Check the Available AWS-Solutions-Associate Exam Dumps with 727 QA's UPDATED 2022 [Q243-Q262]

Check the Available AWS-Solutions-Associate Exam Dumps with 727 QA's UPDATED 2022

Download AWS-Solutions-Associate Exam Dumps Questions to get 100% Success in Amazon 

NEW QUESTION 243
An organization has created 5 IAM users. The organization wants to give them the same login ID but different passwords. How can the organization achieve this?

• A. The organization should create a separate login ID but give the IAM users the same alias so that each one can login with their alias
• B. The organization should create each user in a separate region so that they have their own URL to login
• C. The organization should create various groups and add each user with the same login ID to different groups. The user can login with their own group ID
• D. It is not possible to have the same login ID for multiple IAM users of the same account

Answer: D

Explanation:
Explanation/Reference:
Explanation:
AWS Identity and Access Management is a web service which allows organizations to manage users and user permissions for various AWS services.
Whenever the organization is creating an IAM user, there should be a unique ID for each user. It is not possible to have the same login ID for multiple users. The names of users, groups, roles, instance profiles must be alphanumeric, including the following common characters: plus (+), equal (=), comma (,), period (.), at (@), and dash (-).
http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_SettingUpUser.html

 

NEW QUESTION 244
An Amazon EC2 administrator created the following policy associated with an IAM group containing several users

What is the effect of this policy?

• A. Users can terminate an EC2 instance in any AWS Region except us-east-1.
• B. Users can terminate an EC2 instance in the us-east-1 Region when the user's source IP is
  10.100.100.254.
• C. Users cannot terminate an EC2 instance in the us-east-1 Region when the user's source IP is 10.100 100
  254
• D. Users can terminate an EC2 instance with the IP address 10 100 100 1 in the us-east-1 Region

Answer: A

 

NEW QUESTION 245
A solution architect is designing an application that will encrypt all data in an Amazon Redshift cluster. Which action will encrypt the data at rest?

• A. Place the Redshift KMS Default Cluster in a private subnet
• B. Encrypt the Amazon EBS volumes
• C. Use the AWS KMS Default Customer master key
• D. Encrypt the data using SSL/TLS

Answer: C

Explanation:
Explanation
Reference https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-db-encryption.html

 

NEW QUESTION 246
What are the Amazon EC2 API tools?

• A. They are a set of graphical tools to manage EC2 instances.
• B. They don't exist. The Amazon API tools are a client interface to Amazon Web Services.
• C. Command-line tools to the Amazon EC2 web service.
• D. They don't exist. The Amazon EC2 AMI tools, instead, are used to manage permissions.

Answer: C

 

NEW QUESTION 247
A company's production application runs online transaction processing (OLTP) transactions on an Amazon RDS MySQL DB instance The company is launching a new reporting tool that will access the same data The reporting tool must be highly available and not impact the performance of the production application.
How can this be achieved?

• A. Create a Single-AZ RDS Read Replica of the production RDS DB instance Create a second Single-AZ RDS Read Replica from the replica
• B. Create hourly snapshots of the production RDS DB instance
• C. Create a Multi-AZ RDS Read Replica of the production RDS DB instance
• D. Create multiple RDS Read Replicas of the production RDS DB instance Place the Read Replicas in an Auto Scaling group

Answer: C

Explanation:
Reference:
https://aws.amazon.com/blogs/database/best-storage-practices-for-running-production-workloadson-hosted-datab Amazon RDS Read Replicas Now Support Multi-AZ Deployments Amazon RDS Read Replicas enable you to create one or more read-only copies of your database instance within the same AWS Region or in a different AWS Region. Updates made to the source database are then asynchronously copied to your Read Replicas. In addition to providing scalability for read-heavy workloads, Read Replicas can be promoted to become a standalone database instance when needed.
Amazon RDS Multi-AZ deployments provide enhanced availability for database instances within a single AWS Region. With Multi-AZ, your data is synchronously replicated to a standby in a different Availability Zone (AZ). In the event of an infrastructure failure, Amazon RDS performs an automatic failover to the standby, minimizing disruption to your applications.
You can now use Read Replicas with Multi-AZ as part of a disaster recovery (DR) strategy for your production databases. A well-designed and tested DR plan is critical for maintaining business continuity after a disaster. A Read Replica in a different region than the source database can be used as a standby database and promoted to become the new production database in case of a regional disruption.
https://aws.amazon.com/about-aws/whats-new/2018/01/amazon-rds-re
ad-replicas-now-support-multi-az-deployments/#:~:text=Starting%20today%2C%20Amazon%20RDS%2

 

NEW QUESTION 248
A customer has an application that is hosted in the AWS us-west-2 region with users across the United States.
Users on the East Coast of the United States are complaining that the user interface takes a long time to load time to load but that once loaded, the application generally performs well. The one exception is when loading large common data views, such as account listings and auto- complete queries. Users on the West Coast do not report these issues. The company is concerned about the performance of East Coast users and for an upcoming launch in the European market.
What change can a Solutions Architect make to the architecture to solve the performance problems for users in the eastern United States and the upcoming European market without impacting existing users?

• A. Deploy a set of the proxy servers in the us-east-1 and eu-west-1 regions to serve stake content
• B. Move the static assets to Amazon S3 and place the S3 bucket behind an Amazon CloudFront distribution
• C. Place the application servers behind an Amazon CloudFront distribution
• D. Move the application servers and data to the us-east-1 region to decrease latency to the East Coast and European users

Answer: B

 

NEW QUESTION 249
Changes to the backup window take effect ______.

• A. after 24 hours
• B. from the next billing cycle
• C. immediately
• D. after 30 minutes

Answer: C

 

NEW QUESTION 250
A company uses Amazon S3 to store its confidential audit documents. The S3 bucket uses bucket policies to restrict access to audit team 1AM user credentials according to the principle of least privilege. Company managers are worried about accidental deletion of documents in the S3 bucket and want a more secure solution.
What should a solutions architect do to secure the audit documents?

• A. Enable the versioning and MFA Delete features on the S3 bucket
• B. Use AWS Key Management Service (AWS KMS> to encrypt the S3 bucket and restrict audit team 1AM user accounts from accessing the KMS key.
• C. Add an S3 Lifecycle policy to the audit team's 1AM user accounts to deny the s3:DeleteOb|ect action during audit dates.
• D. Enable multi-factor authentication (MFA) on the 1AM user credentials for each audit team 1AM user account.

Answer: A

 

NEW QUESTION 251
Does Amazon RDS API provide actions to modify DB instances inside a VPC and associate them with DB Security Groups?

• A. Yes, Amazon does this but only for MySQL RDS.
• B. Yes, Amazon does this but only for Oracle RDS.
• C. Yes
• D. No

Answer: C

Explanation:
You can use the action Modify DB Instance, available in the Amazon RDS API, to pass values for the parameters DB Instance Identifier and DB Security Groups specifying the instance ID and the DB Security Groups you want your instance to be part of.
Reference: http://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_ModifyDBInstance.html

 

NEW QUESTION 252
True or False: Automated backups are enabled by default for a new DB Instance.

• A. FALSE
• B. TRUE

Answer: B

 

NEW QUESTION 253
A company has an existing on-premises three-tier web application. The Linux web servers serve content from a centralized file share on a NAS server because the content is refreshed several times a day from various sources. The existing infrastructure is not optimized and the company would like to move to AWS in order to gain the ability to scale resources up and down in response to load. On-premises and AWS resources are connected using AWS Direct Connect.
How can the company migrate the web infrastructure to AWS without delaying the content refresh process?

• A. Create an on-premises file gateway using AWS Storage Gateway to replace the NAS server and replicate content to AWS. On the AWS side, mount the same Storage Gateway bucket to each web server Amazon EC2 instance to serve the content.
• B. Expose an Amazon EFS share to on-premises users to serve as the NAS serve. Mount the same EFS share to the web server Amazon EC2 instances to serve the content.
• C. Create a cluster of web server Amazon EC2 instances behind a Classic Load Balancer on AWS. Share an Amazon EBS volume among all instances for the content. Schedule a periodic synchronization of this volume and the NAS server.
• D. Create web server Amazon EC2 instances on AWS in an Auto Scaling group. Configure a nightly process where the web server instances are updated from the NAS server.

Answer: C

 

NEW QUESTION 254
A client application requires operating system privileges on a relational database server. What is an appropriate configuration for highly available database architecture?

• A. A standalone Amazon EC2 instance
• B. Amazon EC2 instances in a replication configuration utilizing two different Availability Zones
• C. Amzon EC2 instances in a replication configuration utilizing a single Availability Zone
• D. Amazon RDS in a multi-AZ configuration

Answer: B

 

NEW QUESTION 255
You have been asked to design a fault-tolerant and scalable web application across three Availability Zones.
The presentation logic will reside on web server's behinds an ELB Classic Load Balance, and the application logic will reside on a set of app servers behind a second load balancer.
How should you use Auto Scaling groups?

• A. Deploy six Auto Scaling groups: a web server group in each Availability Zone and an app server group in each Availability Zone
• B. Deploy two Auto Scaling groups: one for the web servers in all Availability Zones and one for the app servers in all Availability Zones
• C. Deploy three Auto Scaling groups: one for each Availability Zone that includes both web and app servers
• D. Deploy one Auto Scaling group that includes all the web and app servers across all Availability Zones

Answer: B

 

NEW QUESTION 256
An organization is setting up a highly scalable application using Elastic Beanstalk. The organization is using ELB and RDS with VPC. The organization has public and private subnets within the cloud.
Which of the below mentioned configurations will not work in this scenario?

• A. The configuration must have public and private subnets in the same AZ.
• B. The configuration must have two private subnets in separate AZs.
• C. The EC2 instance should have a public IP assigned to it.
• D. To setup RDS in a private subnet and ELB in a public subnet.

Answer: C

Explanation:
The Amazon Virtual Private Cloud (Amazon VPC) allows the user to define a virtual networking environment in a private, isolated section of the Amazon Web Services (AWS) cloud. The user has complete control over the virtual networking environment. If the organization is planning to implement a scalable secure application using RDS, VPC and ELB the organization should follow below mentioned configurations:
Setup RDS in a private subnet Setup ELB in a public subnet
Since RDS needs a subnet group, the organization should have two private subnets in the same zone The ELB needs private and public subnet to be part of same AZs It is not required that instances should have a public IP assigned to them. The instances can be a part of a private subnet and the organization can setup a corresponding routing mechanism.
Reference:
http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/vpc-rds.html

 

NEW QUESTION 257
You have recently joined a startup company building sensors to measure street noise and air quality in urban areas. The company has been running a pilot deployment of around 100 sensors for 3 months each sensor uploads 1KB of sensor data every minute to a backend hosted on AWS.
During the pilot, you measured a peak or 10 lOPS on the database, and you stored an average of 3GB of sensor data per month in the database.
The current deployment consists of a load-balanced auto scaled Ingestion layer using EC2 instances and a PostgreSQL RDS database with 500GB standard storage.
The pilot is considered a success and your CEO has managed to get the attention or some potential investors. The business plan requires a deployment of at least lOOK sensors which needs to be supported by the backend. You also need to store sensor data for at least two years to be able to compare year over year Improvements.
To secure funding, you have to make sure that the platform meets these requirements and leaves room for further scaling. Which setup win meet the requirements?

• A. Replace the RDS instance with a 6 node Redshift cluster with 96TB of storage
• B. Ingest data into a DynamoDB table and move old data to a Redshift cluster
• C. Add an SQS queue to the ingestion layer to buffer writes to the RDS instance
• D. Keep the current architecture but upgrade RDS storage to 3TB and lOK provisioned lOPS

Answer: A

 

NEW QUESTION 258
A retail company is running an application that stores invoice files in an Amazon S3 bucket and metadata about the files in an Amazon DynamoDB table. The application software runs in both us-east-1 and eu-west-1. The S3 bucket and DynamoDB table are in us-east-1. The company wants to protect itself from data corruption and loss of connectivity to either Region.
Which option meets these requirements?

• A. Create a DynamoDB global table to replicate data between us-east-1 and eu-west-1. Enable versioning on the S3 bucket. Implement strict ACLs on the S3 bucket.
• B. Create a DynamoDB global table to replicate data between us-east-1 and eu-west-1. Enable continuous backup on the DynamoDB table in us-east-1. Enable versioning on the S3 bucket.
• C. Create an AWS Lambda function triggered by Amazon CloudWatch Events to make regular backups of the DynamoDB table. Set up S3 cross-region replication from us-east-1 to eu-west-1. Set up MFA delete on the S3 bucket in us-east-1.
• D. Create a DynamoDB global table to replicate data between us-east-1 and eu-west-1. Enable continuous backup on the DynamoDB table in us-east-1. Set up S3 cross-region replication from us-east-1 to eu-west-
  1.

Answer: D

 

NEW QUESTION 259
Using Amazon IAM, can I give permission based on organizational groups?

• A. Yes but only in certain cases
• B. Yes always
• C. No

Answer: B

 

NEW QUESTION 260
An organization is setting up RDS for their applications. The organization wants to secure RDS access with VPC.
Which of the following options is not required while designing the RDS with VPC?

• A. The organization should keep minimum of one IP address in each subnet reserved for RDS failover.
• B. If the organization is connecting RDS from the internet it must enable the VPC attributes DNS hostnames and DNS resolution.
• C. The organization must create a subnet group with public and private subnets. Both the subnets can be in the same or separate AZ.
• D. The organization must create a subnet group with VPC using more than one subnet which are a part of separate AZs.

Answer: C

Explanation:
A Virtual Private Cloud (VPC) is a virtual network dedicated to the user's AWS account. It enables the user to launch AWS resources, such as RDS into a virtual network that the user has defined. Subnets are segments of a VPC's IP address range that the user can designate to a group of VPC resources based on security and operational needs. A DB subnet group is a collection of subnets (generally private) that the user can create in a VPC and assign to the RDS DB instances. A DB subnet group allows the user to specify a particular VPC when creating the DB instances.
Each DB subnet group should have subnets in at least two Availability Zones in a given region. If the RDS instance is required to be accessible from the internet the organization must enable the VPC attributes, DNS hostnames and DNS resolution. For each RDS DB instance that the user runs in a VPC, he should reserve at least one address in each subnet in the DB subnet group for use by Amazon RDS for recovery actions.
http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html

 

NEW QUESTION 261
If I write the below command, what does it do?
ec2-run ami-e3a5408a -n 20 -g appserver

• A. Creates 20 rules in the security group named appserver
• B. Start twenty instances as members of appserver group.
• C. Start 20 security groups
• D. Terminate twenty instances as members of appserver group.

Answer: B

 

NEW QUESTION 262
......

Best Value Available! 2022 Realistic Verified Free AWS-Solutions-Associate Exam Questions: https://prep4sure.real4dumps.com/AWS-Solutions-Associate-prep4sure-exam.html