In order to encrypt sensitive data, an organization uses AWS KMS. Identify two statements you believe are true regarding KMS CMK. (opt any two)

"Performing operations as code” is one of the AWS Operational Excellence design principle. If you are an AWS Solutions Architect who wants to achieve this design principal, which AWS solution will you use when deploying your AWS infrastructure?

An organization agrees on a three-year term when buying EC2 instances to minimize EC2 costs. The company would have to exchange EC2 instances for other instances types to adapt to evolving needs in the future. Identify the type of instances the company should purchase.

As a Solutions Architect, you are required to select a solution that is most suitable in terms of being cost-effective. The solution will be used to store data that is heterogenous in nature, for example, millions of phone numbers. Read/write consistency and latency are critical metrics for the business. Select an AWS solution that you believe is best going to serve this need.

A set of data is located in an S3 bucket and as a Solutions Architect you need to ensure the geographical replication of that data. You enable Amazon S3 CRR to fulfil this requirement. However, this action step does not work and as a result you are unable to enable replication. Can you identify the reason most likely to have produced this error?

An organization is using an application that is deployed on an Amazon EC2 instance. The application creates temporary files that are combined to generate pdf files. These files are downloaded by customers at a frequent rate in the first two days after release. From the third day onwards, the files are not needed anymore. To meet these requirements, which storage strategy would you recommend as a Solutions Architect?

A Chief Information Office (CIO) of a company wants to shift the company’s workload to cloud. The company is using a proprietary software with a very strict licensing compliance requirements. As a solutions architect, which EC2 instances you recommend that adheres to software licensing requirements?

There is sensitive data contained by a group of EC2 instances, and that data must be secured. EBS volumes are attached to the instances. These EBS volumes are unencrypted at the moment. In the future, numerous new EC2 instances are planned in this AWS account. You need to choose an EBS encryption option because the data saved on these EBS volumes should be encrypted by default. Which two options would you choose? (opt any two)

You are a solutions architect who creates a VPC with a public subnet and a private subnet due to network security requirements of a customer. A backend application that is deployed on an Amazon EC2 instance receives incoming requests that are redirected by an Amazon EC2 deployed in the public subnet acting as a proxy. The company carries some tests and notices when third-party public APIs are called, the application throws connection timeouts. What would you do to resolve this?

One single application is run by a group of four redundant EC2 instances. If you want the requests to be evenly distributed across all instances and want the application to be highly available, what are the two options you would choose to make it possible? (opt any two)

An organization plans to design a database that is highly available and running on the RDS instance. The database must be resilient enough to withstand the failure of an AZ failure injection. A Multi-AZ RDS has been configured to meet this goal. Identify two statements that justify this design. (opt any two)

An Amazon CloudFront distribution is deployed by a Solutions Architect, purpose for which is to serve content from a static website. The website is deployed on an Amazon S3 bucket. The solutions architect then creates an AWS WAF rule to prevent and secure access in limited conditions. There was a mistake in the rule syntax, and all requests are blocked by AWS WAF. What steps would the solutions architect take to get away from this problem?

An RTO of 2 hours or less and an RPO of 30 minutes or less is established by a company for an EC2 instance database. If there is an AZ failure, which of the below shared strategies would the solutions architect use to achieve the required RPO and RTO?

A company has numerous different departments managing their specific EC2 instances. If you are a solutions architect and want to categorize and organize these resources, which feature would you use?

A backup solution of an organization is approaching its end. Most of the company's servers run Microsoft Windows Server. The virtual tape library where backups are saved is costing a lot to maintain. For these reasons, and to make the availability and durability of backups better, the organization is looking for a solution that can help them outsource current server backups. The solution must take least time to get implemented. If the organization wants minimal changes to the current solutions, which solution fulfilling backup and storage needs should they go for?

A legacy Cobol application is deployed to an Amazon EC2 instance from on-premises. The EC2 instance is type t2.large. The application uses a local PostgreSQL database instance and is used for batch processing. Once the migration is complete, it is noticed that application suffers downtime, reason for which is CPU peaks. If you want to increase stability, what two actions would you take? (opt any two)

A company's EC2 instance that is associated with a security group should always have internet access. The company’s virtual private cloud gets an internet gateway deployed for it, without a NAT gateway or a NAT instance in the VPC. The instance is associated with a security group. Identify two statements that stand true for these configurations (opt any two)

An organization uses Amazon 53 buckets to store objects for various projects. There is a structure of specific folders for each project in the bucket. If the organization requires separate billing for each project, which strategy would you recommend as a solutions architect to meet this requirement?

An organization is planning to use AWS Direct Connect to extend its group of on-premises VLAN into an AWS VPC. Which two statements justify this? (opt any two)

There is data in the instance internal storage of a Linux EC2 instance. As a Solutions Architect, you are required to move this data in the instance from one Availability Zone (AZ) to another instance in a different AZ. Both the instances are in the same AWS Region. Identify the action you would take to make sure you meet this requirement.

There is a requirement to integrate a virtual tape library with AWS. The purpose is to create a hybrid solution that will help the organization expand its storage without purchasing new hardware. Can you identify the type of AWS Storage Gateway that should be used?

An organization is cutting additional costs, and in an effort to do so they power off unused on-demand EC2 instances that are being paid for without use, and not available for free tier. If an instance contains a 50 GB EBS General Purpose SSD (gp2) volume attached with it, and it is powered off for the sake of saving costs, what impact will this make on the billing?

You are required to create a design for an e-commerce application and run the web and application servers on a bunch of EC2 instances. At the time of purchasing, all the products falling in the cart must be saved during the session. The application and web servers should automatically scale in and out depending on demand, and high availability of all components must be ensured. Being a solutions architect, which design would you recommend?

You are tasked to migrate a MySQL database to AWS. As a solutions architect you know that the database storage will grow gradually, for which you are to find the most scalable solution. Identify the service you would choose to use in this scenario.

You are to deploy an application on an Amazon EC2 Linux instance from a current-generation type. A 16 GB EBS volume and internal storage as the boot volume is used by the instance. As a month passes, you notice the application generating files that cannot be deleted in large volumes, and the file system is almost full. You want to avoid filling up the file system for which you have to perform a short-term workaround. What would you ideally do to prevent the file system getting overpopulated?

A web platform is managed by you as a solutions architect, and it is deployed with an AWS Elastic Beanstalk. There is a new development team for which you are required to create a cloned environment. Can you identify two services which CANNOT be cloned in an Elastic Beanstalk environment? (opt any TWO)

An organization has its on-premises infrastructure migrated to AWS, but there is a small database left out in the current environment, as it does not get migrated. There are some applications that need to retrieve information from this database. These applications are deployed on Amazon EC2 instances. The information in transit between the customer datacenter and AWS has to be encrypted for security reasons. As a solutions architect, which of the following solutions would you deploy?

There is a group of EC2 instances in private subnets for which a VPC solution is designed by a solutions architect. EC2 instances are located in multiple Availability Zones. The resilience of application must allow it to continue to function when an AZ failure occurs. The instances must have internet access but must not have public IP addresses. Can you identify a statement that stand true to this design? (opt any TWO)

A company decides to deploy an application. The application will use databases that are running on EC2 instances in a private subnet. For software updates to run smoothly, internet access must be provided to the EC2 instances. If you want EC2 instances to receive updates, which of the following must be included in the VPC design.

A MySQL database gets migrated to an Amazon Aurora for MySQL database in a financial organization. There is as audit performed and after the audit it is realized that legal requirements need to be complied with. According to the legal requirements, self-managed keys must be used to encrypt the database. You want to meet the requirement is a fast and cost-effective way. Which action should you choose?