AWS Certified Solutions Architect - Associate - Part 22
1. A solutions architect is designing a two-tier web application. The application consists of a public-facing web tier hosted on Amazon EC2 in public subnets. The database tier consists of Microsoft SQL Server running on Amazon EC2 in a private subnet. Security is a high priority for the company.How should security groups be configured in this situation? (Choose two.)(Select 2answers)
A) Configure the security group for the web tier to allow inbound traffic on port 443 from 0.0.0.0/0. B. Configure the security group for the web tier to allow outbound traffic on port 443 from 0.0.0.0/0.
B) Configure the security group for the database tier to allow inbound traffic on ports 443 and 1433 from the security group for the web tier.
C) Configure the security group for the database tier to allow outbound traffic on ports 443 and 1433 to the security group for the web tier.
D) Configure the security group for the database tier to allow inbound traffic on port 1433 from the security group for the web tier.
2. A company has a three-tier image-sharing application. It uses an Amazon EC2 instance for the front-end layer, another for the backend tier, and a third for the MySQL database. A solutions architect has been tasked with designing a solution that is high available, and rquires the least amount of changes to the application.Which solution meets these requirements?
A) Use Amazon S3 to host the front-end layer and AWS Lambda functions for the backend layer. Move the database to an Amazon DynamoDB table and use Amazon S3 to store and serve users images.
B) Use load balanced Multi-AZ AWS Elastic Beanstalk environments for the front-end and backend layers. Move the database to an Amazon RDS instance with multiple read replicas to store and serve users' images.
C) Use load balanced Multi-AZ AWS Elastic Beanstalk environments for the front-end and backend layers. Move the database to an Amazon RDS instance with a Multi-AZ deployment. Use Amazon S3 to store and serve users' images.
D) Use Amazon S3 to host the front-end layer and a fleet of Amazon EC2 instances in an Auto Scaling group for the backend layer. Move the databse to a memory optimized instance type to store and serve users' images.
3. A financial service company has a web application that serves users in the United States and Europe. The application consists of a database tier and a web server tier. The database tier consists of a MySQL database hosted in us-east-1. Amazon Route 53 geoproximity routing is used to direct traffic to instances in the closest Region. A performance review of the system reveals that European users are not receiving the same level of query performance as those in the United States.Which changes should be made to the database tier to improve performance?
A) Migrate the database to Amazon RDS for MySQL. Configure Multi-AZ in one of the European Regions.
B) Deploy MySQL instances in each Region. Deploy an Application Load Balancer in front of MySQL to reduce the load on the primary instance.
C) Migrate the database to Amazon DynamoDB. Use DymanoDB global tables to enable replication to additional Regions
D) Migrate the database to an Amazon Aurora global database in MySQL compatibility mode. Configure read replicas in one of the European Regions.
4. A solutions architect is designing a high performance computing (HPC) workload on Amazon EC2. The EC2 instances need to communicate to each other frequently and require network performance with low latency and high throughput.Which EC2 configuration meets these requirements?
A) Launch the EC2 instances in a cluster placement group in one Availability Zone.
B) Launch the EC2 instances in a spread placement group in one Availability Zone.
C) Launch the EC2 instances in an Auto Scaling group spanning multiple Availability Zones.
D) Launch the EC2 instances in an Auto Scaling group in two Regions and peer VPCs.
5. A company has deployed an API in a VPC behind an internet-facing Application Load Balancer (ALB). An application that consumes the API as a client is deployed in a second account in private subnets behind a NAT gateway. When requests to the client application increase, the NAT gateway costs are higher than expected. A solutions architect has configured the ALB to be internal.Which combination of architectural changes will reduce the NAT gateway costs? (Choose two.)(Select 2answers)
A) Configure a ClassicLink connection for the API into the client VPC. Access the API using the ClassicLink address.
B) Configure a PrivateLink connection for the API into the client VPC. Access the API using the PrivateLink address.
C) Configure a VPC peering connection between the two VPCs. Access the API using the private address.
D) Configure an AWS Resource Access Manager connection between the two accounts. Access the API using the private address.
E) Configure an AWS Direct Connect connection between the two VPCs. Access the API using the private address.
A) Configure the security group for the web tier to allow inbound traffic on port 443 from 0.0.0.0/0. B. Configure the security group for the web tier to allow outbound traffic on port 443 from 0.0.0.0/0.
B) Configure the security group for the database tier to allow inbound traffic on ports 443 and 1433 from the security group for the web tier.
C) Configure the security group for the database tier to allow outbound traffic on ports 443 and 1433 to the security group for the web tier.
D) Configure the security group for the database tier to allow inbound traffic on port 1433 from the security group for the web tier.
2. A company has a three-tier image-sharing application. It uses an Amazon EC2 instance for the front-end layer, another for the backend tier, and a third for the MySQL database. A solutions architect has been tasked with designing a solution that is high available, and rquires the least amount of changes to the application.Which solution meets these requirements?
A) Use Amazon S3 to host the front-end layer and AWS Lambda functions for the backend layer. Move the database to an Amazon DynamoDB table and use Amazon S3 to store and serve users images.
B) Use load balanced Multi-AZ AWS Elastic Beanstalk environments for the front-end and backend layers. Move the database to an Amazon RDS instance with multiple read replicas to store and serve users' images.
C) Use load balanced Multi-AZ AWS Elastic Beanstalk environments for the front-end and backend layers. Move the database to an Amazon RDS instance with a Multi-AZ deployment. Use Amazon S3 to store and serve users' images.
D) Use Amazon S3 to host the front-end layer and a fleet of Amazon EC2 instances in an Auto Scaling group for the backend layer. Move the databse to a memory optimized instance type to store and serve users' images.
3. A financial service company has a web application that serves users in the United States and Europe. The application consists of a database tier and a web server tier. The database tier consists of a MySQL database hosted in us-east-1. Amazon Route 53 geoproximity routing is used to direct traffic to instances in the closest Region. A performance review of the system reveals that European users are not receiving the same level of query performance as those in the United States.Which changes should be made to the database tier to improve performance?
A) Migrate the database to Amazon RDS for MySQL. Configure Multi-AZ in one of the European Regions.
B) Deploy MySQL instances in each Region. Deploy an Application Load Balancer in front of MySQL to reduce the load on the primary instance.
C) Migrate the database to Amazon DynamoDB. Use DymanoDB global tables to enable replication to additional Regions
D) Migrate the database to an Amazon Aurora global database in MySQL compatibility mode. Configure read replicas in one of the European Regions.
4. A solutions architect is designing a high performance computing (HPC) workload on Amazon EC2. The EC2 instances need to communicate to each other frequently and require network performance with low latency and high throughput.Which EC2 configuration meets these requirements?
A) Launch the EC2 instances in a cluster placement group in one Availability Zone.
B) Launch the EC2 instances in a spread placement group in one Availability Zone.
C) Launch the EC2 instances in an Auto Scaling group spanning multiple Availability Zones.
D) Launch the EC2 instances in an Auto Scaling group in two Regions and peer VPCs.
5. A company has deployed an API in a VPC behind an internet-facing Application Load Balancer (ALB). An application that consumes the API as a client is deployed in a second account in private subnets behind a NAT gateway. When requests to the client application increase, the NAT gateway costs are higher than expected. A solutions architect has configured the ALB to be internal.Which combination of architectural changes will reduce the NAT gateway costs? (Choose two.)(Select 2answers)
A) Configure a ClassicLink connection for the API into the client VPC. Access the API using the ClassicLink address.
B) Configure a PrivateLink connection for the API into the client VPC. Access the API using the PrivateLink address.
C) Configure a VPC peering connection between the two VPCs. Access the API using the private address.
D) Configure an AWS Resource Access Manager connection between the two accounts. Access the API using the private address.
E) Configure an AWS Direct Connect connection between the two VPCs. Access the API using the private address.
1. Right Answer: A,D
Explanation: DB does not need port 443.
2. Right Answer: C
Explanation:
3. Right Answer: D
Explanation:
4. Right Answer: A
Explanation:
5. Right Answer: B,C
Explanation: https://docs.aws.amazon.com/ram/latest/userguide/shareable.html
Explanation: DB does not need port 443.
2. Right Answer: C
Explanation:
3. Right Answer: D
Explanation:
4. Right Answer: A
Explanation:
5. Right Answer: B,C
Explanation: https://docs.aws.amazon.com/ram/latest/userguide/shareable.html
Comments
0
CA Foundation Business Economics Questions 2023 - Part 32
03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 31
03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 29
03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 28
03 Mar 2023
