Question 1

A company ingests and processes streaming market dat

a. The data rate is constant. A nightly process that calculates aggregate statistics is run, and each execution takes about 4 hours to complete. The statistical analysis is not mission critical to the business, and previous data points are picked up on the next execution if a particular run fails.

The current architecture uses a pool of Amazon EC2 Reserved Instances with 1-year reservations running full time to ingest and store the streaming data in attached Amazon EBS volumes. On-Demand EC2 instances are launched each night to perform the nightly processing, accessing the stored data from NFS shares on the ingestion servers, and terminating the nightly processing servers when complete. The Reserved Instance reservations are expiring, and the company needs to determine whether to purchase new reservations or implement a new design.

Which is the most cost-effective design?

Options :

A : Update the ingestion process to use Amazon Kinesis Data Firehose to save data to Amazon S3. Use a scheduled script to launch a fleet of EC2 On-Demand Instances each night to perform the batch processing of the S3 data. Configure the script to terminate the instances when the processing is complete.

B :

Update the ingestion process to use Amazon Kinesis Data Firehose to save data to Amazon S3. Use AWS Batch with Spot Instances to perform nightly

processing with a maximum Spot price that is 50% of the On-Demand price.

C :

Update the ingestion process to use a fleet of EC2 Reserved Instances with 3-year reservations behind a Network Load Balancer. Use AWS Batch with Spot

Instances to perform nightly processing with a maximum Spot price that is 50% of the On-Demand price.

D :

Update the ingestion process to use Amazon Kinesis Data Firehose to save data to Amazon Redshift. Use Amazon EventBridge to schedule an AWS Lambda

function to run nightly to query Amazon Redshift to generate the daily statistics.

Answer: B

Question 2

A company runs an application that gives users the ability to search for videos and related information by

using keywords that are curated from content providers. The application data is stored in an on-premises

Oracle database that is 800 GB in size.

The company wants to migrate the data to an Amazon Aurora MySQL DB instance. A solutions architect

plans to use the AWS Schema Conversion Tool and AWS Database Migration Service (AWS DMS) for the

migration. During the migration, the existing database must serve ongoing requests. The migration must be

completed with minimum downtime

Which solution will meet these requirements?

Options :

A :

Create primary key indexes, secondary indexes, and referential integrity constraints in the target

database before starting the migration process

B :

Use AWS DMS to run the conversion report for Oracle to Aurora MySQL. Remediate any issues Then

use AWS DMS to migrate the data

C : Use the M5 or CS DMS replication instance type for ongoing replication

D :

Turn off automatic backups and logging of the target database until the migration and cutover processes

are complete

Answer: B

Question 3

A company is currently in the design phase of an application that will need an RPO of less than 5 minutes and an RTO of less than 10 minutes. The solutions architecture team is forecasting that the database will store approximately 10 TB of data. As part of the design, they are looking for a database solution that will provide the company with the ability to fail over to a secondary Region. Which solution will meet these business requirements at the LOWEST cost?

Options :

A :

Deploy an Amazon Aurora DB cluster and take snapshots of the cluster every 5 minutes. Once a snapshot is complete, copy the snapshot to a secondary Region to serve as a backup in the event of a failure.

B :

Deploy an Amazon RDS instance with a cross-Region read replica in a secondary Region. In the event of a failure, promote the read replica to become the primary.

C :

Deploy an Amazon Aurora DB cluster in the primary Region and another in a secondary Region. Use AWS DMS to keep the secondary Region in sync.

D :

Deploy an Amazon RDS instance with a read replica in the same Region. In the event of a failure, promote the read replica to become the primary.

Answer: B

Question 4

A company runs its legacy web application in its on-premises data center. The solutions architect has been tasked to move the legacy web application in a virtual machine running inside the data center to the Amazon VPC. However, this application requires a private and dedicated connection to a number of servers hosted on the on-premises network in order for it to work.

Which combination of options provides the most suitable way to configure the web application running inside the VPC to reach back and access its internal dependencies on the company’s on-premises network? (Select TWO.)

Options :

A : An AWS Direct Connect link between the VPC and the network housing the internal services.

B : A network device in your data center that supports Border Gateway Protocol (BGP) and BGP MD5 authentication.

C : An Internet Gateway to allow a VPN connection.

D : Set up a Transit VPC between your on-premises data center and your VPC

E : An Elastic IP address on the VPC instance.

Answer: A,B

Question 5

A company maintains a restaurant review website. The website is a single-page application where files are

stored in Amazon S3 and delivered using Amazon CloudFront. The company receives several fake postings

every day that are manually removed.

The security team has identified that most of the fake posts are from bots with IP addresses that have a bad

reputation within the same global region. The team needs to create a solution to help restrict the bots from

accessing the website.

Which strategy should a solutions architect use?

Options :

A :

Use AWS Firewall Manager to control the CloudFront distribution security settings. Create a

geographical block rule and associate it with Firewall Manager.

B :

Associate an AWS WAF web ACL with the CloudFront distribution. Select the managed Amazon IP

reputation rule group for the web ACL with a deny action.

C :

Use AWS Firewall Manager to control the CloudFront distribution security settings. Select the managed

Amazon IP reputation rule group and associate it with Firewall Manager with a deny action.

D :

Associate an AWS WAF web ACL with the CloudFront distribution. Create a rule group for the web

ACL with a geographical match statement with a deny action.

Answer: B

Higher Test Marks with Free Online SAP-C02 Exam Practice

Buying Options: