Exam Code: AWS-Certified-Solutions-Architect-Professional (aws certified solutions architect professional dumps), Exam Name: AWS-Certified-Solutions-Architect-Professional, Certification Provider: Amazon Certifitcation, Free Today! Guaranteed Training- Pass AWS-Certified-Solutions-Architect-Professional Exam.

Check AWS-Certified-Solutions-Architect-Professional free dumps before getting the full version:

NEW QUESTION 1
Cognito Sync is an AWS service that you can use to synchronize user profile data across mobile devices without requiring your own backend. When the device is online, you can synchronize data. If you also set up push sync, what does it allow you to do?

  • A. Notify other devices that a user profile is available across multiple devices
  • B. Synchronize user profile data with less latency
  • C. Notify other devices immediately that an update is available
  • D. Synchronize online data faster

Answer: C

Explanation: Cognito Sync is an AWS service that you can use to synchronize user profile data across mobile devices without requiring your own backend. When the device is online, you can synchronize data, and if you have
also set up push sync, notify other devices immediately that an update is available. Reference: http://docs.aws.amazon.com/cognito/devguide/sync/

NEW QUESTION 2
An International company has deployed a multi-tier web application that relies on DynamoDB in a single region For regulatory reasons they need disaster recovery capability In a separate region with a Recovery Time Objective of 2 hours and a Recovery Point Objective of 24 hours. They should synchronize their data on a regular basis and be able to provision me web application rapidly using CIoudFormation.
The objective is to minimize changes to the existing web application, control the throughput of DynamoDB used for the synchronization of data and synchronize only the modified elements.
Which design would you choose to meet these requirements?

  • A. Use AWS data Pipeline to schedule a DynamoDB cross region copy once a day, create a"Lastupdated" attribute in your DynamoDB table that would represent the timestamp of the last update and use it as a filter.
  • B. Use EMR and write a custom script to retrieve data from DynamoDB in the current region using a SCAN operation and push it to DynamoDB in the second region.
  • C. Use AWS data Pipeline to schedule an export of the DynamoDB table to S3 in the current region once a day then schedule another task immediately after it that will import data from S3 to DynamoDB in the other region.
  • D. Send also each Ante into an SQS queue in me second region; use an auto-scaling group behind the SQS queue to replay the write in the second region.

Answer: A

NEW QUESTION 3
Select the correct statement about Amazon EIastiCache.

  • A. It makes it easy to set up, manage, and scale a distributed in-memory cache environment in the cloud.
  • B. It allows you to quickly deploy your cache environment only if you install software.
  • C. It does not integrate with other Amazon Web Services.
  • D. It cannot run in the Amazon Virtual Private Cloud (Amazon VPC) environmen

Answer: A

Explanation: EIastiCache is a web service that makes it easy to set up, manage, and scale a distributed in-memory cache environment in the cloud. It provides a high-performance, scalable, and cost-effective caching solution, while removing the complexity associated with deploying and managing a distributed cache environment. With EIastiCache, you can quickly deploy your cache environment, without having to provision hardware or install software.
Reference: http://docs.aws.amazon.com/AmazonE|astiCache/latest/UserGuide/Whatls.html

NEW QUESTION 4
A customer has a website which shows all the deals available across the market. The site experiences a load of 5 large EC2 instances generally. However, a week before ThanksgMng vacation they encounter a load of almost 20 large instances. The load during that period varies over the day based on the office timings. Which of the below mentioned solutions is cost effective as well as help the website achieve better performance?

  • A. Setup to run 10 instances during the pre-vacation period and only scale up during the office time by launching 10 more instances using the AutoScaIing schedule.
  • B. Keep only 10 instances running and manually launch 10 instances every day during office hours.
  • C. During the pre-vacation period setup 20 instances to run continuously.
  • D. During the pre-vacation period setup a scenario where the organization has 15 instances running and 5 instances to scale up and down using Auto Scaling based on the network I/O policy.

Answer: D

Explanation: AWS provides an on demand, scalable infrastructure. AWS EC2 allows the user to launch On-Demand instances and the organization should create an AMI of the running instance. When the organization is experiencing varying loads and the time of the load is not known but it is higher than the routine traffic it is recommended that the organization launches a few instances before hand and then setups AutoScaIing with policies which scale up and down as per the EC2 metrics, such as Network I/O or CPU utilization.
If the organization keeps all 10 additional instances as a part of the AutoScaIing policy sometimes during a sudden higher load it may take time to launch instances and may not give an optimal performance. This is the reason it is recommended that the organization keeps an additional 5 instances running and the next 5 instances scheduled as per the AutoScaIing policy for cost effectiveness.
Reference: http://media.amazonwebservices.com/AWS_Web_Hosting_Best_Practices.pdf

NEW QUESTION 5
Which of the following is true while using an IAM role to grant permissions to applications running on Amazon EC2 instances?

  • A. All applications on the instance share the same role, but different permissions.
  • B. All applications on the instance share multiple roles and permissions.
  • C. MuItipIe roles are assigned to an EC2 instance at a time.
  • D. Only one role can be assigned to an EC2 instance at a tim

Answer: D

Explanation: Only one role can be assigned to an EC2 instance at a time, and all applications on the instance share the same role and permissions.
Reference: http://docs.aws.amazon.com/IAM/latest/UserGuide/role-usecase-ec2app.htmI

NEW QUESTION 6
An organization has hosted an application on the EC2 instances. There will be multiple users connecting to the instance for setup and configuration of application. The organization is planning to implement certain security best practices. Which of the below mentioned pointers will not help the organization achieve better security arrangement?

  • A. Allow only IAM users to connect with the EC2 instances with their own secret access key.
  • B. Create a procedure to revoke the access rights of the indMdual user when they are not required to connect to EC2 instance anymore for the purpose of application configuration.
  • C. Apply the latest patch of OS and always keep it updated.
  • D. Disable the password based login for all the user
  • E. All the users should use their own keys to connect with the instance securely.

Answer: A

Explanation: Since AWS is a public cloud any application hosted on EC2 is prone to hacker attacks. It becomes extremely important for a user to setup a proper security mechanism on the EC2 instances. A few of the security measures are listed below:
Always keep the OS updated with the latest patch
Always create separate users with in OS if they need to connect with the EC2 instances, create their keys and disable their password
Create a procedure using which the admin can revoke the access of the user when the business work on the EC2 instance is completed
Lock down unnecessary ports
Audit any proprietary applications that the user may be running on the EC2 instance
Provide temporary escalated prMleges, such as sudo for users who need to perform occasional prMleged tasks
The IAM is useful when users are required to work with AWS resources and actions, such as launching an instance. It is not useful to connect (RDP / SSH) with an instance.
Reference: http://aws.amazon.com/articles/1233/

NEW QUESTION 7
True or False: The Amazon EIastiCache clusters are not available for use in VPC at this time.

  • A. TRUE
  • B. True, but they are available only in the GovCIoud.
  • C. True, but they are available only on request.
  • D. FALSE

Answer: D

Explanation: Amazon Elasticache clusters can be run in an Amazon VPC. With Amazon VPC, you can define a virtual network topology and customize the network configuration to closely resemble a traditional network that you might operate in your own datacenter. You can now take advantage of the manageability, availability and scalability benefits of Amazon EIastiCache Clusters in your own isolated network. The same functionality of Amazon EIastiCache, including automatic failure detection, recovery, scaling, auto discovery, Amazon CIoudWatch metrics, and software patching, are now available in Amazon VPC. Reference:
http://aws.amazon.com/about-aws/whats-new/2012/12/20/amazon-elasticache-announces-support-for-a mazon-vpc/

NEW QUESTION 8
A web-startup runs its very successful social news application on Amazon EC2 with an Elastic Load Balancer, an Auto-Scaling group of Java/Tomcat application-servers, and DynamoDB as data store. The main web-application best runs on m2 x large instances since it is highly memory- bound Each new deployment requires semi-automated creation and testing of a new AMI for the application servers which takes quite a while ana is therefore only done once per week.
Recently, a new chat feature has been implemented in nodejs and wails to be integrated in the architecture. First tests show that the new component is CPU bound Because the company has some experience with using Chef, they decided to streamline the deployment process and use AWS Ops Works as an application life cycle tool to simplify management of the application and reduce the deployment cycles.
What configuration in AWS Ops Works is necessary to integrate the new chat module in the most cost-efficient and filexible way?

  • A. Create one AWS OpsWorks stack, create one AWS Ops Works layer, create one custom recipe
  • B. Create one AWS OpsWorks stack create two AWS Ops Works layers, create one custom recipe
  • C. Create two AWS OpsWorks stacks create two AWS Ops Works layers, create one custom recipe
  • D. Create two AWS OpsWorks stacks create two AWS Ops Works layers, create two custom recipe

Answer: C

NEW QUESTION 9
You are responsible for a web application that consists of an Elastic Load Balancing (ELB) load balancer in front of an Auto Scaling group of Amazon Elastic Compute Cloud (EC2) instances. For a recent deployment of a new version of the application, a new Amazon Machine Image (AMI) was created, and the Auto Scaling group was updated with a new launch configuration that refers to this new AMI. During the deployment, you received complaints from users that the website was responding with errors. All instances passed the ELB health checks.
What should you do in order to avoid errors for future deployments? (Choose 2 answer)

  • A. Add an Elastic Load Balancing health check to the Auto Scaling grou
  • B. Set a short period for the health checks to operate as soon as possible in order to prevent premature registration of the instance to theload balancer.
  • C. Enable EC2 instance C|oudWatch alerts to change the launch configuration’s AMI to the previous on
  • D. Gradually terminate instances that are using the new AMI.
  • E. Set the Elastic Load Balancing health check configuration to target a part of the application that fully tests application health and returns an error if the tests fail.
  • F. Create a new launch configuration that refers to the new AMI, and associate it with the grou
  • G. Double the size of the group, wait for the new instances to become healthy, and reduce back to the original size.If new instances do not become healthy, associate the previous launch configuration.
  • H. Increase the Elastic Load Balancing Unhealthy Threshold to a higher value to prevent an unhealthy instance from going into service behind the load balancer.

Answer: CD

NEW QUESTION 10
What happens when Dedicated instances are launched into a VPC?

  • A. If you launch an instance into a VPC that has an instance tenancy of dedicated, you must manually create a Dedicated instance.
  • B. If you launch an instance into a VPC that has an instance tenancy of dedicated, your instance is created as a Dedicated instance, only based on the tenancy of the instance.
  • C. If you launch an instance into a VPC that has an instance tenancy of dedicated, your instance isautomatically a Dedicated instance, regardless of the tenancy of the instance.
  • D. None of these are tru

Answer: C

Explanation: If you launch an instance into a VPC that has an instance tenancy of dedicated, your instance is automatically a Dedicated instance, regardless of the tenancy of the instance.
Reference: http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/dedicated-instance.html

NEW QUESTION 11
What RAID method is used on the Cloud Block Storage back-end to implement a very high level of reliability and performance?

  • A. RAID 1 (Mirror)
  • B. RAID 5 (Blocks striped, distributed parity)
  • C. RAID 10 (Blocks mirrored and striped)
  • D. RAID 2 (Bit level striping)

Answer: C

Explanation: Cloud Block Storage back-end storage volumes employs the RAID 10 method to provide a very high level of reliability and performance.
Reference: http://www.rackspace.com/knowIedge_center/product-faq/cloud-block-storage

NEW QUESTION 12
A corporate web application is deployed within an Amazon Virtual Private Cloud (VPC) and is connected to the corporate data center via an IPSec VPN. The application must authenticate against the
on-premises LDAP server. After authentication, each logged-in user can only access an Amazon Simple Storage Space (S3) keyspace specific to that user.
Which two approaches can satisfy these objectives? (Choose 2 answers)

  • A. Develop an identity broker that authenticates against IAM security Token service to assume a IAM role in order to get temporary AWS security credentials The application calls the identity broker to get AWS temporary security credentials with access to the appropriate S3 bucket.
  • B. The application authenticates against LDAP and retrieves the name of an IAM role associated with the use
  • C. The application then calls the IAM Security Token Service to assume that IAM rol
  • D. The application can use the temporary credentials to access the appropriate S3 bucket.
  • E. Develop an identity broker that authenticates against LDAP and then calls IAM Security Token Service to get IAM federated user credential
  • F. The application calls the identity broker to get IAM federated user credentials with access to the appropriate S3 bucket.
  • G. The application authenticates against LDAP the application then calls the AWS identity and AccessManagement (IAM) Security service to log in to IAM using the LDAP credentials the application can use the IAM temporary credentials to access the appropriate S3 bucket.
  • H. The application authenticates against IAM Security Token Service using the LDAP credentials the application uses those temporary AWS security credentials to access the appropriate S3 bucket.

Answer: BC

NEW QUESTION 13
Your department creates regular analytics reports from your company's log files All log data is collected in Amazon S3 and processed by daily Amazon Elastic MapReduce (EMR) jobs that generate daily PDF reports and aggregated tables in CSV format for an Amazon Redshift data warehouse.
Your CFO requests that you optimize the cost structure for this system.
Which of the following alternatives will lower costs without compromising average performance of the system or data integrity for the raw data?

  • A. Use reduced redundancy storage (RRS) for all data In S3. Use a combination of Spot Instances and Reserved Instances for Amazon EMR job
  • B. Use Reserved Instances for Amazon Redshift.
  • C. Use reduced redundancy storage (RRS) for PDF and .csv data in S3. Add Spot Instances to EMR job
  • D. Use Spot Instances for Amazon Redshift.
  • E. Use reduced redundancy storage (RRS) for PDF and .csv data In Amazon S3. Add Spot Instances to Amazon EMR job
  • F. Use Reserved Instances for Amazon Redshift.
  • G. Use reduced redundancy storage (RRS) for all data in Amazon S3. Add Spot Instances to Amazon ENIR job
  • H. Use Reserved Instances for Amazon Redshift.

Answer: C

NEW QUESTION 14
A user is configuring MySQL RDS with PIOPS. What should be the minimum PIOPS that the user should provision?

  • A. 1000
  • B. 200
  • C. 2000
  • D. 500

Answer: A

Explanation: If a user is trying to enable PIOPS with MySQL RDS, the minimum size of storage should be 100 GB and the minimum PIOPS should be 1000.
Reference: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.html

NEW QUESTION 15
A user is planning to use EBS for his DB requirement. The user already has an EC2 instance running in the VPC private subnet. How can the user attach the EBS volume to a running instance?

  • A. The user can create EBS in the same zone as the subnet of instance and attach that EBS to instance.
  • B. It is not possible to attach an EBS to an instance running in VPC until the instance is stopped.
  • C. The user can specify the same subnet while creating EBS and then attach it to a running instance.
  • D. The user must create EBS within the same VPC and then attach it to a running instance.

Answer: A

Explanation: A Virtual Private Cloud (VPC) is a virtual network dedicated to the user’s AWS account. The user can create subnets as per the requirement within a VPC. The VPC is always specific to a region. The user can create a VPC which can span multiple Availability Zones by adding one or more subnets in each Availability Zone.
The instance launched will always be in the same availability zone of the respective subnet. When creating an EBS the user cannot specify the subnet or VPC. However, the user must create the EBS in the same zone as the instance so that it can attach the EBS volume to the running instance.
Reference: http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Subnets.htmI#VPCSubnet

NEW QUESTION 16
Can a Direct Connect link be connected directly to the Internet?

  • A. Yes, this can be done if you pay for it.
  • B. Yes, this can be done only for certain regions.
  • C. Yes
  • D. No

Answer: D

Explanation: AWS Direct Connect is a network service that provides an alternative to using the Internet to utilize AWS cloud service. Hence, a Direct Connect link cannot be connected to the Internet directly.
Reference: http://aws.amazon.com/directconnect/faqs/

NEW QUESTION 17
Which of the following statements is correct about the number of security groups and rules applicable for an EC2-Classic instance and an EC2-VPC network interface?

  • A. In EC2-Classic, you can associate an instance with up to 5 security groups and add up to 50 rules to a security grou
  • B. In EC2-VPC, you can associate a network interface with up to 500 security groups and add up to 100 rules to a security group.
  • C. In EC2-Classic, you can associate an instance with up to 500 security groups and add up to 50 rules to a security grou
  • D. In EC2-VPC, you can associate a network interface with up to 5 security groups and add up to 100 rules to a security group.
  • E. In EC2-Classic, you can associate an instance with up to 5 security groups and add up to 100 rules to a security grou
  • F. In EC2-VPC, you can associate a network interface with up to 500 security groups and add up to 50 rules to a security group.
  • G. In EC2-Classic, you can associate an instance with up to 500 security groups and add up to 100 rules to a security grou
  • H. In EC2-VPC, you can associate a network interface with up to 5 security groups and add up to 50 rules to a security group.

Answer: D

Explanation: A security group acts as a virtual firewall that controls the traffic for one or more instances. When you launch an instance, you associate one or more security groups with the instance. You add rules to each security group that allow traffic to or from its associated instances. If you're using EC2-Classic, you must use security groups created specifically for EC2-Classic. In EC2-Classic, you can associate an instance with up to 500 security groups and add up to 100 rules to a security group. If you're using EC2-VPC, you must use security groups created specifically for your VPC. In EC2-VPC, you can associate a network interface with up to 5 security groups and add up to 50 rules to a security group.
Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html

NEW QUESTION 18
Identify an application that polls AWS Data Pipeline for tasks and then performs those tasks.

  • A. A task executor
  • B. A task deployer
  • C. A task runner
  • D. A task optimizer

Answer: C

Explanation: A task runner is an application that polls AWS Data Pipeline for tasks and then performs those tasks. You can either use Task Runner as provided by AWS Data Pipeline, or create a custom Task Runner application.
Task Runner is a default implementation of a task runner that is provided by AWS Data Pipeline. When Task Runner is installed and configured, it polls AWS Data Pipeline for tasks associated with pipelines that you have activated. When a task is assigned to Task Runner, it performs that task and reports its status back to AWS Data Pipeline. If your workflow requires non-default behavior, you'II need to implement that functionality in a custom task runner.
Reference:
http://docs.aws.amazon.com/datapipeline/latest/DeveIoperGuide/dp-how-remote-taskrunner-client.html

100% Valid and Newest Version AWS-Certified-Solutions-Architect-Professional Questions & Answers shared by Surepassexam, Get Full Dumps HERE: https://www.surepassexam.com/AWS-Certified-Solutions-Architect-Professional-exam-dumps.html (New 272 Q&As)