DownloadlatestAWSSAA-C03examdumpstohelpyoupassyourexameasily
Exam:SAA-C03
Title:
AWSCertifiedSolutions
Architect-Associate
https://www.passcert.com/SAA-C03.html
DownloadlatestAWSSAA-C03examdumpstohelpyoupassyourexameasily
1.Acompanycollectstemperature,humidity,andatmosphericpressuredataincitiesacrossmultiple continentsTheaveragevolumeofdatacollectedpersiteeachdayis500GBEachsitehasa high-speedinternetconnection.Thecompany'sweatherforecastingapplicationsarebasedinasingle Regionandanalyzethedatadaily
WhatistheFASTESTwaytoaggregatedatafromalloftheseglobalsites?
AEnableAmazonS3TransferAccelerationonthedestinationbucketUsemultipartuploadstodirectly uploadsitedatatothedestinationbucket
BUploadsitedatatoanAmazonS3bucketintheclosestAWSRegionUseS3cross-Regionreplication tocopyobjectstothedestinationbucket
CScheduleAWSSnowballjobsdailytotransferdatatotheclosestAWSRegionUseS3cross-Region replicationtocopyobjectstothedestinationbucket
D.UploadthedatatoanAmazonEC2instanceintheclosestRegion.StorethedatainanAmazonElastic BlockStore(AmazonEBS)volumeOnceadaytakeanEBSsnapshotandcopyittothecentralized Region.RestoretheEBSvolumeinthecentralizedRegionandrunananalysisonthedatadaily.
Answer:A
Explanation:
YoumightwanttouseTransferAccelerationonabucketforvariousreasons,includingthefollowing: Youhavecustomersthatuploadtoacentralizedbucketfromallovertheworld.
Youtransfergigabytestoterabytesofdataonaregularbasisacrosscontinents
YouareunabletoutilizeallofyouravailablebandwidthovertheInternetwhenuploadingtoAmazonS3 https://docsawsamazoncom/AmazonS3/latest/dev/transfer-accelerationhtml
https://awsamazoncom/s3/transfer-acceleration/#:~:text=S3%20Transfer%20Acceleration%20(S3TA)% 20reduces,to%20S3%20for%20remote%20applications:
"AmazonS3TransferAccelerationcanspeedupcontenttransferstoandfromAmazonS3byasmuchas 50-500%forlong-distancetransferoflargerobjectsCustomerswhohaveeitherwebormobile applicationswithwidespreadusersorapplicationshostedfarawayfromtheirS3bucketcanexperience longandvariableuploadanddownloadspeedsovertheInternet"
https://docsawsamazoncom/AmazonS3/latest/userguide/mpuoverviewhtml
"Improvedthroughput-Youcanuploadpartsinparalleltoimprovethroughput."
2.Acompanyneedstheabilitytoanalyzethelogfilesofitsproprietaryapplication.Thelogsarestoredin JSONformatinanAmazonS3bucketQuerieswillbesimpleandwillrunon-demandAsolutionsarchitect needstoperformtheanalysiswithminimalchangestotheexistingarchitecture
WhatshouldthesolutionsarchitectdotomeettheserequirementswiththeLEASTamountofoperational overhead?
AUseAmazonRedshifttoloadallthecontentintooneplaceandruntheSQLqueriesasneeded
BUseAmazonCloudWatchLogstostorethelogsRunSQLqueriesasneededfromtheAmazon CloudWatchconsole
CUseAmazonAthenadirectlywithAmazonS3torunthequeriesasneeded
DUseAWSGluetocatalogthelogsUseatransientApacheSparkclusteronAmazonEMRtorunthe SQLqueriesasneeded
Answer:C
Explanation: AmazonAthenacanbeusedtoqueryJSONinS3
3AcompanyusesAWSOrganizationstomanagemultipleAWSaccountsfordifferentdepartmentsThe managementaccounthasanAmazonS3bucketthatcontainsprojectreports.Thecompanywantstolimit accesstothisS3buckettoonlyusersofaccountswithintheorganizationinAWSOrganizations WhichsolutionmeetstheserequirementswiththeLEASTamountofoperationaloverhead?
AAddtheaws:PrincipalOrgIDglobalconditionkeywithareferencetotheorganizationIDtotheS3 bucketpolicy
BCreateanorganizationalunit(OU)foreachdepartmentAddtheaws:PrincipalOrgPathsglobal conditionkeytotheS3bucketpolicy
CUseAWSCloudTrailtomonitortheCreateAccount,InviteAccountToOrganization,LeaveOrganization, andRemoveAccountFromOrganizationeventsUpdatetheS3bucketpolicyaccordingly
D.TageachuserthatneedsaccesstotheS3bucket.Addtheaws:PrincipalTagglobalconditionkeyto theS3bucketpolicy
Answer:A
Explanation:
https://aws.amazon.com/blogs/security/control-access-to-aws-resources-by-using-the-aws-organizationof-iam-principals/
Theaws:PrincipalOrgIDglobalkeyprovidesanalternativetolistingalltheaccountIDsforallAWS accountsinanorganizationForexample,thefollowingAmazonS3bucketpolicyallowsmembersofany accountintheXXXorganizationtoaddanobjectintotheexamtopicsbucket
{"Version":"2020-09-10",
"Statement":{
"Sid":"AllowPutObject",
"Effect":"Allow",
"Principal":"*",
"Action":"s3:PutObject",
"Resource":"arn:aws:s3:::examtopics/*",
"Condition":{"StringEquals":
{"aws:PrincipalOrgID":["XXX"]}}}}
https://docsawsamazoncom/IAM/latest/UserGuide/referencepoliciescondition-keyshtml
4AnapplicationrunsonanAmazonEC2instanceinaVPCTheapplicationprocesseslogsthatare storedinanAmazonS3bucket.TheEC2instanceneedstoaccesstheS3bucketwithoutconnectivityto theinternet
WhichsolutionwillprovideprivatenetworkconnectivitytoAmazonS3?
ACreateagatewayVPCendpointtotheS3bucket
BStreamthelogstoAmazonCloudWatchLogsExportthelogstotheS3bucket
CCreateaninstanceprofileonAmazonEC2toallowS3access
DCreateanAmazonAPIGatewayAPIwithaprivatelinktoaccesstheS3endpoint
Answer:A
5AcompanyishostingawebapplicationonAWSusingasingleAmazonEC2instancethatstores user-uploadeddocumentsinanAmazonEBSvolumeForbetterscalabilityandavailability,thecompany duplicatedthearchitectureandcreatedasecondEC2instanceandEBSvolumeinanotherAvailability
DownloadlatestAWSSAA-C03examdumpstohelpyoupassyourexameasily
ZoneplacingbothbehindanApplicationLoadBalancerAftercompletingthischange,usersreportedthat, eachtimetheyrefreshedthewebsite,theycouldseeonesubsetoftheirdocumentsortheother,but neverallofthedocumentsatthesametime.
Whatshouldasolutionsarchitectproposetoensureusersseealloftheirdocumentsatonce?
ACopythedatasobothEBSvolumescontainallthedocuments
BConfiguretheApplicationLoadBalancertodirectausertotheserverwiththedocuments
CCopythedatafrombothEBSvolumestoAmazonEFSModifytheapplicationtosavenewdocuments toAmazonEFS
DConfiguretheApplicationLoadBalancertosendtherequesttobothserversReturneachdocument fromthecorrectserver
Answer:C
Explanation:
AmazonEFSprovidesfilestorageintheAWSCloudWithAmazonEFS,youcancreateafilesystem, mountthefilesystemonanAmazonEC2instance,andthenreadandwritedatatoandfromyourfile systemYoucanmountanAmazonEFSfilesysteminyourVPC,throughtheNetworkFileSystem versions4.0and4.1(NFSv4)protocol.WerecommendusingacurrentgenerationLinuxNFSv4.1client, suchasthosefoundinthelatestAmazonLinux,Redhat,andUbuntuAMIs,inconjunctionwiththe AmazonEFSMountHelper.Forinstructions,seeUsingtheamazon-efs-utilsTools.
ForalistofAmazonEC2LinuxAmazonMachineImages(AMIs)thatsupportthisprotocol,seeNFS SupportForsomeAMIs,you'llneedtoinstallanNFSclienttomountyourfilesystemonyourAmazon EC2instanceForinstructions,seeInstallingtheNFSClient
YoucanaccessyourAmazonEFSfilesystemconcurrentlyfrommultipleNFSclients,soapplicationsthat scalebeyondasingleconnectioncanaccessafilesystemAmazonEC2instancesrunninginmultiple AvailabilityZoneswithinthesameAWSRegioncanaccessthefilesystem,sothatmanyuserscan accessandshareacommondatasource
6AcompanyusesNFStostorelargevideofilesinon-premisesnetworkattachedstorageEachvideofile rangesinsizefrom1MBto500GBThetotalstorageis70TBandisnolongergrowingThecompany decidestomigratethevideofilestoAmazonS3.Thecompanymustmigratethevideofilesassoonas possiblewhileusingtheleastpossiblenetworkbandwidth Whichsolutionwillmeettheserequirements?
ACreateanS3bucketCreatean1AMrolethathaspermissionstowritetotheS3bucketUsetheAWS CLItocopyallfileslocallytotheS3bucket.
BCreateanAWSSnowballEdgejobReceiveaSnowballEdgedeviceonpremisesUsetheSnowball Edgeclienttotransferdatatothedevice.ReturnthedevicesothatAWScanimportthedataintoAmazon S3
CDeployanS3FileGatewayonpremisesCreateapublicserviceendpointtoconnecttotheS3File GatewayCreateanS3bucketCreateanewNFSfileshareontheS3FileGatewayPointthenewfile sharetotheS3bucketTransferthedatafromtheexistingNFSfilesharetotheS3FileGateway DSetupanAWSDirectConnectconnectionbetweentheon-premisesnetworkandAWSDeployanS3 FileGatewayonpremisesCreateapublicvirtualinterlace(VIF)toconnecttotheS3FileGateway
CreateanS3bucketCreateanewNFSfileshareontheS3FileGatewayPointthenewfilesharetothe S3bucketTransferthedatafromtheexistingNFSfilesharetotheS3FileGateway
Answer:C
DownloadlatestAWSSAA-C03examdumpstohelpyoupassyourexameasily
7AcompanyhasanapplicationthatingestsincomingmessagesThesemessagesarethenquickly consumedbydozensofotherapplicationsandmicroservices.
Thenumberofmessagesvariesdrasticallyandsometimesspikesashighas100,000eachsecond Thecompanywantstodecouplethesolutionandincreasescalability
Whichsolutionmeetstheserequirements?
APersistthemessagestoAmazonKinesisDataAnalyticsAlltheapplicationswillreadandprocessthe messages
BDeploytheapplicationonAmazonEC2instancesinanAutoScalinggroup,whichscalesthenumberof EC2instancesbasedonCPUmetrics
CWritethemessagestoAmazonKinesisDataStreamswithasingleshardAllapplicationswillread fromthestreamandprocessthemessages.
DPublishthemessagestoanAmazonSimpleNotificationService(AmazonSNS)topicwithoneormore AmazonSimpleQueueService(AmazonSQS)subscriptions.Allapplicationsthenprocessthemessages fromthequeues
Answer:D
Explanation: https://aws.amazon.com/sqs/features/
8AcompanyismigratingadistributedapplicationtoAWSTheapplicationservesvariableworkloads
Thelegacyplatformconsistsofaprimaryservertrialcoordinatesjobsacrossmultiplecomputenodes
Thecompanywantstomodernizetheapplicationwithasolutionthatmaximizesresiliencyandscalability Howshouldasolutionsarchitectdesignthearchitecturetomeettheserequirements?
AConfigureanAmazonSimpleQueueService(AmazonSQS)queueasadestinationforthejobs
ImplementthecomputenodeswithAmazonEC2instancesthataremanagedinanAutoScalinggroup
ConfigureEC2AutoScalingtousescheduledscaling
BConfigureanAmazonSimpleQueueService(AmazonSQS)queueasadestinationforthejobs
ImplementthecomputenodeswithAmazonEC2InstancesthataremanagedinanAutoScalinggroup
ConfigureEC2AutoScalingbasedonthesizeofthequeue
CImplementtheprimaryserverandthecomputenodeswithAmazonEC2instancesthataremanaged InanAutoScalinggroup.ConfigureAWSCloudTrailasadestinationforthefobsConfigureEC2Auto Scalingbasedontheloadontheprimaryserver
D.implementtheprimaryserverandthecomputenodeswithAmazonEC2instancesthataremanagedin anAutoScalinggroupConfigureAmazonEventBridge(AmazonCloudWatchEvents)asadestinationfor thejobsConfigureEC2AutoScalingbasedontheloadonthecomputenodes
Answer:B
9AcompanyisrunninganSMBfileserverinitsdatacenterThefileserverstoreslargefilesthatare accessedfrequentlyforthefirstfewdaysafterthefilesarecreatedAfter7daysthefilesarerarely accessed
Thetotaldatasizeisincreasingandisclosetothecompany'stotalstoragecapacityAsolutionsarchitect mustincreasethecompany'savailablestoragespacewithoutlosinglow-latencyaccesstothemost recentlyaccessedfilesThesolutionsarchitectmustalsoprovidefilelifecyclemanagementtoavoid futurestorageissues
DownloadlatestAWSSAA-C03examdumpstohelpyoupassyourexameasily
Whichsolutionwillmeettheserequirements?
AUseAWSDataSynctocopydatathatisolderthan7daysfromtheSMBfileservertoAWS
B.CreateanAmazonS3FileGatewaytoextendthecompany'sstoragespace.CreateanS3Lifecycle policytotransitionthedatatoS3GlacierDeepArchiveafter7days
CCreateanAmazonFSxforWindowsFileServerfilesystemtoextendthecompany'sstoragespace DInstallautilityoneachuser'scomputertoaccessAmazonS3CreateanS3Lifecyclepolicyto transitionthedatatoS3GlacierFlexibleRetrievalafter7days
Answer:D
10AcompanyisbuildinganecommercewebapplicationonAWSTheapplicationsendsinformation aboutneworderstoanAmazonAPIGatewayRESTAPItoprocessThecompanywantstoensurethat ordersareprocessedintheorderthattheyarereceived. Whichsolutionwillmeettheserequirements?
A.UseanAPIGatewayintegrationtopublishamessagetoanAmazonSimpleNotificationService (AmazonSNS)topicwhentheapplicationreceivesanorderSubscribeanAWSLambdafunctiontothe topictoperformprocessing.
BUseanAPIGatewayintegrationtosendamessagetoanAmazonSimpleQueueService(Amazon SQS)FIFOqueuewhentheapplicationreceivesanorder.ConfiguretheSQSFIFOqueuetoinvokean AWSLambdafunctionforprocessing
CUseanAPIGatewayauthorizertoblockanyrequestswhiletheapplicationprocessesanorder DUseanAPIGatewayintegrationtosendamessagetoanAmazonSimpleQueueService(Amazon SQS)standardqueuewhentheapplicationreceivesanorderConfiguretheSQSstandardqueueto invokeanAWSLambdafunctionforprocessing
Answer:A
11AcompanyhasanapplicationthatrunsonAmazonEC2instancesandusesanAmazonAurora databaseTheEC2instancesconnecttothedatabasebyusingusernamesandpasswordsthatare storedlocallyinafileThecompanywantstominimizetheoperationaloverheadofcredential management.
Whatshouldasolutionsarchitectdotoaccomplishthisgoal?
A.UseAWSSecretsManager.Turnonautomaticrotation.
BUseAWSSystemsManagerParameterStoreTurnonautomaticrotation
C.CreateanAmazonS3bucketlostoreobjectsthatareencryptedwithanAWSKey CManagementService(AWSKMS)encryptionkeyMigratethecredentialfiletotheS3bucketPointthe applicationtotheS3bucket.
DCreateanencryptedAmazonElasticBlockStore(AmazonEBS)volume(oreachEC2instance AttachthenewEBSvolumetoeachEC2instanceMigratethecredentialfiletothenewEBSvolume PointtheapplicationtothenewEBSvolume
Answer:B
12AglobalcompanyhostsitswebapplicationonAmazonEC2instancesbehindanApplicationLoad Balancer(ALB)ThewebapplicationhasstaticdataanddynamicdataThecompanystoresitsstaticdata inanAmazonS3bucketThecompanywantstoimproveperformanceandreducelatencyforthestatic dataanddynamicdataThecompanyisusingitsowndomainnameregisteredwithAmazonRoute53
DownloadlatestAWSSAA-C03examdumpstohelpyoupassyourexameasily
Whatshouldasolutionsarchitectdotomeettheserequirements?
ACreateanAmazonCloudFrontdistributionthathastheS3bucketandtheALBasoriginsConfigure Route53toroutetraffictotheCloudFrontdistribution.
BCreateanAmazonCloudFrontdistributionthathastheALBasanoriginCreateanAWSGlobal AcceleratorstandardacceleratorthathastheS3bucketasanendpointConfigureRoute53toroute traffictotheCloudFrontdistribution
CCreateanAmazonCloudFrontdistributionthathastheS3bucketasanoriginCreateanAWSGlobal AcceleratorstandardacceleratorthathastheALBandtheCloudFrontdistributionasendpointsCreatea customdomainnamethatpointstotheacceleratorDNSnameUsethecustomdomainnameasan endpointforthewebapplication
DCreateanAmazonCloudFrontdistributionthathastheALBasanorigin
C.CreateanAWSGlobalAcceleratorstandardacceleratorthathastheS3bucketasanendpointCreate twodomainnamesPointonedomainnametotheCloudFrontDNSnamefordynamiccontent,Pointthe otherdomainnametotheacceleratorDNSnameforstaticcontentUsethedomainnamesasendpoints forthewebapplication
Answer:A
Explanation:
https://stackoverflow.com/questions/52704816/how-to-properly-disable-cloudfront-caching-for-api-reques ts
13AcompanyperformsmonthlymaintenanceonitsAWSinfrastructureDuringthesemaintenance activities,thecompanyneedstorotatethecredentialstoritsAmazonROStorMySQLdatabasesacross multipleAWSRegions
WhichsolutionwillmeettheserequirementswiththeLEASToperationaloverhead?
AStorethecredentialsassecretsinAWSSecretsManagerUsemulti-Regionsecretreplicationforthe requiredRegionsConfigureSecretsManagertorotatethesecretsonaschedule
BStorethecredentialsassecretsinAWSSystemsManagerbycreatingasecurestringparameterUse multi-RegionsecretreplicationfortherequiredRegionsConfigureSystemsManagertorotatethesecrets onaschedule
CStorethecredentialsinanAmazonS3bucketthathasserver-sideencryption(SSE)enabledUse AmazonEventBridge(AmazonCloudWatchEvents)toinvokeanAWSLambdafunctiontorotatethe credentials
D.EncryptthecredentialsassecretsbyusingAWSKeyManagementService(AWSKMS)multi-Region customermanagedkeysStorethesecretsinanAmazonDynamoDBglobaltableUseanAWSLambda functiontoretrievethesecretsfromDynamoDBUsetheRDSAPItorotatethesecrets.
Answer:D
14AcompanyrunsanecommerceapplicationonAmazonEC2instancesbehindanApplicationLoad BalancerTheinstancesruninanAmazonEC2AutoScalinggroupacrossmultipleAvailabilityZonesThe AutoScalinggroupscalesbasedonCPUutilizationmetricsTheecommerceapplicationstoresthe transactiondatainaMySQL80databasethatishostedonalargeEC2instance
Thedatabase'sperformancedegradesquicklyasapplicationloadincreasesTheapplicationhandles morereadrequeststhanwritetransactionsThecompanywantsasolutionthatwillautomaticallyscale thedatabasetomeetthedemandofunpredictablereadworkloadswhilemaintaininghighavailability
DownloadlatestAWSSAA-C03examdumpstohelpyoupassyourexameasily
Whichsolutionwillmeettheserequirements?
AUseAmazonRedshiftwithasinglenodeforleaderandcomputefunctionality
B.UseAmazonRDSwithaSingle-AZdeploymentConfigureAmazonRDStoaddreaderinstancesina differentAvailabilityZone
CUseAmazonAurorawithaMulti-AZdeploymentConfigureAuroraAutoScalingwithAuroraReplicas
DUseAmazonElastiCacheforMemcachedwithEC2SpotInstances
Answer:C
15AcompanyrecentlymigratedtoAWSandwantstoimplementasolutiontoprotectthetrafficthatflows inandoutoftheproductionVPCThecompanyhadaninspectionserverinitson-premisesdatacenter TheinspectionserverperformedspecificoperationssuchastrafficflowinspectionandtrafficfilteringThe companywantstohavethesamefunctionalitiesintheAWSCloud.
Whichsolutionwillmeettheserequirements?
A.UseAmazonGuardDutyfortrafficinspectionandtrafficfilteringintheproductionVPC
BUseTrafficMirroringtomirrortrafficfromtheproductionVPCfortrafficinspectionandfiltering
C.UseAWSNetworkFirewalltocreatetherequiredrulesfortrafficinspectionandtrafficfilteringforthe productionVPC
D.UseAWSFirewallManagertocreatetherequiredrulesfortrafficinspectionandtrafficfilteringforthe productionVPC
Answer:C
16AcompanyhostsadatalakeonAWSThedatalakeconsistsofdatainAmazonS3andAmazonRDS forPostgreSQLThecompanyneedsareportingsolutionthatprovidesdatavisualizationandincludesall thedatasourceswithinthedatalakeOnlythecompany'smanagementteamshouldhavefullaccessto allthevisualizationsTherestofthecompanyshouldhaveonlylimitedaccess
Whichsolutionwillmeettheserequirements?
ACreateananalysisinAmazonQuickSightConnectallthedatasourcesandcreatenewdatasets
PublishdashboardstovisualizethedataSharethedashboardswiththeappropriateIAMroles
B.CreateananalysisinAmazonOuickSighl.Connectallthedatasourcesandcreatenewdatasets. PublishdashboardstovisualizethedataSharethedashboardswiththeappropriateusersandgroups
C.CreateanAWSGluetableandcrawlerforthedatainAmazonS3.CreateanAWSGlueextract, transform,andload(ETL)jobtoproducereportsPublishthereportstoAmazonS3UseS3bucket policiestolimitaccesstothereports.
DCreateanAWSGluetableandcrawlerforthedatainAmazonS3UseAmazonAthenaFederated QuerytoaccessdatawithinAmazonRDSforPoslgreSQL.GeneratereportsbyusingAmazonAthena. PublishthereportstoAmazonS3UseS3bucketpoliciestolimitaccesstothereports
Answer:D
17AcompanyisimplementinganewbusinessapplicationTheapplicationrunsontwoAmazonEC2 instancesandusesanAmazonS3bucketfordocumentstorageAsolutionsarchitectneedstoensure thattheEC2instancescanaccesstheS3bucket
Whatshouldthesolutionsarchitectdotomeetthisrequirement?
ACreatean1AMrolethatgrantsaccesstotheS3bucketAttachtheroletotheEC2instances BCreatean1AMpolicythatgrantsaccesstotheS3bucketAttachthepolicytotheEC2instances
DownloadlatestAWSSAA-C03examdumpstohelpyoupassyourexameasily
C.Createan1AMgroupthatgrantsaccesstotheS3bucket.AttachthegrouptotheEC2instances.
DCreatean1AMuserthatgrantsaccesstotheS3bucketAttachtheuseraccounttotheEC2instances
Answer:A
18Anapplicationdevelopmentteamisdesigningamicroservicethatwillconvertlargeimagestosmaller, compressedimagesWhenauseruploadsanimagethroughthewebinterface,themicroserviceshould storetheimageinanAmazonS3bucket,processandcompresstheimagewithanAWSLambdafunction, andstoretheimageinitscompressedforminadifferentS3bucket
Asolutionsarchitectneedstodesignasolutionthatusesdurable,statelesscomponentstoprocessthe imagesautomatically
Whichcombinationofactionswillmeettheserequirements?(Choosetwo)
A.CreateanAmazonSimpleQueueService(AmazonSQS)queueConfiguretheS3buckettosenda notificationtotheSQSqueuewhenanimageisuploadedtotheS3bucket
B.ConfiguretheLambdafunctiontousetheAmazonSimpleQueueService(AmazonSQS)queueasthe invocationsourceWhentheSQSmessageissuccessfullyprocessed,deletethemessageinthequeue
C.ConfiguretheLambdafunctiontomonitortheS3bucketfornewuploadsWhenanuploadedimageis detectedwritethefilenametoatextfileinmemoryandusethetextfiletokeeptrackoftheimagesthat wereprocessed
DLaunchanAmazonEC2instancetomonitoranAmazonSimpleQueueService(AmazonSQS)queue WhenitemsareaddedtothequeuelogthefilenameinatextfileontheEC2instanceandinvokethe Lambdafunction
EConfigureanAmazonEventBridge(AmazonCloudWatchEvents)eventtomonitortheS3bucket
WhenanimageisuploadedsendanalerttoanAmazonSimpleNotificationService(AmazonSNS)topic withtheapplicationowner'semailaddressforfurtherprocessing
Answer:A,B
19Acompanyhasathree-tierwebapplicationthatisdeployedonAWSThewebserversaredeployedin apublicsubnetinaVPCTheapplicationserversanddatabaseserversaredeployedinprivatesubnets inthesameVPC.Thecompanyhasdeployedathird-partyvirtualfirewallappliancefromAWS
MarketplaceinaninspectionVPCTheapplianceisconfiguredwithanIPinterfacethatcanacceptIP packets.
AsolutionsarchitectneedstoIntegratethewebapplicationwiththeappliancetoinspectalltraffictothe applicationbeforethetrafficteachesthewebserver.
WhichsolutionwillmoottheserequirementswiththeLEASToperationaloverhead?
A.CreateaNetworkLoadBalancerthepublicsubnetoftheapplication'sVPCtoroutethetrafficlothe applianceforpacketinspection
BCreateanApplicationLoadBalancerinthepublicsubnetoftheapplication'sVPCtoroutethetrafficto theapplianceforpacketinspection
CDeployatransitgatewaymtheinspectionVPCConfigureroutetablestoroutetheincomingpockets throughthetransitgateway
DDeployaGatewayLoadBalancerintheinspectionVPCCreateaGatewayLoadBalancerendpointto receivetheincomingpacketsandforwardthepacketstotheappliance
Answer:D