Available Number of Questions: Maximum of
645 Questions
Exam Name: AWS Certified Solutions Architect - Professional Exam
Exam Duration: 180 Minutes
Related Certification(s):
Amazon Professional, Amazon AWS Certified Solutions Architect Professional Certifications
Amazon SAP-C02 Exam Topics - You’ll Be Tested in Actual Exam
The Amazon SAP-C02 exam is a comprehensive assessment designed to evaluate your understanding of cloud computing and its applications. It covers a wide range of topics, including cloud concepts and fundamentals, which introduce you to the basics of cloud computing, its benefits, and the various service models. You'll also delve into architecture, exploring how to design and optimize cloud solutions. Security and compliance are crucial aspects, ensuring data protection and privacy. The exam tests your knowledge of identity and access management, encryption, and compliance standards. Additionally, it assesses your skills in networking, covering topics like VPCs, subnets, and routing. You'll learn to manage and configure these elements effectively. The SAP-C02 exam also emphasizes the importance of high availability and disaster recovery, teaching you strategies to ensure business continuity. Billing and cost management are key components, as you'll need to optimize resource utilization and understand pricing models. Furthermore, the exam covers reliability, focusing on resilience and fault tolerance in cloud environments. Finally, it assesses your ability to troubleshoot and diagnose common issues, providing practical skills for real-world scenarios. By covering these topics, the SAP-C02 exam equips you with a comprehensive understanding of cloud computing, preparing you for a successful career in the field.
Amazon SAP-C02 Exam Short Quiz
Attempt this Amazon SAP-C02 exam quiz to self-assess your preparation for the actual Amazon AWS Certified Solutions Architect - Professional Exam . CertBoosters also provides premium Amazon SAP-C02 exam questions to pass the Amazon AWS Certified Solutions Architect - Professional Exam in the shortest possible time. Be sure to try our free practice exam software for the Amazon SAP-C02 exam.
1of 0 questions |
Amazon SAP-C02 Exam Quiz
✓ 0 answered
🔖 0 bookmarked
AmazonSAP-C02
Q1:
A utility company wants to collect usage data every 5 minutes from its smart meters to facilitate time-of-use metering. When a meter sends data to AWS. the data is sent to Amazon API Gateway, processed by an AWS Lambda function, and stored in an Amazon DynamoDB table. During the pilot phase, the Lambda functions took from 3 to 5 seconds to complete.
As more smart meters are deployed, the engineers notice the Lambda functions are taking from 1 to 2 minutes to complete. The functions are also increasing in duration as new types of metrics are collected from the devices. There are many ProvisionedThroughputExceededException errors while performing PUT operations on DynamoDB. and there are also many TooManyRequestsException errors from Lambda.
Which combination of changes will resolve these issues? (Select TWO.)
☐
AIncrease the write capacity units to the DynamoDB table.
☐
BIncrease the memory available to the Lambda functions
☐
CIncrease the payload size from the smart meters to send more data.
☐
DStream the data into an Amazon Kinesis data stream from API Gateway and process the data in batches.
☐
ECollect data in an Amazon SOS FIFO queue, which triggers a Lambda function to process each message.
AmazonSAP-C02
Q2:
A company is using AWS Cloud Formation as its deployment tool for all applications. It stages all application binaries and templates within Amazon S3 buckets with versioning enabled. Developers have access to an Amazon EC2 instance that hosts the integrated development environment (IDE). The developers download the application binaries from Amazon S3 to the EC2 instance, make changes, and upload the binaries to an S3 bucket after running the unit tests locally. The developers want to improve the existing deployment mechanism and implement CI/CD using AWS CodePipeline.
The developers have the following requirements:
* Use AWS CodeCommit for source control.
* Automate unit testing and security scanning.
* Alert the developers when unit tests fail.
* Turn application features on and off, and customize deployment dynamically as part of CI/CD. Have the lead developer provide approval before deploying an application.
Which solution will meet these requirements?
○
AUse AWS CodeBuild to run unit tests and security scans. Use an Amazon EventBridge rule to send Amazon SNS alerts to the developers when unit tests fail. Write AWS Cloud Development Kit (AWS CDK) constructs for different solution features, and use a manifest file to turn features on and off in the AWS CDK application. Use a manual approval stage in the pipeline to allow the lead developer to approve applications.
○
BUse AWS Lambda to run unit tests and security scans. Use Lambda in a subsequent stage in the pipeline to send Amazon SNS alerts to the developers when unit tests fail. Write AWS Amplify plugins for different solution features and utilize user prompts to turn features on and off. Use Amazon SES in the pipeline to allow the lead developer to approve applications.
○
CUse Jenkins to run unit tests and security scans. Use an Amazon EventBridge rule in the pipeline to send Amazon SES alerts to the developers when unit tests fail. Use AWS CloudFormation nested stacks for different solution features and parameters to turn features on and off. Use AWS Lambda in the pipeline to allow the lead developer to approve applications.
○
DUse AWS CodeDeploy to run unit tests and security scans. Use an Amazon CloudWatch alarm in the pipeline to send Amazon SNS alerts to the developers when unit tests fail. Use Docker images for different solution features and the AWS CLI to turn features on and off. Use a manual approval stage in the pipeline to allow the lead developer to approve applications.
AmazonSAP-C02
Q3:
A company is designing its network configuration in the AWS Cloud. The company uses AWS Organizations to manage a multi-account setup. The company has three OUs. Each OU contains more than 100 AWS accounts. Each account has a single VPC. and all the VPCs in each OU are in the same AWS Region.
The CIDR ranges for all the AWS accounts do not overlap. The company needs to implement a solution in which VPCs in the same OU can communicate with each other but cannot communicate with VPCs in other OUs.
Which solution will meet these requirements with the LEAST operational overhead?
○
ACreate an AWS CloudFormation stack set that establishes VPC peering between accounts in each OU. Provision the stack set in each OU.
○
BIn each OU. create a dedicated networking account that has a single VPC. Share this VPC with all the other accounts in the OU by using AWS Resource Access Manager (AWS RAM). Create a VPC peering connection between the networking account and each account in the OU.
○
CProvision a transit gateway in an account in each OU. Share the transit gateway across the organization by using AWS Resource Access Manager {AWS RAM). Create transit gateway VPC attachments for each VPC.
○
DIn each OU. create a dedicated networking account that has a single VPC. Establish a VPN connection between the networking account and the other accounts in the OU. Use third-party routing software to route transitive traffic between the VPCs.
AmazonSAP-C02
Q4:
A company is migrating its blog platform to AWS. The company's on-premises servers connect to AWS through an AWS Site-to-Site VPN connection. The blog content is updated several times a day by multiple authors and is served from a file share on a network-attached storage (NAS) server.
The company needs to migrate the blog platform without delaying the content updates. The company has deployed Amazon EC2 instances across multiple Availability Zones to run the blog platform behind an Application Load Balancer. The company also needs to move 200 TB of archival data from its on-premises servers to Amazon S3 as soon as possible.
Which combination of steps will meet these requirements? (Select TWO.)
☐
ACreate a weekly cron job in Amazon EventBridge. Use the cron job to invoke an AWS Lambda function to update the EC2 instances from the NAS server.
☐
BConfigure an Amazon Elastic Block Store (Amazon EBS) Multi-Attach volume for the EC2 instances to share for content access. Write code to synchronize the EBS volume with the NAS server weekly.
☐
CMount an Amazon Elastic File System (Amazon EFS) file system to the on-premises servers to act as the NAS server. Copy the blog data to the EPS file system. Mount the EFS file system to the EC2 instances to serve the content.
☐
DOrder an AWS Snowball Edge Storage Optimized device. Copy the static data artifacts to the device. Ship the device to AWS.
☐
EOrder an AWS Snowcone SSD device. Copy the static data artifacts to the device. Ship the device to AWS.
AmazonSAP-C02
Q5:
A medical company is running a REST API on a set of Amazon EC2 instances The EC2 instances run in an Auto Scaling group behind an Application Load Balancer (ALB) The ALB runs in three public subnets, and the EC2 instances run in three private subnets The company has deployed an Amazon CloudFront distribution that has the ALB as the only origin
Which solution should a solutions architect recommend to enhance the origin security?
○
AStore a random string in AWS Secrets Manager Create an AWS Lambda function for automatic secret rotation Configure CloudFront to inject the random string as a custom HTTP header for the origin request Create an AWS WAF web ACL rule with a string match rule for the custom header Associate the web ACL with the ALB
○
BCreate an AWS WAF web ACL rule with an IP match condition of the CloudFront service IP address ranges Associate the web ACL with the ALB Move the ALB into the three private subnets
○
CStore a random string in AWS Systems Manager Parameter Store Configure Parameter Store automatic rotation for the string Configure CloudFront to inject the random string as a custom HTTP header for the origin request Inspect the value of the custom HTTP header, and block access in the ALB
○
DConfigure AWS Shield Advanced. Create a security group policy to allow connections from CloudFront service IP address ranges. Add the policy to AWS Shield Advanced, and attach the policy to the ALB
