ASA 2
A mobile application hosted on AWS needs to access a Data Store in AWS. With each item measuring around 10 KB in size, the latency of data access must remain consistent despite very high application traffic. What would be an ideal Data Store for the application?
AWS DynamoDB
Your IT Security department has mandated that all data on EBS volumes created for underlying EC2 Instances needs to be encrypted. What should be used to achieve this?
AWS KMS
A company is planning to design a Microservices architectured application that will be hosted in AWS. This entire architecture needs to be decoupled whenever possible. Which of the following services could help to achieve this? (
AWS SNS AWS SQS
You want to build a decoupled, highly available and fault tolerant architecture for your application in AWS. You decide to use EC2, the Classic Load Balancer, Auto Scaling and Route 53. Which one of the following additional services should you involve in this architecture?
AWS SQS
Users within a company need a place to store their documents. Each user must have his/her own location for placing the set of documents and should not be able to view another person's documents. Also, users should be able to retrieve their documents easily. Which AWS service would be ideal for this requirement?
AWS Simple z Storage Service
Your company is planning on hosting its development, test and production applications on EC2 Instances in AWS. The team is worried about how access control would be given to relevant IT Admins for each of the above environments. As an architect, what would you suggest to manage the relevant accesses?
Add tags to the instances marking each environment and then segregate access z using IAM Policies
You create an Auto Scaling Group which is used to spin up instances on demand. As an architect, you need to ensure that the instances are pre-installed with software when they are launched. What are the different ways to achieve this?
Add the scripts for the installation in the User data section. Create a golden image and then create a launch configuration
A company is migrating an on-premises MySQL database to AWS. Following are the key requirements: a) Ability to support an initial size of 5TB b) Ability to allow the database to double in size c) Replication Lag to be kept under 100 milliseconds Which Amazon RDS engine would meet these requirements?
Amazon Aurora
A company needs to monitor the read and write IOPS metrics for its AWS MySQL RDS instance and send real-time alerts to its Operations team. Which AWS services could help to accomplish this?
Amazon CloudWatch Amazon Simple Notification Service
An organization is managing a Redshift Cluster in AWS. They need to monitor the performance of this Redshift cluster to ensure that it is performing as efficiently as possible. Which of the following services should be used for achieving this requirement?
CloudWatch AWS Trusted Advisor
There is a requirement to host a database on an EC2 Instance. The EBS Volume is required to support a high rate of IOPS since a large number of read and write requests are expected on the database. Which Amazon EBS Volume type could meet the performance requirements of this database?
EBS Provisioned IOPS SSD
You need to ensure that new objects being uploaded to an S3 bucket are available in another region, due to the criticality of the data, hosted in the S3 bucket. How could you achieve this in the easiest way possible?
Enable Cross-Region Replication z for the bucket
You currently have 2 development environments hosted in 2 different VPCs in an AWS account in the same region. There is now a need for resources from one VPC to access another. How can this be accomplished?
Establish z VPC Peering.
You are planning to use Auto Scaling groups to maintain the performance of your web application. How would you ensure that the scaling activity has sufficient time to stabilize without executing another scaling action?
Increase the Auto Scaling Cooldown z timer value
You plan on hosting a web application consisting of a web server and a database server. These servers are going to be hosted on different EC2 Instances in different subnets in a VPC. What should be used to ensure that the database server only allows traffic from the web server?
Make use of Security Groups
A company wants to achieve redundancy for its EBS volumes hosted in AWS in the most cost-effective manner. How could this be achieved?
Nothing, since by default, EBS Volumes are replicated within their Availability Zones
Your company has enabled CORS on your S3 bucket to allow cross-origin resource sharing. In the CORS configuration, you need to specify the values for the "AllowedMethod" element. What would be your suggestion to the developer
Only these methods are supported: GET, PUT, POST, DELETE, and HEAD
You are hosting a web server on an EC2 Instance. With the number of requests consuming a large part of the CPU, the response performance for the application is getting degraded. Which of the following would help to alleviate the problem and provide a better response time?
Place a CloudFront distribution in front of z the EC2 Instance
A company is planning to allow its users to upload and read objects from an S3 bucket. Due to a large number of users, the read/write traffic will be very high. How would the architect maximize Amazon S3 performance?
Prefix each object name with a random string
You want to use AWS to host your own website with a unique domain name that uses the format www.example.com. How would you achieve this?
Register a domain with Route53 and use it to route requests to your website
You need to ensure that data stored in S3 is encrypted but you don't want to manage the encryption keys. Which of the following encryption mechanisms should be used in this case?
SSE-S3
A company is hosting EC2 instances which focus on workloads for non-production and non-priority batch loads. Also, these processes can be interrupted at any time. Which of the following is the best pricing model to be used for EC2 instances in this case?
Spot instances
A Solutions Architect is designing a solution to store and archive corporate documents. He has determined that Amazon Glacier is the right solution. Data has to be retrieved within 3-5 hrs as directed by the management. Which feature in Amazon Glacier could be helpful to meet this requirement and ensure cost-effectiveness?
Standard retrieval
An application allows users to upload images to an S3 bucket. Initially, these images will be downloaded quite frequently, but after some time, the images might only be accessed once a week and the retrieval time should be as minimal as possible. What could be done to ensure a cost-effective solution?
Store the objects in S3 z - Standard storage Create a Lifecycle Policy to transfer the objects to S3 - Infrequent Access storage after a certain duration of time
IoT sensors monitor the number of bags that are handled at an airport. The data is sent back to a Kinesis stream with default settings. Every alternate day, the data from the stream is sent to S3 for processing. But it is noticed that S3 is not receiving all of the data that is being sent to the Kinesis stream. What could be the reason for this?
The default retention period of the data stream is set to 24 hours only, and z hence the failure.
A small company started using EBS backed EC2 instances for the cost improvements over their own running servers. The company's policy is to stop the development servers over weekend and restart them next week. First time when the servers were brought back, none of the developers were able to SSH into them. What did the server most likely overlook?
The public IPv4 address has changed on the server start and the SSH configurations z were not updated
You have enabled CloudTrail logs for your company's AWS account. In addition, the IT Security department has mentioned that the logs need to be encrypted. How could this be achieved?
There is no need to do anything since the logs will already be encrypted
A company is hosting a MySQL database in AWS using the AWS RDS service. To offload the reads, a Read Replica has been created and reports are run off the Read Replica database. But at certain times, the reports show stale data. What could be the possible reason behind this?
This is due to the replication lag
You are working as an AWS Architect for a global insurance firm. For the web application, you are using S3 buckets and have configured CloudFront to cache image files. For audit purposes, you have created a CloudTrail trail in each region and the events logs files are logged in S3 bucket in the us-west-1 region. There have been changes in CloudFront which have caused all traffic being routed to the origin, resulting in increased latency for users in other continents. After scrutinizing CloudTrail logs, you found that there are duplicate CloudFront events being logged. What configuration changes would you perform to eliminate duplicate CloudFront logs?
Using AWS CLI, update CloudTrail trail to disable global service events that are delivered in all regions except US-West
A company needs a solution to store and archive corporate documents and has determined Amazon Glacier as the right solution. It is required that data is delivered within 5 minutes of a retrieval request. Which feature of Amazon Glacier could help to meet this requirement?
Using Expedited retrieval
You are designing a system which needs at minimum, 8 m4.large instances operating to service traffic. While designing a system for high availability in the us-east-1 region having 6 Availability Zones, your company needs to be able to handle the death of a full availability zone. How should you distribute the servers to save as much cost as possible, assuming all of the EC2 nodes are properly linked to an ELB? Your VPC account can utilize us-east-1's AZs a through f, inclusive.
2 servers in each of AZs a through z e, inclusive
You are building a stateless architecture for an application that will consist of web servers and an Auto Scaling Group. What would be an ideal storage mechanism for Session data?
AWS DynamoDB
You need to have a Data storage layer in AWS. Following are the key requirements: a) Storage of JSON documents b) Availability of Indexes c) Automatic scaling What would be an ideal storage layer for the above requirements?
AWS DynamoDB
A company planning to move to the AWS Cloud wants to leverage its existing Chef recipes for configuration management of its infrastructure. Which AWS service would be ideal to fulfill this requirement?
AWS OpsWorks
An organization is planning to use AWS for its production roll-out. The organization wants to implement automation for deployment such that it will automatically create a LAMP stack, download the latest PHP installable from S3, and set up the ELB. Which AWS service would meet these requirements for making an orderly deployment of the software?
AWS z Elastic Beanstalk
You are performing a Load Testing exercise on your application that is hosted on AWS. While testing your Amazon RDS MySQL DB Instance, you notice that your application becomes non-responsive when you reach 100% CPU utilization. Your application is read-heavy. Which methods would help scale your data-tier to meet the application's needs?
Add Amazon RDS DB Read Replicas, and have your application direct read z queries to them Use ElastiCache to cache common queries of your Amazon RDS DB. Shard your data set among multiple Amazon RDS DB Instances
You are working with an educational website that provides online content for professional exams using WordPress. You have recently added Amazon Polly plugins to the website to provide students audio recordings for exam contents. You are getting customer feedback on the speech rate being too fast & continuous. What changes would you make in your content to resolve this?
Add a pause using SSML tag between appropriate words & paragraphs Convert commas in content into the period Add a tag as "Strong" for appropriate words & paragraphs
A company is planning to move its PostgreSQL database to AWS. There is a requirement for the ability to have replicas for the database and automated backup. Additionally, the company wants to maximize performance. Which of the following options would be best for this scenario?
Amazon Aurora
An application needs to have a database hosted in AWS. The database will be hosted on an EC2 Instance. The application's expected performance is 2 IOPS/GiB, with the ability to burst to 2,000 IOPS for extended periods of time. What is the MOST suitable storage type that could be used by the underlying EC2 instance hosting the database
Amazon EBS General Purpose SSD
A company needs to have columnar structured database storage to perform complex analytic queries against petabytes of structured data. Which of the following options would meet this requirement?
Amazon Redshift
A company offers its customers short-lived contests that require users to upload files in hopes of winning prizes. These contests can last up to two weeks, with unknown uploads and the resulting file analysis can last up to three months. The company currently stores four weeks of data in an S3 bucket and now it needs an economic and scalable object storage solution to hold it's customer files. The files will be accessed once and then deleted. What would be the best solution for the company in this scenario?
Amazon S3 Standard Infrequent Access
As a part of your application architecture requirements, the company has requested the ability to run analytics against all the combined log files from the Elastic Load Balancer. Which services would you use together to collect logs and process log file analysis in an AWS environment?
Amazon S3 for storing ELB log files and Amazon EMR for processing the log files analysis
You have a set of IIS Servers running on EC2 Instances. You want to collect and process the log files generated from these IIS Servers. Which service would be ideal to run in this scenario?
Amazon S3 for storing the log files and Amazon EMR for processing z the log files
A company plan to use SQS queues and AWS Lambda to leverage the serverless aspects of the AWS Cloud. Each invocation to AWS Lambda will send a message to an SQS queue. What should be done to achieve this?
An IAM Role must have the required permissions
You are developing a mobile application for your company with DynamoDB as the back end and JavaScript as the front end. During application usage, you notice that there are spikes in the application especially in the DynamoDB write throughput. What would be the most cost-effective and scalable architecture for this application?
Autoscale DynamoDB to meet the requirements.
A company hosts a popular web application that connects to an Amazon RDS MySQL DB instance running in a private VPC subnet created with default ACL settings. The IT Security department has identified a DoS attack from a suspecting IP. How would you protect the subnets from this attack?
Change the Inbound NACL to deny access from z the suspecting IP.
Your company is planning on using the EMR service available in AWS for running their big data framework and wants to minimize the cost for running the EMR service. Which of the following could help achieve this?
Choosing Spot Instances for the underlying nodes
You are architecting an application environment on AWS. It is required to ensure that auditing the environment for compliance is easy and follows strict security compliance requirements. Which service or service feature would you enable to take the advantage of monitoring?
CloudTrail for security logs
A storage solution is required in AWS to store videos uploaded by the user. After accessing these videos frequently for a period of a month, these videos can be deleted. How could this be implemented in the most cost-effective manner?
Configure object expiration on the S3 bucket and the policy will take care of deleting the videos on the completion of 30 days
A website is hosted on two EC2 instances that sit behind an Elastic Load Balancer. The response time of the website has been slowed down dramatically, and customers are placing fewer orders due to the wait time. Troubleshooting showed that one of the EC2 instances has been failed and only one instance is running now. What is the best course of action to prevent this from happening in the future?
Configure the ELB to perform health checks on the EC2 instances and implement z auto-scaling
An application in AWS is currently running in the Singapore region. You have been asked to implement disaster recovery for the same such that if the application goes down in the Singapore region, it has to be started in the Asia region. To implement disaster recovery, you need a disaster recovery strategy. Which of the below options would you consider for that?
Copy the AMI from the Singapore region to the Asia region. Modify the Auto Scaling groups in the backup region to use the new AMI ID in the backup region
You have an EC2 Instance in a particular region. This EC2 Instance has a preconfigured software running on it. You have been requested to create a disaster recovery solution in case the instance in the region fails. Which of the following is the best solution?
Create an AMI of the EC2 Instance and copy it to another region
An application currently allows users to upload files to an S3 bucket. You want to ensure that the file name for each uploaded file is stored in a DynamoDB table. How could this be achieved?
Create an AWS Lambda function to insert the required entry for each uploaded file. Add an event in S3 with notification send to Lambda.
You want to set up an application in AWS, and the followings are the requirements: a) A Web tier hosted on EC2 Instances b) Session data to be written to DynamoDB c) Log files to be written to Microsoft SQL Server How would you ensure that the application writes data to a DynamoDB table?
Create an IAM role that allows write access to the DynamoDB table
You are building a large-scale confidential documentation web server on AWS such that all of its documentation will be stored on S3. One of the requirements is that it should not be publicly accessible from S3 directly, and CloudFront would be needed to accomplish this. Which method would satisfy the outlined requirements?
Create an Origin Access Identity (OAI) for CloudFront and grant access to the objects in your S3 bucket to that OAI.
An EC2 Instance setup in AWS will host an application that will make API calls to the Simple Storage Service. What would be an ideal way for the application to access the Simple Storage Service?
Create and Assign an IAM role to z the EC2 Instance
A company has a Redshift Cluster defined in AWS. The IT Operations team have ensured that both automated and manual snapshots are in place. Since the cluster is going to be run for a long duration of a couple of years, Reserved Instances have been purchased. There has been a recent concern on the cost, being incurred by the cluster. Which step should be carried out to minimize the costs being incurred by the cluster?
Delete the manual snapshots
You work for a big company having multiple applications that are very different from each other. These applications are built using different programming languages. How could you deploy these applications as quickly as possible?
Develop each app in a separate Docker container and deploy using z Elastic Beanstalk
A company has a Redshift cluster for petabyte-scale data warehousing. The data within the cluster is easily reproducible from additional data stored on Amazon S3. The company wants to reduce the overall cost of running this Redshift cluster. Which scenario would best meet the needs of the running cluster while reducing the overall ownership of the cluster?
Disable automated and manual snapshots on the cluster.
You work in the media industry and have created a web application where users will be able to upload photos they create, to your website. This web application must be able to call the S3 API in order to function properly. Where would you store your API credentials while maintaining the maximum level of security?
Don't save your API credentials. Instead, create a role in IAM and assign this role to an EC2 instance when you first create it.
You are the architect for a business intelligence application that reads data from a MySQL database hosted on an EC2 Instance. The application experiences a high number of read and write requests. Which Amazon EBS Volume type can meet the performance requirements of this database?
EBS Provisioned z IOPS SSD
A company is planning to deploy an application in AWS. This application requires an EC2 Instance to continuously perform log processing activities requiring Max 500MiB/s of data throughput. Which of the following is the best storage option for this requirement?
EBS Throughput Optimized
You are working as an AWS Architect for a retail website having an application deployed on EC2 instance. You are using the SQS queue for storing messages between Web server & database servers. Due to heavy load on the website, there are some cases where clients are getting price details before logging to the website. To resolve this issue, you are planning to migrate to the SQS FIFO queue that will preserve the order of messages. You have created a new FIFO queue with message delay time per queue instead of per message, deleting an existing standard queue. What are the prerequisites to have a smooth migration to the SQS FIFO queue? (
Each FIFO queue should have a Message group ID irrespective of multiple ordered message z groups required. For application with identical message bodies, use unique deduplication ID, while for unique message bodies, use content-based deduplication ID.
A company is currently utilising Redshift cluster as their production warehouse. As a cloud architect, you are tasked to ensure that the disaster recovery is in place. Which of the following options is best in addressing this issue?
Enable Cross-Region Snapshots for the Redshift Cluster
You are working for a global financial company. Company locations spread across various countries upload transaction data to S3 bucket in the US-West region. You will be using AWS Glue & Amazon Athena to further analyze this data. You are using Crawler that will scan all data from S3 buckets & populate Glue Data Catalog, to which Amazon Athena will query. A large amount of CSV data is uploaded on a daily basis from all the global locations simultaneously. To decrease scanning time while scanning data in S3 buckets, you need to ensure only changes in datasets are scanned. Which of the following configurations would meet this requirement?
Enable Job Bookmark in AWS Glue
Your IT Supervisor is worried about users, accidentally deleting objects from an S3 bucket. Which of the following can help prevent accidental deletion of objects in an S3 bucket?
Enable MFA Delete on the S3 bucket. Enable Versioning on the S3 bucket. Enable IAM Roles on the S3 bucket
An application currently consists of an EC2 Instance hosting a Web application. The Web application connects to an AWS RDS database. What should be used to ensure that the database layer is highly available?
Enable Multi-AZ for the z AWS RDS database
You are working as an AWS Architect for a global media firm. They have web servers deployed on EC2 instances across multiple regions. For audit purposes, you have created a CloudTrail trail to store all CloudTrail event log files to the S3 bucket. This trail applies to all regions & is stored in S3 buckets at the EU-Central region. During last year's audit, auditors have raised a query on the integrity of log files that are stored in S3 buckets and tendered as Non-Compliance. Which feature could help you to gain compliance from Auditors for this query?
Enable the CloudTrail log file integrity z validation feature
You are working as an AWS Administrator for a software firm that has a popular Web application hosted on EC2 instance in various regions. You are using AWS CloudHSM for offloading SSL/TLS processing from Web servers. Since this is a critical application for the firm, you need to ensure that proper backups are performed for data in AWS CloudHSM on a daily basis. What does the AWS CloudHSM use to perform a secure & durable backup?
Ephemeral backup key (EBK) is used to encrypt data & Persistent backup key (PBK) is used to encrypt EBK before saving data to the Amazon S3 bucket in the same region as that of AWS CloudHSM cluster
You are working for a construction firm that is using Amazon WorkDocs for sharing project planning document with third-party external contract teams. Last week there was an incident where a sensitive document was shared by a user that leaked financial information to external third-party users. Security team revoked access for all users and only nominated users should be allowed to grant access to use WorkDocs or share links with third-party users. How could this be achieved
For external users to use the WorkDocs site, allow permission only to Power users to invite new z externals users. For sending publicly shareable links, grant permission only to Power users to share publicly.
A company is planning to build a 2-tier architecture with a web server and a database server. The architecture will be hosted on EC2 Instances accordingly. The database server will experience a lot of read/write operations whereas the web server will have a standard workload. Which of the following EBS volumes are optimum for the underlying EC2 Instances?
General Purpose SSD z for the web server Provisioned IOPS for the database server
You need to ensure that instances in a private subnet can access the Internet. The solution should be highly available and ensure less maintenance overhead. Which of the following would ideally fit this requirement?
Host the NAT Gateway in z the public subnet
You are working for a start-up firm that developed a new multilingual website for sharing images & video files. You are using EC2 instance to host this web application. To deliver these web content with the lowest latency to end-users, you have configured Amazon CloudFront which forward query strings to origin servers based on selected parameter values & also cache web content based upon these parameter values. During the trial, it was observed that caching is not happening based upon query strings resulting in these requests hitting origin servers. Which of the following need to be checked if CloudFront is caching properly based upon query strings?
Make sure if the delimiter character between query string parameters is a "&" character. Check if Parameters' names & values are in the same case Make sure if the distribution is a Web distribution.
A company currently hosts a lot of data on its On-premises location. It wants to start storing backups of this data on AWS. How could this be achieved in the most efficient way?
Make use of Storage Gateway z Stored volumes
A company has been using AWS cloud services for six months and have just finished a security review. Which of the following is considered a best practice in the security pillar of the well-architected framework?
Monitoring and using alerts using CloudTrail z and CloudWatch
You are working for a global software firm having offices in various continents. The pre-sales team needs to provide a new application demo to a prospective customer. For this, they are looking urgently for a separate temporary connection between 3 regional offices at Sydney, London, and Tokyo & Demo VPC at the us-west-1 region. Also, there should be connectivity between these offices for data synchronization of the new applications. You are planning to set up a VPN connection from these offices to VGW at us-west-1. You have arranged Internet links along with routers at each regional offices and VPN parameter list. What are the other factors required to meet this connectivity solution?
Non-overlapping IP address pool should be configured at each of the regional offices BGP ASN should be unique at these regional offices
You are working for a global financial company. Company locations spread across various countries upload transaction details data to S3 bucket in the US-West region. A large amount of data is uploaded on a daily basis from each of these locations simultaneously. You are using Amazon Athena to query this data & create reports using Amazon QuickSight to create a daily dashboard to the management team. In some cases, while running queries, you are observing Amazon S3 exception errors. Also, in the monthly bills, a high percentage of cost is associated with Amazon Athena. Which of the following could be helpful in eliminating S3 errors while querying data and reducing the cost associated with queries?
Partition data based upon date & location. Create a separate Workgroups based upon user groups
You run an ad-supported photo-sharing website using S3 to serve photos to visitors of your site. At some point, you find out that other sites have been linking to photos on your site, causing loss to your business. What would be an effective method to mitigate this?
Remove public read access and use signed URLs z with expiry dates.
You are working with a global IT firm that has web-application hosted in AWS. This is a two-tier web application with web-servers behind Application load balancers. A new application is developed for which you need to analyze performance at each node. These parameters will be used as a reference before making this application into commercial services & henceforth for any operational challenges. You are using AWS X-Ray for this purpose. Which of the following would help to get traces while ensuring cost is within limits?
Sampling at low rate
You have an EC2 instance hosting a web application. It's expected that in the coming months, the number of users accessing the web application will increase. How would you provide high availability to the web application?
Set up your web app on more EC2 instances and set them behind an Elastic z Load Balancer Use Route53 to route requests to the Elastic Load Balancer
You have been given a business requirement to retain log files for your application for 10 years. You need to regularly retrieve the most recent logs for troubleshooting. Your logging system must be cost-effective, given the large volume of logs. Which technique would you use to meet these requirements?
Store your logs in Amazon S3, and use Lifecycle Policies to archive z to AmazonGlacier
A concern raised in your company is that developers could potentially delete production-based EC2 resources. As a Cloud Admin, what would you do to help alleviate this concern
Tag the production instances with production-identifying tag and add resource-level permissions to the developers with an explicit deny on the terminate API call to instances with the production tag. Create a separate AWS account and move the developers to that account
A company has set up its data layer in the Simple Storage Service. There are a number of requests which include read/write and updates to objects in an S3 bucket. Users sometimes complain that updates to an object are not being reflected. What could be the most likely reason for this?
Updates made to the objects usually take sometime z to reflect
You are working for an electrical appliance company that has web-application hosted in AWS. This is a two-tier web application with web-servers hosted in VPC's & on-premise data-center. You are using a Network Load balancer in the front end to distribute traffic between these servers. You are using instance Id for configuring targets for Network Load Balancer. Some clients are complaining about the delay in accessing this website. To troubleshoot this issue, you are looking for a list of Client IP address having longer TLS handshake time. You have enabled access logging on Network Load balancing with logs saved in Amazon S3 buckets. Which tool could be used to quickly analyze a large amount of log files without any visualization in a cost-effective way?
Use Amazon Athena to query logs saved in Amazon S3 buckets.
Your architecture for an application currently consists of EC2 Instances sitting behind a classic ELB. The EC2 Instances are used to serve an application and are accessible through the internet. What could be done to improve this architecture in the event that the number of users accessing the application increases regularly?
Use Auto Scaling Groups
The management team of your company has asked you to replicate the current set of AWS resources into another region. Which of the following is the cost-optimized option to achieve this?
Use CloudFormation template to spin up resources z in another region
Videos are uploaded to an S3 bucket, and you need to provide access to users to view the same. What is the best way to do so, while maintaining a good user experience for all users regardless of the region in which they are located?
Use CloudFront with the S3 bucket as the source
An application currently writes a large number of records to a DynamoDB table in one region. There is a requirement for a secondary application to retrieve new records written to the DynamoDB table every 2 hours and process the updates accordingly. Which of the following is an ideal way to ensure that the secondary application gets the relevant changes from the DynamoDB table?
Use DynamoDB Streams to monitor the changes in z the DynamoDB table.
Your company is planning on using the API Gateway service to manage APIs for developers and users. There is a need to segregate the access rights for both developers and users. How can this be accomplished?
Use IAM permissions to z control the access
You have an S3 bucket hosted in AWS which is used to store promotional videos you upload. You need to provide access to users for a limited duration of time. How can this be achieved?
Use Pre-signed URLs with z session duration
An organization has a requirement to store worth 10TB of scanned files across multiple availability zones. It plans to have a search application in place to search through the scanned files. Which of the following options is ideal for implementing the search facility?
Use S3 with standard redundancy to store and serve the scanned files. Use CloudSearch for query processing, and use Elastic Beanstalk to host the website across multiple Availability Zones.
You are working as an AWS Architect for an IT firm which is developing a new application for traders in Capital market. There would be multiple trading orders initiated by clients. You have multiple EC2 instance with Auto-Scaling groups to process these trades parallelly. Also, each trade should be stateful & needs to process independently. Which of the following can be used to meet this requirement?
Use SQS FIFO queue with Message Group ID.
An application consists of a web server and a database server, hosted on separate EC2 Instances. There are a lot of read requests on the database that are degrading the performance of the application. What could be helpful in improving the performance of the database under this heavy load?
Use an ElastiCache to improve the performance z of the database
Currently, you have a set of Lambda functions which have business logic embedded in them. You want customers to have the ability to call these functions via HTTPS. How could this be achieved?
Use the API Gateway and provide integration with the AWS z Lambda functions
A company requires an open-source system for automating the deployment, scaling, and management of containerized applications. Which of the following would be ideal for such a requirement?
Use the Amazon Elastic Container Service z for Kubernetes
You have a set of Docker images that you use for building containers. You want to start using the Elastic Container Service and utilize the Docker images. You need a place to store these Docker images. What would you use for this purpose?
Use the ECR Service to store z the Docker images
A company requires to deploy an existing Java-based application to AWS. Which of the following should be used to fulfill this requirement in the quickest way possible?
Use the Elastic Beanstalk service to provision z the environment
You are working with a global Pharma firm, having its Corporate Head office in Washington & regional office in Chicago & Paris. The firm has a two-tier intranet website with web servers deployed in VPC at us-east-1 region & database servers deployed on-premise at Washington office. Corporate Head office has a Direct Connect link to VPC in the us-east-1 region. Washington corporate office is connected to Chicago & Paris via a global service provider WAN links while each of these offices has separate internet links from the local service provider. Recently they are facing link outage issues with WAN links that result in isolation of regional office from the corporate head office. They are looking for a cost-effective backup solution that could be set-up quickly without any additional devices and links. What would be the most suitable connectivity option in this scenario?
Using existing Internet connection at Chicago and Paris, set up a VPN connection with us-east-1 VGW advertising prefixes via BGP. BGP ASN should be unique at these locations. VGW at us-east-1 will re-advertise these prefixes to the Washington office.
Your IT Security department has mandated that all traffic flowing in and out of EC2 instances needs to be monitored. Which of the below services can help achieve this?
VPC Flow Logs
You have been assigned the task of architecting an application in AWS. The architecture would consist of EC2, the Classic Load Balancer, Auto Scaling, and Route 53. You need to ensure that Blue-Green deployments are possible in this architecture. Which routing policy should you ideally use in Route 53 in order to achieve Blue-Green deployments?
Weighted