VI<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448412[]' id='answer-id-1734941' class='answer   answerof-448412 ' value='1734941'   \/><label for='answer-id-1734941' id='answer-label-1734941' class=' answer'><span>Provision an internet gateway. Attach the internet gateway to subnets. Allow internet traffic through the gateway.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448412[]' id='answer-id-1734942' class='answer   answerof-448412 ' value='1734942'   \/><label for='answer-id-1734942' id='answer-label-1734942' class=' answer'><span>Share the transit gateway with other accounts. Attach VPCs to the transit gateway.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448412[]' id='answer-id-1734943' class='answer   answerof-448412 ' value='1734943'   \/><label for='answer-id-1734943' id='answer-label-1734943' class=' answer'><span>Provision VPC peering as necessary.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448412[]' id='answer-id-1734944' class='answer   answerof-448412 ' value='1734944'   \/><label for='answer-id-1734944' id='answer-label-1734944' class=' answer'><span>Provision only private subnets. Open the necessary route on the transit gateway and customergateway to allow outbound internet traffic from AWS to flow through NAT services that run in the data center.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-22' style=';'><div id='questionWrap-22'  class='   watupro-question-id-448413'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>22. <\/span>A company with several AWS accounts is using AWS Organizations and service control policies (SCPs). An Administrator created the following SCP and has attached it to an organizational unit (OU) that contains AWS account 1111-1111-1111: <br \/>\r<br><br><img decoding=\"async\" width=365 height=328 id=\"\u56fe\u7247 8\" src=\"https:\/\/www.dumpsbase.com\/freedumps\/wp-content\/uploads\/2026\/01\/image002.png\"><br><br \/>\r<br>Developers working in account 1111-1111-1111 complain that they cannot create Amazon S3 buckets. <br \/>\r<br>How should the Administrator address this problem?<\/div><input type='hidden' name='question_id[]' id='qID_22' value='448413' \/><input type='hidden' id='answerType448413' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448413[]' id='answer-id-1734945' class='answer   answerof-448413 ' value='1734945'   \/><label for='answer-id-1734945' id='answer-label-1734945' class=' answer'><span>Add s3:CreateBucket with&#1490;Allow&#1490; effect to the SC<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448413[]' id='answer-id-1734946' class='answer   answerof-448413 ' value='1734946'   \/><label for='answer-id-1734946' id='answer-label-1734946' class=' answer'><span>Remove the account from the OU, and attach the SCP directly to account 1111-1111-1111.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448413[]' id='answer-id-1734947' class='answer   answerof-448413 ' value='1734947'   \/><label for='answer-id-1734947' id='answer-label-1734947' class=' answer'><span>Instruct the Developers to add Amazon S3 permissions to their IAM entities.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448413[]' id='answer-id-1734948' class='answer   answerof-448413 ' value='1734948'   \/><label for='answer-id-1734948' id='answer-label-1734948' class=' answer'><span>Remove the SCP from account 1111-1111-1111.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-23' style=';'><div id='questionWrap-23'  class='   watupro-question-id-448414'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>23. <\/span>A company is storing data on premises on a Windows file server. The company produces 5 GB of new data daily. <br \/>\r<br>The company migrated part of its Windows-based workload to AWS and needs the data to be available on a file system in the cloud. The company already has established an AWS Direct Connect connection between the on-premises network and AWS. <br \/>\r<br>Which data migration strategy should the company use?<\/div><input type='hidden' name='question_id[]' id='qID_23' value='448414' \/><input type='hidden' id='answerType448414' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448414[]' id='answer-id-1734949' class='answer   answerof-448414 ' value='1734949'   \/><label for='answer-id-1734949' id='answer-label-1734949' class=' answer'><span>Use the file gateway option in AWS Storage Gateway to replace the existing Windows file server, and point the existing file share to the new file gateway.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448414[]' id='answer-id-1734950' class='answer   answerof-448414 ' value='1734950'   \/><label for='answer-id-1734950' id='answer-label-1734950' class=' answer'><span>Use AWS DataSync to schedule a daily task to replicate data between the on-premises Windows file server and Amazon FSx.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448414[]' id='answer-id-1734951' class='answer   answerof-448414 ' value='1734951'   \/><label for='answer-id-1734951' id='answer-label-1734951' class=' answer'><span>Use AWS Data Pipeline to schedule a daily task to replicate data between the on-premises Windows file server and Amazon Elastic File System (Amazon EFS).<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448414[]' id='answer-id-1734952' class='answer   answerof-448414 ' value='1734952'   \/><label for='answer-id-1734952' id='answer-label-1734952' class=' answer'><span>Use AWS DataSync to schedule a daily task lo replicate data between the on-premises Windows file server and Amazon Elastic File System (Amazon EFS),<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-24' style=';'><div id='questionWrap-24'  class='   watupro-question-id-448415'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>24. <\/span>A company has many AWS accounts and uses AWS Organizations to manage all of them. A solutions architect must implement a solution that the company can use to share a common network across multiple accounts. <br \/>\r<br>The company's infrastructure team has a dedicated infrastructure account that has a VPC. The infrastructure team must use this account to manage the network. Individual accounts cannot have the ability to manage their own networks. However, individual accounts must be able to create AWS resources within subnets. <br \/>\r<br>Which combination of actions should the solutions architect perform to meet these requirements? (Select TWO.)<\/div><input type='hidden' name='question_id[]' id='qID_24' value='448415' \/><input type='hidden' id='answerType448415' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448415[]' id='answer-id-1734953' class='answer   answerof-448415 ' value='1734953'   \/><label for='answer-id-1734953' id='answer-label-1734953' class=' answer'><span>Create a transit gateway in the infrastructure account.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448415[]' id='answer-id-1734954' class='answer   answerof-448415 ' value='1734954'   \/><label for='answer-id-1734954' id='answer-label-1734954' class=' answer'><span>Enable resource sharing from the AWS Organizations management account.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448415[]' id='answer-id-1734955' class='answer   answerof-448415 ' value='1734955'   \/><label for='answer-id-1734955' id='answer-label-1734955' class=' answer'><span>Create VPCs in each AWS account within the organization in AWS Organizations. Configure the VPCs to share the same CIDR range and subnets as the VPC in the infrastructure account. Peer the \r\nVPCs in each individual account with the VPC in the infrastructure account,<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448415[]' id='answer-id-1734956' class='answer   answerof-448415 ' value='1734956'   \/><label for='answer-id-1734956' id='answer-label-1734956' class=' answer'><span>Create a resource share in AWS Resource Access Manager in the infrastructure account. Select the specific AWS Organizations OU that will use the shared network. Select each subnet to associate with the resource share.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448415[]' id='answer-id-1734957' class='answer   answerof-448415 ' value='1734957'   \/><label for='answer-id-1734957' id='answer-label-1734957' class=' answer'><span>Create a resource share in AWS Resource Access Manager in the infrastructure account. Select the specific AWS Organizations OU that will use the shared network. Select each prefix list to associate with the resource share.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-25' style=';'><div id='questionWrap-25'  class='   watupro-question-id-448416'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>25. <\/span>A company is building a serverless application that runs on an AWS Lambda function that is attached to a VPC. The company needs to integrate the application with a new service from an external provider. The external provider supports only requests that come from public IPv4 addresses that are in an allow list. <br \/>\r<br>The company must provide a single public IP address to the external provider before the application can start using the new service. <br \/>\r<br>Which solution will give the application the ability to access the new service?<\/div><input type='hidden' name='question_id[]' id='qID_25' value='448416' \/><input type='hidden' id='answerType448416' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448416[]' id='answer-id-1734958' class='answer   answerof-448416 ' value='1734958'   \/><label for='answer-id-1734958' id='answer-label-1734958' class=' answer'><span>Deploy a NAT gateway. Associate an Elastic IP address with the NAT gateway. Configure the VPC to use the NAT gateway.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448416[]' id='answer-id-1734959' class='answer   answerof-448416 ' value='1734959'   \/><label for='answer-id-1734959' id='answer-label-1734959' class=' answer'><span>Deploy an egress-only internet gateway. Associate an Elastic IP address with the egress-only internet gateway. Configure the elastic network interface on the Lambda function to use the egress-only internet gateway.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448416[]' id='answer-id-1734960' class='answer   answerof-448416 ' value='1734960'   \/><label for='answer-id-1734960' id='answer-label-1734960' class=' answer'><span>Deploy an internet gateway. Associate an Elastic IP address with the internet gateway. Configure the Lambda function to use the internet gateway.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448416[]' id='answer-id-1734961' class='answer   answerof-448416 ' value='1734961'   \/><label for='answer-id-1734961' id='answer-label-1734961' class=' answer'><span>Deploy an internet gateway. Associate an Elastic IP address with the internet gateway. Configure the default route in the public VPC route table to use the internet gateway.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-26' style=';'><div id='questionWrap-26'  class='   watupro-question-id-448417'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>26. <\/span>A company wants to migrate an application to Amazon EC2 from VMware Infrastructure that runs in an on-premises data center. A solutions architect must preserve the software and configuration settings during the migration. <br \/>\r<br>What should the solutions architect do to meet these requirements?<\/div><input type='hidden' name='question_id[]' id='qID_26' value='448417' \/><input type='hidden' id='answerType448417' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448417[]' id='answer-id-1734962' class='answer   answerof-448417 ' value='1734962'   \/><label for='answer-id-1734962' id='answer-label-1734962' class=' answer'><span>Configure the AWS DataSync agent to start replicating the data store to Amazon FSx for Windows File Server Use the SMB share to host the VMware data store. Use VM Import\/Export to move the VMs to Amazon EC2.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448417[]' id='answer-id-1734963' class='answer   answerof-448417 ' value='1734963'   \/><label for='answer-id-1734963' id='answer-label-1734963' class=' answer'><span>Use the VMware vSphere client to export the application as an image in Open Virealization Format (OVF) format Create an Amazon S3 bucket to store the image in the destination AWS Region. Create and apply an IAM role for VM Import Use the AWS CLI to run the EC2 import command.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448417[]' id='answer-id-1734964' class='answer   answerof-448417 ' value='1734964'   \/><label for='answer-id-1734964' id='answer-label-1734964' class=' answer'><span>. Configure AWS Storage Gateway for files service to export a Common Internet File System(CIFSJ share. Create a backup copy to the shared folder. Sign in to the AWS Management Console and create an AMI from the backup copy Launch an EC2 instance that is based on the AM<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448417[]' id='answer-id-1734965' class='answer   answerof-448417 ' value='1734965'   \/><label for='answer-id-1734965' id='answer-label-1734965' class=' answer'><span>Create a managed-instance activation for a hybrid environment in AWS Systems Manager. Download and install Systems Manager Agent on the on-premises VM Register the VM with Systems Manager to be a managed instance Use AWS Backup to create a snapshot of the VM and create an AM<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448417[]' id='answer-id-1734966' class='answer   answerof-448417 ' value='1734966'   \/><label for='answer-id-1734966' id='answer-label-1734966' class=' answer'><span>Launch an EC2 instance that is based on the AMI<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-27' style=';'><div id='questionWrap-27'  class='   watupro-question-id-448418'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>27. <\/span>A company is developing a new service that will be accessed using TCP on a static port A solutions architect must ensure that the service is highly available, has redundancy across Availability Zones, and is accessible using the DNS name myservice.com, which is publicly accessible The service must use fixed address assignments so other companies can add the addresses to their allow lists. <br \/>\r<br>Assuming that resources are deployed in multiple Availability Zones in a single Region, which solution will meet these requirements?<\/div><input type='hidden' name='question_id[]' id='qID_27' value='448418' \/><input type='hidden' id='answerType448418' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448418[]' id='answer-id-1734967' class='answer   answerof-448418 ' value='1734967'   \/><label for='answer-id-1734967' id='answer-label-1734967' class=' answer'><span>Create Amazon EC2 instances with an Elastic IP address for each instance Create a Network Load Balancer (NLB) and expose the static TCP port Register EC2instances with the NLB Create a new name server record set named my service com, and assign the Elastic IP addresses of the EC2 instances to the record set Provide the Elastic IP addresses of the EC2 instances to the other companies to add to their allow lists<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448418[]' id='answer-id-1734968' class='answer   answerof-448418 ' value='1734968'   \/><label for='answer-id-1734968' id='answer-label-1734968' class=' answer'><span>Create an Amazon ECS cluster and a service definition for the application Create and assign public IP addresses for the ECS cluster Create a Network Load Balancer (NLB) and expose the TCP port Create a target group and assign the ECS cluster name to the NLB Create a new A record set named my service com and assign the public IP addresses of the ECS cluster to the record set Provide the public IP addresses of the ECS cluster to the other companies to add to their allow lists<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448418[]' id='answer-id-1734969' class='answer   answerof-448418 ' value='1734969'   \/><label for='answer-id-1734969' id='answer-label-1734969' class=' answer'><span>Create Amazon EC2 instances for the service Create one Elastic IP address for each Availability Zone Create a Network Load Balancer (NLB) and expose the assigned TCP port Assign the Elastic IP addresses to the NLB for each Availability Zone Create a target group and register the EC2 instances with the NLB Create a new A (alias) record set named my service com, and assign the NLB DNS name \r\nto the record set.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448418[]' id='answer-id-1734970' class='answer   answerof-448418 ' value='1734970'   \/><label for='answer-id-1734970' id='answer-label-1734970' class=' answer'><span>Create an Amazon ECS cluster and a service definition for the application Create and assign public IP address for each host in the cluster Create an Application Load Balancer (ALB) and expose the static TCP port Create a target group and assign the ECS service definition name to the ALB Create a new CNAME record set and associate the public IP addresses to the record set Provide the Elastic IP addresses of the Amazon EC2 instances to the other companies to add to their allow lists<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-28' style=';'><div id='questionWrap-28'  class='   watupro-question-id-448419'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>28. <\/span>A company is running an application in the AWS Cloud. Recent application metrics show inconsistent response times and a significant increase in error rates. Calls to third-party services are causing the delays. Currently, the application calls third-party services synchronously by directly invoking an AWS Lambda function. <br \/>\r<br>A solutions architect needs to decouple the third-party service calls and ensure that all the calls are eventually completed. <br \/>\r<br>Which solution will meet these requirements?<\/div><input type='hidden' name='question_id[]' id='qID_28' value='448419' \/><input type='hidden' id='answerType448419' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448419[]' id='answer-id-1734971' class='answer   answerof-448419 ' value='1734971'   \/><label for='answer-id-1734971' id='answer-label-1734971' class=' answer'><span>Use an Amazon Simple Queue Service (Amazon SQS) queue to store events and invoke the Lambda function.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448419[]' id='answer-id-1734972' class='answer   answerof-448419 ' value='1734972'   \/><label for='answer-id-1734972' id='answer-label-1734972' class=' answer'><span>Use an AWS Step Functions state machine to pass events to the Lambda function.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448419[]' id='answer-id-1734973' class='answer   answerof-448419 ' value='1734973'   \/><label for='answer-id-1734973' id='answer-label-1734973' class=' answer'><span>Use an Amazon EventBridge rule to pass events to the Lambda function.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448419[]' id='answer-id-1734974' class='answer   answerof-448419 ' value='1734974'   \/><label for='answer-id-1734974' id='answer-label-1734974' class=' answer'><span>Use an Amazon Simple Notification Service (Amazon SNS) topic to store events and Invoke the Lambda function.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-29' style=';'><div id='questionWrap-29'  class='   watupro-question-id-448420'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>29. <\/span>A video processing company has an application that downloads images from an Amazon S3 bucket, processes the images, stores a transformed image in a second S3 bucket, and updates metadata about the image in an Amazon DynamoDB table. The application is written in Node.js and runs by using an AWS Lambda function. The Lambda function is invoked when a new image is uploaded to Amazon S3.<br \/>\r\n<br \/>\r\nThe application ran without incident for a while. However, the size of the images has grown significantly. The Lambda function is now failing frequently with timeout errors. The function timeout is set to its maximum value. A solutions architect needs to refactor the application\u2019s architecture to prevent invocation failures. The company does not want to manage the underlying infrastructure.<br \/>\r\n<br \/>\r\nWhich combination of steps should the solutions architect take to meet these requirements? (Choose two.)<\/div><input type='hidden' name='question_id[]' id='qID_29' value='448420' \/><input type='hidden' id='answerType448420' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448420[]' id='answer-id-1734975' class='answer   answerof-448420 ' value='1734975'   \/><label for='answer-id-1734975' id='answer-label-1734975' class=' answer'><span>Modify the application deployment by building a Docker image that contains the application code.\r\n\r\nPublish the image to Amazon Elastic Container Registry (Amazon ECR).<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448420[]' id='answer-id-1738152' class='answer   answerof-448420 ' value='1738152'   \/><label for='answer-id-1738152' id='answer-label-1738152' class=' answer'><span>Create a new Amazon Elastic Container Service (Amazon ECS) task definition with a compatibility type of AWS Fargate. Configure the task definition to use the new image in Amazon Elastic Container Registry (Amazon ECR). Adjust the Lambda function to invoke an ECS task by using the ECS task definition when a new file arrives in Amazon S3.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448420[]' id='answer-id-1738153' class='answer   answerof-448420 ' value='1738153'   \/><label for='answer-id-1738153' id='answer-label-1738153' class=' answer'><span>Create an AWS Step Functions state machine with a Parallel state to invoke the Lambda function.\r\n\r\nIncrease the provisioned concurrency of the Lambda function.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448420[]' id='answer-id-1738154' class='answer   answerof-448420 ' value='1738154'   \/><label for='answer-id-1738154' id='answer-label-1738154' class=' answer'><span>Create a new Amazon Elastic Container Service (Amazon ECS) task definition with a compatibility type of Amazon EC2. Configure the task definition to use the new image in Amazon Elastic Container Registry (Amazon ECR). Adjust the Lambda function to invoke an ECS task by using the ECS task definition when a new file arrives in Amazon S3.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448420[]' id='answer-id-1738155' class='answer   answerof-448420 ' value='1738155'   \/><label for='answer-id-1738155' id='answer-label-1738155' class=' answer'><span>Modify the application to store images on Amazon Elastic File System (Amazon EFS) and to store metadata on an Amazon RDS DB instance. Adjust the Lambda function to mount the EFS file share.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-30' style=';'><div id='questionWrap-30'  class='   watupro-question-id-448421'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>30. <\/span>A company built an application based on AWS Lambda deployed in an AWS CloudFormation stack. The last production release of the web application introduced an issue that resulted in an outage <br \/>\r<br>lasting several minutes. A solutions architect must adjust the deployment process to support a canary release. <br \/>\r<br>Which solution will meet these requirements?<\/div><input type='hidden' name='question_id[]' id='qID_30' value='448421' \/><input type='hidden' id='answerType448421' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448421[]' id='answer-id-1734976' class='answer   answerof-448421 ' value='1734976'   \/><label for='answer-id-1734976' id='answer-label-1734976' class=' answer'><span>Create an alias for every new deployed version of the Lambda function. Use the AWS CLIupdate-alias command with the routing-config parameter to distribute the load.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448421[]' id='answer-id-1734977' class='answer   answerof-448421 ' value='1734977'   \/><label for='answer-id-1734977' id='answer-label-1734977' class=' answer'><span>Deploy the application into a new CloudFormation stack. Use an Amazon Route 53 weighted routing policy to distribute the load.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448421[]' id='answer-id-1734978' class='answer   answerof-448421 ' value='1734978'   \/><label for='answer-id-1734978' id='answer-label-1734978' class=' answer'><span>Create a version for every new deployed Lambda function. Use the AWS CLI update-function-configuration command with the routing-config parameter to distribute the load.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448421[]' id='answer-id-1734979' class='answer   answerof-448421 ' value='1734979'   \/><label for='answer-id-1734979' id='answer-label-1734979' class=' answer'><span>Configure AWS CodeDeploy and use CodeDeployDefault.OneAtATime in the Deployment configuration to distribute the load.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-31' style=';'><div id='questionWrap-31'  class='   watupro-question-id-448422'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>31. <\/span>A company is running an application in the AWS Cloud. The company's security team must approve the creation of all new IAM users. When a new IAM user is created, all access for the user must be removed automatically. The security team must then receive a notification to approve the user. The company has a multi-Region AWS CloudTrail trail In the AWS account. <br \/>\r<br>Which combination of steps will meet these requirements? (Select THREE.)<\/div><input type='hidden' name='question_id[]' id='qID_31' value='448422' \/><input type='hidden' id='answerType448422' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448422[]' id='answer-id-1734980' class='answer   answerof-448422 ' value='1734980'   \/><label for='answer-id-1734980' id='answer-label-1734980' class=' answer'><span>Create an Amazon EventBridge (Amazon CloudWatch Events) rule. Define a pattern with the detail-type value set to AWS API Call via CloudTrail and an eventName of CreateUser.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448422[]' id='answer-id-1734981' class='answer   answerof-448422 ' value='1734981'   \/><label for='answer-id-1734981' id='answer-label-1734981' class=' answer'><span>Configure CloudTrail to send a notification for the CreateUser event to an Amazon Simple \r\nNotification Service (Amazon SNS) topic.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448422[]' id='answer-id-1734982' class='answer   answerof-448422 ' value='1734982'   \/><label for='answer-id-1734982' id='answer-label-1734982' class=' answer'><span>Invoke a container that runs in Amazon Elastic Container Service (Amazon ECS) with AWS Fargate technology to remove access<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448422[]' id='answer-id-1734983' class='answer   answerof-448422 ' value='1734983'   \/><label for='answer-id-1734983' id='answer-label-1734983' class=' answer'><span>Invoke an AWS Step Functions state machine to remove access.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448422[]' id='answer-id-1734984' class='answer   answerof-448422 ' value='1734984'   \/><label for='answer-id-1734984' id='answer-label-1734984' class=' answer'><span>Use Amazon Simple Notification Service (Amazon SNS) to notify the security team.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448422[]' id='answer-id-1734985' class='answer   answerof-448422 ' value='1734985'   \/><label for='answer-id-1734985' id='answer-label-1734985' class=' answer'><span>Use Amazon Pinpoint to notify the security team.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-32' style=';'><div id='questionWrap-32'  class='   watupro-question-id-448423'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>32. <\/span>A security engineer determined that an existing application retrieves credentials to an Amazon RDS for MySQL database from an encrypted file in Amazon S3. For the next version of the application, the security engineer wants to implement the following application design changes to improve security: The database must use strong, randomly generated passwords stored in a secure AWS managed service. <br \/>\r<br>The application resources must be deployed through AWS CloudFormation. <br \/>\r<br>The application must rotate credentials for the database every 90 days. <br \/>\r<br>A solutions architect will generate a CloudFormation template to deploy the application. <br \/>\r<br>Which resources specified in the CloudFormation template will meet the security engineer's requirements with the LEAST amount of operational overhead?<\/div><input type='hidden' name='question_id[]' id='qID_32' value='448423' \/><input type='hidden' id='answerType448423' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448423[]' id='answer-id-1734986' class='answer   answerof-448423 ' value='1734986'   \/><label for='answer-id-1734986' id='answer-label-1734986' class=' answer'><span>Generate the database password as a secret resource using AWS Secrets Manager. Create an AWS Lambda function resource to rotate the database password. Specify a Secrets Manager RotationSchedule resource to rotate the database password every 90 days.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448423[]' id='answer-id-1734987' class='answer   answerof-448423 ' value='1734987'   \/><label for='answer-id-1734987' id='answer-label-1734987' class=' answer'><span>Generate the database password as a SecureString parameter type using AWS Systems Manager Parameter Store. Create an AWS Lambda function resource to rotate the database password. Specifya Parameter Store RotationSchedule resource to rotate the database password every 90 days.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448423[]' id='answer-id-1734988' class='answer   answerof-448423 ' value='1734988'   \/><label for='answer-id-1734988' id='answer-label-1734988' class=' answer'><span>Generate the database password as a secret resource using AWS Secrets Manager. Create an AWS Lambda function resource to rotate the database password. Create an Amazon EventBridge scheduled rule resource to trigger the Lambda function password rotation every 90 days.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448423[]' id='answer-id-1734989' class='answer   answerof-448423 ' value='1734989'   \/><label for='answer-id-1734989' id='answer-label-1734989' class=' answer'><span>Generate the database password as a SecureString parameter type using AWS Systems Manager Parameter Store. Specify an AWS AppSync DataSource resource to automatically rotate the database password every 90 days.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-33' style=';'><div id='questionWrap-33'  class='   watupro-question-id-448424'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>33. <\/span>A company wants to migrate its workloads from on premises to AWS. The workloads run on Linuxand Windows. The company has a large on-premises intra structure that consists of physical machines and VMs that host numerous applications. <br \/>\r<br>The company must capture details about the system configuration. system performance. running processure and network coi.net lions of its o. -premises ,on boards. The company also must divide the on-premises applications into groups for AWS migrations. The company needs recommendations for Amazon EC2 instance types so that the company can run its workloads on AWS in the most cost-effective manner. <br \/>\r<br>Which combination of steps should a solutions architect take to meet these requirements? (Select THREE.)<\/div><input type='hidden' name='question_id[]' id='qID_33' value='448424' \/><input type='hidden' id='answerType448424' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448424[]' id='answer-id-1734990' class='answer   answerof-448424 ' value='1734990'   \/><label for='answer-id-1734990' id='answer-label-1734990' class=' answer'><span>Assess the existing applications by installing AWS Application Discovery Agent on the physical machines and VMs.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448424[]' id='answer-id-1734991' class='answer   answerof-448424 ' value='1734991'   \/><label for='answer-id-1734991' id='answer-label-1734991' class=' answer'><span>Assess the existing applications by installing AWS Systems Manager Agent on the physical machines and VMs<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448424[]' id='answer-id-1734992' class='answer   answerof-448424 ' value='1734992'   \/><label for='answer-id-1734992' id='answer-label-1734992' class=' answer'><span>Group servers into applications for migration by using AWS Systems Manager Application Manager.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448424[]' id='answer-id-1734993' class='answer   answerof-448424 ' value='1734993'   \/><label for='answer-id-1734993' id='answer-label-1734993' class=' answer'><span>Group servers into applications for migration by using AWS Migration Hub.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448424[]' id='answer-id-1734994' class='answer   answerof-448424 ' value='1734994'   \/><label for='answer-id-1734994' id='answer-label-1734994' class=' answer'><span>Generate recommended instance types and associated costs by using AWS Migration Hub.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448424[]' id='answer-id-1734995' class='answer   answerof-448424 ' value='1734995'   \/><label for='answer-id-1734995' id='answer-label-1734995' class=' answer'><span>Import data about server sizes into AWS Trusted Advisor. Follow the recommendations for cost optimization.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-34' style=';'><div id='questionWrap-34'  class='   watupro-question-id-448425'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>34. <\/span>A company has a multi-tier web application that runs on a fleet of Amazon EC2 instances behind an Application Load Balancer (ALB). The instances are in an Auto Scaling group. The ALB and the Auto Scaling group are replicated in a backup AWS Region. The minimum value and the maximum value for the Auto Scaling group are set to zero. An Amazon RDS Multi-AZ DB instance stores the application\u2019s data. The DB instance has a read replica in the backup Region. The application presents an endpoint to end users by using an Amazon Route 53 record. <br \/>\r<br>The company needs to reduce its RTO to less than 15 minutes by giving the application the ability to automatically fail over to the backup Region. The company does not have a large enough budget for an active-active strategy. <br \/>\r<br>What should a solutions architect recommend to meet these requirements?<\/div><input type='hidden' name='question_id[]' id='qID_34' value='448425' \/><input type='hidden' id='answerType448425' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448425[]' id='answer-id-1734996' class='answer   answerof-448425 ' value='1734996'   \/><label for='answer-id-1734996' id='answer-label-1734996' class=' answer'><span>Reconfigure the application\u2019s Route 53 record with a latency-based routing policy that load balances traffic between the two ALBs. Create an AWS Lambda function in the backup Region to promote the read replica and modify the Auto Scaling group values. Create an Amazon CloudWatch alarm that is based on the HTTPCode_Target_5XX_Count metric for the ALB in the primary Region. Configure the CloudWatch alarm to invoke the Lambda function.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448425[]' id='answer-id-1734997' class='answer   answerof-448425 ' value='1734997'   \/><label for='answer-id-1734997' id='answer-label-1734997' class=' answer'><span>Create an AWS Lambda function in the backup Region to promote the read replica and modify the Auto Scaling group values. Configure Route 53 with a health check that monitors the web application and sends an Amazon Simple Notification Service (Amazon SNS) notification to the Lambda function when the health check status is unhealthy. Update the application\u2019s Route 53 record with a failover policy that routes traffic to the ALB in the backup Region when a health check failure occurs.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448425[]' id='answer-id-1734998' class='answer   answerof-448425 ' value='1734998'   \/><label for='answer-id-1734998' id='answer-label-1734998' class=' answer'><span>Configure the Auto Scaling group in the backup Region to have the same values as the Auto Scaling group in the primary Region. Reconfigure the application\u2019s Route 53 record with a latency-based routing policy that load balances traffic between the two ALBs. Remove the read replica. Replace the read replica with a standalone RDS DB instance. Configure Cross-Region Replicationbetween the RDS DB instances by using snapshots and Amazon S3.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448425[]' id='answer-id-1734999' class='answer   answerof-448425 ' value='1734999'   \/><label for='answer-id-1734999' id='answer-label-1734999' class=' answer'><span>Configure an endpoint in AWS Global Accelerator with the two ALBs as equal weighted targets. \r\nCreate an AWS Lambda function in the backup Region to promote the read replica and modify the Auto Scaling group values. Create an Amazon CloudWatch alarm that is based on the HTTPCode_Target_5XX_Count metric for the ALB in the primary Region. Configure the CloudWatch alarm to invoke the Lambda function.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-35' style=';'><div id='questionWrap-35'  class='   watupro-question-id-448426'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>35. <\/span>A solutions architect needs to advise a company on how to migrate its on-premises data processing application to the AWS Cloud. Currently, users upload input files through a web portal. The web server then stores the uploaded files on NAS and messages the processing server over a message queue. Each media file can take up to 1 hour to process. The company has determined that the number of media files awaiting processing is significantly higher during business hours, with the number of files rapidly declining after business hours. <br \/>\r<br>What is the MOST cost-effective migration recommendation?<\/div><input type='hidden' name='question_id[]' id='qID_35' value='448426' \/><input type='hidden' id='answerType448426' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448426[]' id='answer-id-1735000' class='answer   answerof-448426 ' value='1735000'   \/><label for='answer-id-1735000' id='answer-label-1735000' class=' answer'><span>Create a queue using Amazon SQ<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448426[]' id='answer-id-1735001' class='answer   answerof-448426 ' value='1735001'   \/><label for='answer-id-1735001' id='answer-label-1735001' class=' answer'><span>Configure the existing web server to publish to the new queue. When there are messages in the queue, invoke an AWS Lambda function to pull requests from the queue and process the files. Store the processed files in an Amazon S3 bucket.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448426[]' id='answer-id-1735002' class='answer   answerof-448426 ' value='1735002'   \/><label for='answer-id-1735002' id='answer-label-1735002' class=' answer'><span>Create a queue using Amazon<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448426[]' id='answer-id-1735003' class='answer   answerof-448426 ' value='1735003'   \/><label for='answer-id-1735003' id='answer-label-1735003' class=' answer'><span>Configure the existing web server to publish to the new queue. When there are messages in the queue, create a new Amazon EC2 instance to pull requests from the queue and process the files. Store the processed files in Amazon EF<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448426[]' id='answer-id-1735004' class='answer   answerof-448426 ' value='1735004'   \/><label for='answer-id-1735004' id='answer-label-1735004' class=' answer'><span>Shut down the EC2 instance after the task is complete.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448426[]' id='answer-id-1735005' class='answer   answerof-448426 ' value='1735005'   \/><label for='answer-id-1735005' id='answer-label-1735005' class=' answer'><span>Create a queue using Amazon M<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448426[]' id='answer-id-1735006' class='answer   answerof-448426 ' value='1735006'   \/><label for='answer-id-1735006' id='answer-label-1735006' class=' answer'><span>Configure the existing web server to publish to the new queue. When there are messages in the queue, invoke an AWS Lambda function to pull requests from the queue and process the files. Store the processed files in Amazon EF<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448426[]' id='answer-id-1735007' class='answer   answerof-448426 ' value='1735007'   \/><label for='answer-id-1735007' id='answer-label-1735007' class=' answer'><span>Create a queue using Amazon SO<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448426[]' id='answer-id-1735008' class='answer   answerof-448426 ' value='1735008'   \/><label for='answer-id-1735008' id='answer-label-1735008' class=' answer'><span>Configure the existing web server to publish to the new queue. Use Amazon EC2 instances in an EC2 Auto Scaling group to pull requests from the queue and process the files. Scale the EC2 instances based on the SOS queue length. Store the processed files in an Amazon S3 bucket.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-36' style=';'><div id='questionWrap-36'  class='   watupro-question-id-448427'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>36. <\/span>A company is in the process of implementing AWS Organizations to constrain its developers to use only Amazon EC2. Amazon S3 and Amazon DynamoDB. The developers account resides In a dedicated organizational unit (OU). The solutions architect has implemented the following SCP on the developers account: <br \/>\r<br><br><img decoding=\"async\" width=330 height=437 id=\"\u56fe\u7247 7\" src=\"https:\/\/www.dumpsbase.com\/freedumps\/wp-content\/uploads\/2026\/01\/image001-1.png\"><br><br \/>\r<br>When this policy is deployed, IAM users in the developers account are still able to use AWS services that are not listed in the policy. <br \/>\r<br>What should the solutions architect do to eliminate the developers' ability to use services outside the scope of this policy?<\/div><input type='hidden' name='question_id[]' id='qID_36' value='448427' \/><input type='hidden' id='answerType448427' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448427[]' id='answer-id-1735009' class='answer   answerof-448427 ' value='1735009'   \/><label for='answer-id-1735009' id='answer-label-1735009' class=' answer'><span>Create an explicit deny statement for each AWS service that should be constrained<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448427[]' id='answer-id-1735010' class='answer   answerof-448427 ' value='1735010'   \/><label for='answer-id-1735010' id='answer-label-1735010' class=' answer'><span>Remove the Full AWS Access SCP from the developer account's OU<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448427[]' id='answer-id-1735011' class='answer   answerof-448427 ' value='1735011'   \/><label for='answer-id-1735011' id='answer-label-1735011' class=' answer'><span>Modify the Full AWS Access SCP to explicitly deny all services<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448427[]' id='answer-id-1735012' class='answer   answerof-448427 ' value='1735012'   \/><label for='answer-id-1735012' id='answer-label-1735012' class=' answer'><span>Add an explicit deny statement using a wildcard to the end of the SCP<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-37' style=';'><div id='questionWrap-37'  class='   watupro-question-id-448428'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>37. <\/span>A company is running an application on several Amazon EC2 instances in an Auto Scaling group behind an Application Load Balancer. The load on the application varies throughout the day, and EC2 instances are scaled in and out on a regular basis. Log files from the EC2 instances are copied to a central Amazon S3 bucket every 15 minutes. The security team discovers that log files are missing from some of the terminated EC2 instances. <br \/>\r<br>Which set of actions will ensure that log files are copied to the central S3 bucket from the terminated EC2 instances?<\/div><input type='hidden' name='question_id[]' id='qID_37' value='448428' \/><input type='hidden' id='answerType448428' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448428[]' id='answer-id-1735013' class='answer   answerof-448428 ' value='1735013'   \/><label for='answer-id-1735013' id='answer-label-1735013' class=' answer'><span>Create a script to copy log files to Amazon S3, and store the script in a file on the EC2 instance. Create an Auto Scaling lifecycle hook and an Amazon EventBridge (Amazon CloudWatch Events) rule to detect lifecycle events from the Auto Scaling group. Invoke an AWS Lambda function on the autoscaling:EC2_INSTANCE_TERMINATING transition to send ABANDON to the Auto Scaling group to prevent termination, run the script to copy the log files, and terminate the instance using the AWS SD<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448428[]' id='answer-id-1735014' class='answer   answerof-448428 ' value='1735014'   \/><label for='answer-id-1735014' id='answer-label-1735014' class=' answer'><span>Create an AWS Systems Manager document with a script to copy log files to Amazon S3. Create an Auto Scaling lifecycle hook and an Amazon EventBridge (Amazon CloudWatch Events) rule to detect lifecycle events from the Auto Scaling group. Invoke an AWS Lambda function on the autoscaling:EC2_INSTANCE_TERMINATING transition to call the AWS Systems Manager API \r\nSendCommand operation to run the document to copy the log files and send CONTINUE to the Auto Scaling group to terminate the instance.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448428[]' id='answer-id-1735015' class='answer   answerof-448428 ' value='1735015'   \/><label for='answer-id-1735015' id='answer-label-1735015' class=' answer'><span>Change the log delivery rate to every 5 minutes. Create a script to copy log files to Amazon S3, and add the script to EC2 instance user data. Create an Amazon EventBridge (Amazon CloudWatch Events) rule to detect EC2 instance termination. Invoke an AWS Lambda function from the EventBridge (CloudWatch Events) rule that uses the AWS CLI to run the user-data script to copy the log files and terminate the instance.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448428[]' id='answer-id-1735016' class='answer   answerof-448428 ' value='1735016'   \/><label for='answer-id-1735016' id='answer-label-1735016' class=' answer'><span>Create an AWS Systems Manager document with a script to copy log files to Amazon S3. Create an Auto Scaling lifecycle hook that publishes a message to an Amazon Simple Notification Service (Amazon SNS) topic. From the SNS notification, call the AWS Systems Manager API SendCommand operation to run the document to copy the log files and send ABANDON to the Auto Scaling group to terminate the instance.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-38' style=';'><div id='questionWrap-38'  class='   watupro-question-id-448429'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>38. <\/span>A financial company is planning to migrate its web application from on premises to AWS. The company uses a third-party security tool to monitor the inbound traffic to the application. The company has used the security tool for the last 15 years, and the tool has no cloud solutions available from its vendor. The company's security team is concerned about how to integrate the security tool with AWS technology. <br \/>\r<br>The company plans to deploy the application migration to AWS on Amazon EC2 instances. The EC2 instances will run in an Auto Scaling group in a dedicated VPC. The company needs to use the security tool to inspect all packets that come in and out of the VPC. This inspection must occur in real time and must not affect the application's performance. A solutions architect must design a target architecture on AWS that is highly available within an AWS Region. <br \/>\r<br>Which combination of steps should the solutions architect take to meet these requirements? (Select TWO.)<\/div><input type='hidden' name='question_id[]' id='qID_38' value='448429' \/><input type='hidden' id='answerType448429' value='checkbox'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448429[]' id='answer-id-1735017' class='answer   answerof-448429 ' value='1735017'   \/><label for='answer-id-1735017' id='answer-label-1735017' class=' answer'><span>Deploy the security tool on EC2 instances in a new Auto Scaling group in the existing VP<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448429[]' id='answer-id-1735018' class='answer   answerof-448429 ' value='1735018'   \/><label for='answer-id-1735018' id='answer-label-1735018' class=' answer'><span>Deploy the web application behind a Network Load Balancer.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448429[]' id='answer-id-1735019' class='answer   answerof-448429 ' value='1735019'   \/><label for='answer-id-1735019' id='answer-label-1735019' class=' answer'><span>Deploy an Application Load Balancer in front of the security tool instances.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448429[]' id='answer-id-1735020' class='answer   answerof-448429 ' value='1735020'   \/><label for='answer-id-1735020' id='answer-label-1735020' class=' answer'><span>Provision a Gateway Load Balancer for each Availability Zone to redirect the traffic to the security tool.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='checkbox' name='answer-448429[]' id='answer-id-1735021' class='answer   answerof-448429 ' value='1735021'   \/><label for='answer-id-1735021' id='answer-label-1735021' class=' answer'><span>Provision a transit gateway to facilitate communication between VPCs.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-39' style=';'><div id='questionWrap-39'  class='   watupro-question-id-448430'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>39. <\/span>An application is using an Amazon RDS for MySQL Multi-AZ DB instance in the us-east-1 Region. After a failover test, the application lost the connections to the database and could not re-establish the connections. After a restart of the application, the application re-established the connections. <br \/>\r<br>A solutions architect must implement a solution so that the application can re-establish connections to the database without requiring a restart. <br \/>\r<br>Which solution will meet these requirements?<\/div><input type='hidden' name='question_id[]' id='qID_39' value='448430' \/><input type='hidden' id='answerType448430' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448430[]' id='answer-id-1735022' class='answer   answerof-448430 ' value='1735022'   \/><label for='answer-id-1735022' id='answer-label-1735022' class=' answer'><span>Create an Amazon Aurora MySQL Serverless v1 DB instance. Migrate the RDS DB instance to the Aurora Serverless v1 DB instance. Update the connection settings in the application to point to the Aurora reader endpoint.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448430[]' id='answer-id-1735023' class='answer   answerof-448430 ' value='1735023'   \/><label for='answer-id-1735023' id='answer-label-1735023' class=' answer'><span>Create an RDS proxy. Configure the existing RDS endpoint as a target. Update the connection settings in the application to point to the RDS proxy endpoint.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448430[]' id='answer-id-1735024' class='answer   answerof-448430 ' value='1735024'   \/><label for='answer-id-1735024' id='answer-label-1735024' class=' answer'><span>Create a two-node Amazon Aurora MySQL DB cluster. Migrate the RDS DB instance to the Aurora DB cluster. Create an RDS proxy. Configure the existing RDS endpoint as a target. Update the connection settings in the application to point to the RDS proxy endpoint.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448430[]' id='answer-id-1735025' class='answer   answerof-448430 ' value='1735025'   \/><label for='answer-id-1735025' id='answer-label-1735025' class=' answer'><span>Create an Amazon S3 bucket. Export the database to Amazon S3 by using AWS Database Migration Service (AWS DMS). Configure Amazon Athena to use the S3 bucket as a data store. Install the latest Open Database Connectivity (ODBC) driver for the application. Update the connection settings in the application to point to the Athena endpoint<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div class='watu-question ' id='question-40' style=';'><div id='questionWrap-40'  class='   watupro-question-id-448431'>\n\t\t\t<div class='question-content'><div><span class='watupro_num'>40. <\/span>A company has an environment that has a single AWS account. A solutions architect is reviewing the environment to recommend what the company could improve specifically in terms of access to the AWS Management Console. The company's IT support workers currently access the console for administrative tasks, authenticating with named IAM users that have been mapped to their job role. The IT support workers no longer want to maintain both their Active Directory and IAM user accounts. They want to be able to access the console by using their existing Active Directory credentials. The solutions architect is using AWS Single Sign-On (AWS SSO) to implement this functionality. <br \/>\r<br>Which solution will meet these requirements MOST cost-effectively?<\/div><input type='hidden' name='question_id[]' id='qID_40' value='448431' \/><input type='hidden' id='answerType448431' value='radio'><!-- end question-content--><\/div><div class='question-choices watupro-choices-columns '><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448431[]' id='answer-id-1735026' class='answer   answerof-448431 ' value='1735026'   \/><label for='answer-id-1735026' id='answer-label-1735026' class=' answer'><span>Create an organization in AWS Organizations. Turn on the AWS SSO feature in Organizations Create and configure a directory in AWS Directory Service for Microsoft Active Directory (AWS Managed Microsoft AD) with a two-way trust to the company's on-premises Active Directory. Configure AWS SSO and set the AWS Managed Microsoft AD directory as the identity source. Create permission sets and map them to the existing groups within the AWS Managed Microsoft AD directory.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448431[]' id='answer-id-1735027' class='answer   answerof-448431 ' value='1735027'   \/><label for='answer-id-1735027' id='answer-label-1735027' class=' answer'><span>Create an organization in AWS Organizations. Turn on the AWS SSO feature in Organizations Create and configure an AD Connector to connect to the company's on-premises Active Directory. Configure AWS SSO and select the AD Connector as the identity source. Create permission sets and map them to the existing groups within the company's Active Directory.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448431[]' id='answer-id-1735028' class='answer   answerof-448431 ' value='1735028'   \/><label for='answer-id-1735028' id='answer-label-1735028' class=' answer'><span>Create an organization in AWS Organizations. Turn on all features for the organization. Create and configure a directory in AWS Directory Service for Microsoft Active Directory (AWS Managed Microsoft AD) with a two-way trust to the company's on-premises Active Directory. Configure AWS SSO and select the AWS Managed Microsoft AD directory as the identity source. Create permission sets and map them to the existing groups within the AWS Managed Microsoft AD directory.<\/span><\/label><\/div><div class='watupro-question-choice  ' dir='auto' ><input type='radio' name='answer-448431[]' id='answer-id-1735029' class='answer   answerof-448431 ' value='1735029'   \/><label for='answer-id-1735029' id='answer-label-1735029' class=' answer'><span>Create an organization in AWS Organizations. Turn on all features for the organization. Createand configure an AD Connector to connect to the company's on-premises Active Directory. Configure AWS SSO and select the AD Connector as the identity source. Create permission sets and map them to the existing groups within the company's Active Directory.<\/span><\/label><\/div><!-- end question-choices--><\/div><!-- end questionWrap--><\/div><\/div><div style='display:none' id='question-41'>\n\t<div class='question-content'>\n\t\t<img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.dumpsbase.com\/freedumps\/wp-content\/plugins\/watupro\/img\/loading.gif\" width=\"16\" height=\"16\" alt=\"Loading...\" title=\"Loading...\" \/>&nbsp;Loading...\t<\/div>\n<\/div>\n\n<br \/>\n\t\n\t\t\t<div class=\"watupro_buttons flex \" id=\"watuPROButtons11412\" >\n\t\t  <div id=\"prev-question\" style=\"display:none;\"><input type=\"button\" value=\"&lt; Previous\" onclick=\"WatuPRO.nextQuestion(event, 'previous');\"\/><\/div>\t\t  \t\t  \t\t   \n\t\t   \t  \t\t<div><input type=\"button\" name=\"action\" class=\"watupro-submit-button\" onclick=\"WatuPRO.submitResult(event)\" id=\"action-button\" value=\"View Results\"  \/>\n\t\t<\/div>\n\t\t<\/div>\n\t\t\n\t<input type=\"hidden\" name=\"quiz_id\" value=\"11412\" id=\"watuPROExamID\"\/>\n\t<input type=\"hidden\" name=\"start_time\" id=\"startTime\" value=\"2026-04-16 02:52:52\" \/>\n\t<input type=\"hidden\" name=\"start_timestamp\" id=\"startTimeStamp\" value=\"1776307972\" \/>\n\t<input type=\"hidden\" name=\"question_ids\" value=\"\" \/>\n\t<input type=\"hidden\" name=\"watupro_questions\" value=\"448392:1734857,1734858,1734859,1734860 | 448393:1734861,1734862,1734863,1734864 | 448394:1734865,1734866,1734867,1734868 | 448395:1734869,1734870,1734871,1734872 | 448396:1734873,1734874,1734875,1734876 | 448397:1734877,1734878,1734879,1734880 | 448398:1734881,1738144,1738145,1738146 | 448399:1734882,1734883,1734884,1734885 | 448400:1734886,1734887,1734888,1734889 | 448401:1734890,1734891,1734892,1734893,1734894,1734895,1734896 | 448402:1734897,1734898,1734899,1734900 | 448403:1734901,1734902,1734903,1734904 | 448404:1734905,1734906,1734907,1734908,1734909 | 448405:1734910,1734911,1734912,1734913,1734914,1734915 | 448406:1734916,1734917,1734918,1734919,1734920,1734921 | 448407:1734922,1734923,1734924,1734925 | 448408:1734926,1734927,1734928,1734929 | 448409:1734930,1734931,1734932,1734933 | 448410:1734934,1738147,1738148,1738149,1738150,1738151 | 448411:1734935,1734936,1734937,1734938 | 448412:1734939,1734940,1734941,1734942,1734943,1734944 | 448413:1734945,1734946,1734947,1734948 | 448414:1734949,1734950,1734951,1734952 | 448415:1734953,1734954,1734955,1734956,1734957 | 448416:1734958,1734959,1734960,1734961 | 448417:1734962,1734963,1734964,1734965,1734966 | 448418:1734967,1734968,1734969,1734970 | 448419:1734971,1734972,1734973,1734974 | 448420:1734975,1738152,1738153,1738154,1738155 | 448421:1734976,1734977,1734978,1734979 | 448422:1734980,1734981,1734982,1734983,1734984,1734985 | 448423:1734986,1734987,1734988,1734989 | 448424:1734990,1734991,1734992,1734993,1734994,1734995 | 448425:1734996,1734997,1734998,1734999 | 448426:1735000,1735001,1735002,1735003,1735004,1735005,1735006,1735007,1735008 | 448427:1735009,1735010,1735011,1735012 | 448428:1735013,1735014,1735015,1735016 | 448429:1735017,1735018,1735019,1735020,1735021 | 448430:1735022,1735023,1735024,1735025 | 448431:1735026,1735027,1735028,1735029\" \/>\n\t<input type=\"hidden\" name=\"no_ajax\" value=\"0\">\t\t\t<\/form>\n\t<p>&nbsp;<\/p>\n<\/div>\n\n<script type=\"text\/javascript\">\n\/\/jQuery(document).ready(function(){\ndocument.addEventListener(\"DOMContentLoaded\", function(event) { \t\nvar question_ids = \"448392,448393,448394,448395,448396,448397,448398,448399,448400,448401,448402,448403,448404,448405,448406,448407,448408,448409,448410,448411,448412,448413,448414,448415,448416,448417,448418,448419,448420,448421,448422,448423,448424,448425,448426,448427,448428,448429,448430,448431\";\nWatuPROSettings[11412] = {};\nWatuPRO.qArr = question_ids.split(',');\nWatuPRO.exam_id = 11412;\t    \nWatuPRO.post_id = 117331;\nWatuPRO.store_progress = 0;\nWatuPRO.curCatPage = 1;\nWatuPRO.requiredIDs=\"0\".split(\",\");\nWatuPRO.hAppID = \"0.63163800 1776307972\";\nvar url = \"https:\/\/www.dumpsbase.com\/freedumps\/wp-content\/plugins\/watupro\/show_exam.php\";\nWatuPRO.examMode = 1;\nWatuPRO.siteURL=\"https:\/\/www.dumpsbase.com\/freedumps\/wp-admin\/admin-ajax.php\";\nWatuPRO.emailIsNotRequired = 0;\nWatuPROIntel.init(11412);\nWatuPRO.inCategoryPages=1;});    \t \n<\/script>\n<p>&nbsp;<\/p>\n<h3>Continue to check our <a href=\"https:\/\/www.dumpsbase.com\/freedumps\/free-sap-c02-dumps-part-2-q41-q80-updated-2026-aws-certified-solutions-architect-professional-dumps-v13-02.html\"><span style=\"background-color: #ccffff;\"><em>SAP-C02 free dumps (Part 2, Q41-Q80) of V13.02<\/em><\/span><\/a> here.<\/h3>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>DumpsBase offers the latest AWS SAP-C02 dumps (V13.02) to ensure you pass the AWS Certified Solutions Architect &#8211; Professional exam confidently. These updated dumps have been completely revamped to help you achieve top results in the AWS Certified Solutions Architect &#8211; Professional certification. All 585 practice exam questions and answers are aligned with the latest [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[175,15637],"tags":[17944,15634],"class_list":["post-117331","post","type-post","status-publish","format-standard","hentry","category-amazon","category-aws-certification","tag-aws-certified-solutions-architect-professional","tag-sap-c02"],"_links":{"self":[{"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/posts\/117331","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/comments?post=117331"}],"version-history":[{"count":2,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/posts\/117331\/revisions"}],"predecessor-version":[{"id":117355,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/posts\/117331\/revisions\/117355"}],"wp:attachment":[{"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/media?parent=117331"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/categories?post=117331"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.dumpsbase.com\/freedumps\/wp-json\/wp\/v2\/tags?post=117331"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}