• Home
  • Articles
  • AWS-Solutions-Architect-Associate Questions Pass on Your First Attempt Dumps for AWS Certified Solutions Architect Certified [Q123-Q143]

AWS-Solutions-Architect-Associate Questions Pass on Your First Attempt Dumps for AWS Certified Solutions Architect Certified [Q123-Q143]

Share

AWS-Solutions-Architect-Associate Questions Pass on Your First Attempt Dumps for AWS Certified Solutions Architect Certified

AWS-Solutions-Architect-Associate Practice Test Pdf Exam Material

NEW QUESTION # 123
While debugging a backend application for an IoT system that supports globally distributed devices, a Solutions Architect notices that stale data is occasionally being sent to user devices. Devices often share data, and stale data does not cause issues in most cases. However, device operations are disrupted when a device reads the stale data after an update.
The global system has multiple identical application stacks deployed in different AWS Regions. If a user device travels out of its home geographic region, it will always connect to the geographically closest AWS Region to write or read data. The same data is available in all supported AWS Regions using an Amazon DynamoDB global table.
What change should be made to avoid causing disruptions in device operations?

  • A. Select one AWS Region as a master and perform all writes in that AWS Region only. Update the backend to use strongly consistent reads.
  • B. Switch the backend data store to Amazon Aurora MySQL with cross-region replicas. Update the backend to always write to the master endpoint.
  • C. Enable strong consistency globally on a DynamoDB global table. Update the backend to use strongly consistent reads.
  • D. Update the backend to use strongly consistent reads. Update the devices to always write to and read from their home AWS Region.

Answer: D


NEW QUESTION # 124
You are architecting an auto-scalable batch processing system using video processing pipelines and Amazon Simple Queue Service (Amazon SQS) for a customer. You are unsure of the limitations of SQS and need to find out. What do you think is a correct statement about the limitations of Amazon SQS?

  • A. It supports an unlimited number of queues but a limited number of messages per queue for each user but automatically deletes messages that have been in the queue for more than 4 days.
  • B. It supports an unlimited number of queues but a limited number of messages per queue for each user but automatically deletes messages that have been in the queue for more than 4 weeks.
  • C. It supports an unlimited number of queues and unlimited number of messages per queue for each user but automatically deletes messages that have been in the queue for more than 4 weeks.
  • D. It supports an unlimited number of queues and unlimited number of messages per queue for each user but automatically deletes messages that have been in the queue for more than 4 days.

Answer: D

Explanation:
Amazon Simple Queue Service (Amazon SQS) is a messaging queue service that handles message or workflows between other components in a system.
Amazon SQS supports an unlimited number of queues and unlimited number of messages per queue for each user. Please be aware that Amazon SQS automatically deletes messages that have been in the queue for more than 4 days.
Reference: http://aws.amazon.com/documentation/sqs/


NEW QUESTION # 125
Which of the following components of AWS Data Pipeline polls for tasks and then performs those tasks?

  • A. Task Runner
  • B. Amazon Elastic MapReduce (EMR)
  • C. Pipeline Definition
  • D. AWS Direct Connect

Answer: A

Explanation:
Task Runner polls for tasks and then performs those tasks.
http://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/what-is-datapipeline.html


NEW QUESTION # 126
Your customer is willing to consolidate their log streams (access logs, application logs, security logs, etc.) in one single system. Once consolidated, the customer wants to analyze these logs in real time based on heuristics. From time to time, the customer needs to validate heuristics, which requires going back to data samples extracted from the last 12 hours.
What is the best approach to meet your customer's requirements?

  • A. Send all the log events to Amazon SQS, setup an Auto Scaling group of EC2 servers to consume the logs and apply the heuristics.
  • B. Setup an Auto Scaling group of EC2 syslogd servers, store the logs on S3, use EMR to apply heuristics on the logs
  • C. Configure Amazon CloudTrail to receive custom logs, use EMR to apply heuristics the logs
  • D. Send all the log events to Amazon Kinesis, develop a client process to apply heuristics on the logs

Answer: D

Explanation:
Explanation
Explanation:
The throughput of an Amazon Kinesis stream is designed to scale without limits via increasing the number of shards within a stream. However, there are certain limits you should keep in mind while using Amazon Kinesis Streams:
By default, Records of a stream are accessible for up to 24 hours from the time they are added to the stream. You can raise this limit to up to 7 days by enabling extended data retention.
The maximum size of a data blob (the data payload before Base64-encoding) within one record is 1 megabyte (MB).
Each shard can support up to 1000 PUT records per second.
For more information about other API level limits, see Amazon Kinesis Streams Limits.


NEW QUESTION # 127
Which of the following are characteristics of a reserved instance? Choose 3 answers

  • A. It is specific to an instance Type
  • B. It can be migrated across Availability Zones
  • C. It can be applied to instances launched by Auto Scaling
  • D. It is specific to an Amazon Machine Image (AMI)
  • E. It can be used to lower Total Cost of Ownership (TCO) of a system

Answer: B,C,E


NEW QUESTION # 128
Amazon S3 allows you to set per-file permissions to grant read and/or write access. However you have decided that you want an entire bucket with 100 files already in it to be accessible to the public. You don't want to go through 100 files individually and set permissions. What would be the best way to do this?

  • A. Use Amazon EBS instead of S3
  • B. Move the bucket to a new region
  • C. Move the files to a new bucket.
  • D. Add a bucket policy to the bucket.

Answer: D

Explanation:
Amazon S3 supports several mechanisms that give you flexibility to control who can access your data as well as how, when, and where they can access it. Amazon S3 provides four different access control mechanisms: AWS Identity and Access Management (IAM) policies, Access Control Lists (ACLs), bucket policies, and query string authentication. IAM enables organizations to create and manage multiple users under a single AWS account. With IAM policies, you can grant IAM users fine-grained control to your Amazon S3 bucket or objects. You can use ACLs to selectively add (grant) certain permissions on individual objects.
Amazon S3 bucket policies can be used to add or deny permissions across some or all of the objects within a single bucket.
With Query string authentication, you have the ability to share Amazon S3 objects through URLs that are valid for a specified period of time.
Reference: http://aws.amazon.com/s3/details/#security


NEW QUESTION # 129
A company plans to use Amazon GuardDuty to detect unexpected and potentially malicious activity. The company wants to use Amazon CloudWatch to ensure that when findings occur, remediation takes place automatically Which CloudWatch feature should be used to trigger an AWS Lambda function to perform the remediation?

  • A. Dashboards
  • B. Events
  • C. Alarms
  • D. Metrics

Answer: B


NEW QUESTION # 130
You need a persistent and durable storage to trace call activity of an IVR (Interactive Voice Response) system. Call duration is mostly in the 2-3 minutes timeframe. Each traced call can be either active or terminated. An external application needs to know each minute the list of currently active calls, which are usually a few calls/second. Put once per month there is a periodic peak up to 1000 calls/second for a few hours The system is open 24/7 and any downtime should be avoided. Historical data is periodically archived to files. Cost saving is a priority for this project.
What database implementation would better fit this scenario, keeping costs as low as possible?

  • A. Use RDS Multi-AZ with a "CALLS" table and an Indexed "STATE* field that can be equal to 'ACTIVE" or -TERMINATED" In this way the SOL query Is optimized by the use of the Index.
  • B. Use DynamoDB with a 'Calls" table and a Global secondary index on a 'State" attribute that can equal to "active" or "terminated" in this way the Global Secondary index can be used for all Items in the table.
  • C. Use RDS Multi-AZ with two tables, one for -Active calls" and one for -Terminated calls". In this way the "Active calls_ table is always small and effective to access.
  • D. Use DynamoDB with a "Calls" table and a Global Secondary Index on a "IsActive'" attribute that is present for active calls only In this way the Global Secondary index is sparse and more effective.

Answer: D


NEW QUESTION # 131
Your team has a tomcat-based Java application you need to deploy into development, test and production environments. After some research, you opt to use Elastic Beanstalk due to its tight integration with your developer tools and RDS due to its ease of management. Your QA team lead points out that you need to roll a sanitized set of production data into your environment on a nightly basis. Similarly, other software teams in your org want access to that same restored data via their EC2 instances in your VPC .The optimal setup for persistence and security that meets the above requirements would be the following.

  • A. Create your RDS instance separately and pass its DNS name to your app's DB connection string as an environment variable. Create a security group for client machines and add it as a valid source for DB traffic to the security group of the RDS instance itself.
  • B. Create your RDS instance separately and add its IP address to your application's DB connection strings in your code Alter its security group to allow access to it from hosts within your VPC's IP address block.
  • C. Create your RDS instance separately and pass its DNS name to your's DB connection string as an environment variable Alter its security group to allow access to It from hosts In your application subnets.
  • D. Create your RDS instance as part of your Elastic Beanstalk definition and alter its security group to allow access to it from hosts in your application subnets.

Answer: D


NEW QUESTION # 132
A company offers a food delivery service that is growing rapidly Because of the growth the company's order processing system is experiencing scaling problems during peak traffic hours. The current architecture includes the following;
* A group of Amazon EC2 instances that run in an Amazon EC2 Auto Scaling group to collect orders from the application
* Another group of EC2 instances that run in an Amazon EC2 Auto Scaling group to fulfill orders The order collection process occurs quickly, but the order fulfillment process can take longer Data must not be lost because of a scaling event A solutions architect must ensure that the order collection process and the order fulfillment process can both scale properly during peak traffic hours The solution must optimize utilization of the company's AWS resources Which solution meets these requirements'?

  • A. Provision two Amazon Simple Queue Service (Amazon SQS) queues one for order collection and another for order fulfillment. Configure the EC2 instances to poll their respective queue. Create a metric based on a backlog per instance calculation Scale the Auto Scaling groups based on this metric.
  • B. Use Amazon CloudWatch metrics to monitor the CPU of each instance in the Auto Scaling groups.
    Configure each Auto Scaling group's minimum capacity according to peak workload values
  • C. Provision two Amazon Simple Queue Service (Amazon SQS) queues one for order collection and another for order fulfillment Configure the EC2 instances to poll their respective queue Scale the Auto Scaling groups based on notifications that the queues send
  • D. Use Amazon CloudWatch metrics to monitor the CPU of each instance in the Auto Scaling groups Configure a CloudWatch alarm to invoke an Amazon Simple Notification Service (Amazon SNS) topic that creates additional Auto Scaling groups on demand

Answer: A


NEW QUESTION # 133
Your company has recently extended its datacenter into a VPC on AVVS to add burst computing capacity as needed Members of your Network Operations Center need to be able to go to the AWS Management Console and administer Amazon EC2 instances as necessary You don't want to create new IAM users for each NOC member and make those users sign in again to the AWS Management Console Which option below will meet the needs for your NOC members?

  • A. Use web Identity Federation to retrieve AWS temporary security credentials to enable your NOC members to sign in to the AWS Management Console.
  • B. Use OAuth 2 0 to retrieve temporary AWS security credentials to enable your NOC members to sign in to the AVVS Management Console.
  • C. Use your on-premises SAML2.0-compliam identity provider (IDP) to retrieve temporary security credentials to enable NOC members to sign in to the AWS Management Console.
  • D. Use your on-premises SAML 2 O-compliant identity provider (IDP) to grant the NOC members federated access to the AWS Management Console via the AWS single sign-on (SSO) endpoint.

Answer: C


NEW QUESTION # 134
What are the Amazon EC2 API tools?

  • A. Command-line tools to the Amazon EC2 web service.
  • B. They don't exist. The Amazon API tools are a client interface to Amazon Web Services.
  • C. They don't exist. The Amazon EC2 AMI tools, instead, are used to manage permissions.
  • D. They are a set of graphical tools to manage EC2 instances.

Answer: A


NEW QUESTION # 135
A company needs to store data in Amazon S3 and must prevent the data from being changed. The company wants new objects that are uploaded to Amazon S3 to remain unchangeable for a nonspecific amount of time until the company decides to modify the objects. Only specific users in the company's AWS account can have the ability to delete the objects. What should a solutions architect do to meet these requirements?

  • A. Create an S3 bucket Use AWS CloudTrail to (rack any S3 API events that modify the objects Upon notification, restore the modified objects from any backup versions that the company has
  • B. Create an S3 Glacier vault Apply a write-once, read-many (WORM) vault lock policy to the objects
  • C. Create an S3 bucket with S3 Object Lock enabled Enable versioning Set a retention period of 100 years Use governance mode as the S3 bucket's default retention mode for new objects
  • D. Create an S3 bucket with S3 Object Lock enabled Enable versioning Add a legal hold to the objects Add the s3 PutObjectLegalHold permission to the 1AM policies of users who need to delete the objects

Answer: D


NEW QUESTION # 136
A company's web application uses an Amazon RDS PostgreSQL DB instance to store its application data During the financial closing period at the start of every month, Accountants run large queries that impact the database's performance due to high usage The company wants to minimize the impact that the reporting activity has on the web application What should a solutions architect do to reduce the impact on the database with the LEAST amount of effort?

  • A. Create a Multi-AZ database and direct reporting traffic to the standby
  • B. Create a read replica and direct reporting traffic to the replica
  • C. Create an Amazon Redshift database and direct reporting traffic to the Amazon Redshift database
  • D. Create a cross-Region read replica and direct reporting traffic to the replica.

Answer: B


NEW QUESTION # 137
A company is using a VPC that is provisioned with a 10.10.1.0/24 CIDR block Because of continued growth IP address space in this block might be depleted soon. A solutions architect must add more IP address capacity to the VPC Which solution will meet these requirements with the LEAST operational overhead?

  • A. Create a new VPC Associate a larger CIDR block
  • B. Add a secondary CIDR block of 10 10 2 0/24 to the VPC
  • C. Resize the existing VPC CIDR block from 10 10 1.0/24 to 10 10.1.0
  • D. Establish VPC peering with a new VPC that has a CIDR block of 10.10 1.0/16

Answer: B


NEW QUESTION # 138
You have been storing massive amounts of data on Amazon Glacier for the past 2 years and now start to wonder if there are any limitations on this. What is the correct answer to your question?

  • A. The total volume of data is limited but the number of archives you can store are unlimited.
  • B. The total volume of data and number of archives you can store are unlimited.
  • C. The total volume of data is limited and the number of archives you can store are limited.
  • D. The total volume of data is unlimited but the number of archives you can store are limited.

Answer: B

Explanation:
An archive is a durably stored block of information. You store your data in Amazon Glacier as archives.
You may upload a single file as an archive, but your costs will be lower if you aggregate your data.
TAR and ZIP are common formats that customers use to aggregate multiple files into a single file before uploading to Amazon Glacier.
The total volume of data and number of archives you can store are unlimited. Individual Amazon Glacier archives can range in size from 1 byte to 40 terabytes.
The largest archive that can be uploaded in a single upload request is 4 gigabytes.
For items larger than 100 megabytes, customers should consider using the Multipart upload capability.
Archives stored in Amazon Glacier are immutable, i.e. archives can be uploaded and deleted but cannot be edited or overwritten.
Reference: https://aws.amazon.com/glacier/faqs/


NEW QUESTION # 139
Which security functions are based on AWS STS? Choose 2 answers

  • A. Using access keys to authenticate IAM users
  • B. Adding conditions to managed policies
  • C. Using IAM roles with Amazon EC2 instances
  • D. Assigning managed policies to IAM groups
  • E. Using Web federated identity to authenticate users

Answer: A,E


NEW QUESTION # 140
A web design company currently runs several FTP servers that their 250 customers use to upload and download large graphic files They wish to move this system to AWS to make it more scalable, but they wish to maintain customer privacy and Keep costs to a minimum.
What AWS architecture would you recommend?

  • A. Create a single S3 bucket with Requester Pays turned on and ask their customers to use an S3 client instead of an FTP client Create a bucket tor each customer with a Bucket Policy that permits access only to that one customer.
  • B. Create an auto-scaling group of FTP servers with a scaling policy to automatically scale-in when minimum network traffic on the auto-scaling group is below a given threshold. Load a central list of ftp users from S3 as part of the user Data startup script on each Instance.
  • C. Create a single S3 bucket with Reduced Redundancy Storage turned on and ask their customers to use an S3 client instead of an FTP client Create a bucket for each customer with a Bucket Policy that permits access only to that one customer.
  • D. ASK their customers to use an S3 client instead of an FTP client. Create a single S3 bucket Create an IAM user for each customer Put the IAM Users in a Group that has an IAM policy that permits access to sub-directories within the bucket via use of the 'username' Policy variable.

Answer: B


NEW QUESTION # 141
What are the two permission types used by AWS?

  • A. User-based and Resource-based
  • B. Resource-based and Product-based
  • C. Service-based
  • D. Product-based and Service-based

Answer: A


NEW QUESTION # 142
When designing an Amazon SOS message-processing solution, messages in the queue must be processed before the maximum retention time has elapsed Which actions will meet this requirement? (Select TWO )

  • A. Increase the SOS queue attribute for the message retention period
  • B. Use Amazon EC2 instances in an Auto Scaling group with scaling triggered based on the queue length
  • C. Use AWS STS to process the messages.
  • D. Use Amazon EBS-optimized Amazon EC2 instances to process the messages.
  • E. Convert the SOS queue to a first-in first-out (FIFO) queue.

Answer: A,B


NEW QUESTION # 143
......

AWS-Solutions-Architect-Associate [May-2023] Newly Released] Exam Questions For You To Pass: https://www.real4dumps.com/AWS-Solutions-Architect-Associate_examcollection.html

AWS-Solutions-Architect-Associate Answers AWS-Solutions-Architect-Associate Free Demo Are Based On The Real Exam: https://drive.google.com/open?id=1G78IwW-bauPnvR_LSET6hoDrbNFrVhu9

Related Articles

more
Amazon AWS-Solutions-Architect-Associate Certification Practice Exam

Real4dumps is a reliable and professional company providing real exam questions and test dumps vce pdf. We have good reputation in IT area with high pass rate guarantee and best service. Our real exam questions and test dumps vce pdf can help you pass your exam successfully.

Latest Exam Questions

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 Real4dumps NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy