AWS Certified Solutions Architect Professional Practice Questions Part 7

Your organization is planning to use AWS for their production rollout. They want
automated deployment in a way that it will automatically create a LAMP stack,
download the latest PHP installable from S3 and setup the ELB. To make an orderly
deployment of the software, which of the following AWS service meets the
requirement?

The admins require digital policy files for verification. Once verified, these files may
not be required in the future unless there is any compliance issue. Which of the
following is the most cost effective way for saving these files?

You have joined a company who has a lot of GPU intensive workload. Also, these
workloads are part of a process in which some steps need manual intervention. Which
of the following options are best suited for this requirement?

You have a RedShift cluster running 24/7. The cluster has four nodes and expects to
add an on demand node one to two days once in a year. Which of the following would
have the lowest cost for the cluster requirement?

Read-only access is required to all AWS resources for audit purpose; and logs of the
events that have occurred on AWS. What is the best to create this sort of access?

You have launched an instance which has four 500 GB EBS provisioned IOPS
volumes attached. The instance is EBS-optimized and supports 500 MBps throughput
between EC2 and EBS. These volumes are configured as a single RAID0 device, and each
volume is provisioned with 4000 IOPS. Your instance initially delivered expected 16000
IOPS random read and write performance. After a while, you add two more 500 GB EBS
provisioned IOPS volumes to the RAID to increase the total random I/O performance
of the instance. Each volume is provisioned to 4000 IOPS like the original four for a
total of 24000 IOPS on the EC2 instance. Upon monitoring, you noticed that the
instance’s CPU utilization increased from 50% to 70%, but the total random IOPS
measured at the instance level did not increase at all. What is the problem and valid
solution?

Your company has placed a set of on premise resources with an AWS DirectConnect
provider. After establishing connections to a local AWS region in the US, the
organization needs to establish a low latency dedicated connection to an S3 public
endpoint over the DirectConnect dedicated low latency connection. What would you
do to configure a DirectConnect connection to a public S3 endpoint?

You need to design a multi-region architecture and it is required to send data to
users based on geographic locations via latency routing, weighted routing is also
required for the resources within that region. Which of the below steps would help you
accomplish this?

You are the solutions architect; you need to launch 20 large EC2 instances that will
be used to process huge amount of data. It is also required that these instances will need
to transfer data back and forth among each other. Which of the following would be the
most efficient setup to achieve this?

You have recently increased IOPS performance of an online gaming server by
creating a RAID0 configuration. The server has now started to have bottleneck
problems because of your instance bandwidth. To increase throughput, which of the
following is the best solution?

Your EC2 services goes offline at least once a week for no apparent reasons. You have
been told by your security officer that you need to tighten up the logging on the events
occurring in your AWS account. He wants a simple way to quickly access all events that
occur in the account in all regions. He also needs the surety that he is the only person
with access to these events. How would you fulfill his requirements?

Your organization hosts a web application on AWS. As per architectural best
practices, the app must be highly available, cost-efficient, highly scalable, highperformant, and should require minimal human intervention. You have deployed the
web and database servers in public and private subnets respectively. When you tested
the application via web browser, the application was not accessible. Which
configuration settings you must do to overcome this problem? (Choose 2)

Your company is planning to host a large donation website on AWS and expecting
a large amount of traffic that will cause heavy writes on database. To assure that any
write is not dropped out, which AWS service should you choose?

You need to launch an instance through CloudFormation and then configure an
application after the instance is launched. You want the creation of ASG and ELB to
wait until the instance is configured. How would you do it?

As the administrator of IT, you are given a task to develop a reliable and durable
logging solution to track changes made to your EC2, IAM, and RDS resources. The
confidentiality and integrity of your log data is must. Which of the following solutions
would you build?

When generating a pre signed URL, what must be done to ensure that the user with
the pre signed URL has the permission to upload objects?

Your organization has added 3 accounts to consolidated billing. One of these
accounts has purchased a reserved instance of a small instance size in the us-east-1a
zone. All other accounts are running small size instances in the same zone. What will
happen in this case for RI pricing?

You have launched a large EC2 instance which is EBS-backed in the US-East-1
region. Now you want to achieve DR by creating another small instance in EU. How can
DR be achieved?

You have developed a mobile app to handle analytics workloads on large data sets
stored on RedShift. To work properly, the app needs to access the RedShift tables.
Which of the below methods is the best to access the tables securely?

A client has configured an SSL listener at ELB as well as on the back-end instances.
Considering the SSL listener, which of the below statements will help the client
understand ELB traffic handling?

One of your client needs corporate IT governance and cost oversight of all the AWS
resources that its teams are consuming. The teams want to maintain administrative
control of the discrete AWS resources they consume and keep these resources separate
from the resources of other departments. Which of the following options support the
control of divisions while enabling corporate IT to maintain governance and cost
oversight? (Choose 2)

A client of yours, has set up auto-scaling with ELB on the EC2 instances. Now they
want a configuration that auto-scaling remove those instances whose CPU utilization
is below 10%. How can this be configured?

Your organization has configured auto-scaling with ELB. A memory issue in the
application is causing CPU utilization to go over 90%. As per the scaling policy, higher
CPU usage triggers an event for auto-scaling. You want to find out the root cause inside
the application without triggering the scaling activity, how can you do that?

You need to create a mobile application for a client. The app will call DynamoDB to
fetch certain information. It will be using the DynamoDB SDK and root account
secret/access key to connect to DynamoDB from mobile. Which of the below
mentioned practice is true with respect to security?

A student has created a VPC with public and private subnet using the VPC wizard.
CIDR of the VPC is 20.0.0.0/16 and the public subnet uses CIDR 20.0.1.0/24. The plan is
to launch a web server in the public subnet with port 80 and a DB server in the private
subnet with port 3306. It is required to create security groups for both the subnets.
Which of the below mention entries are required in DB server security group?