AWS Certified Solutions Architect Associate Practice

Welcome to your AWS Certified Solutions Architect Associate Practice - Quiz 3

You can test your AWS Knowledge by this Quiz.

This Quiz contains 20 questions and there is a time limit, 20 minutes to complete this quiz. You have to answer all questions.

Count Your Score

You will get 1 point for each correct answer. Your score will be in percentage. Please click Next to start the quiz.

Good Luck!!!

1. Your company has an on-premises Distributed File System Replication (DFSR) service to keep files synchronized on multiple Windows servers, and would like to migrate to AWS cloud. What do you recommend as a replacement for the DFSR?

EFS

FSx for Windows

Amazon S3

FSx for Lustre

2. A global media company uses a fleet of EC2 instances (behind an Application Load Balancer) to power its video streaming application. To improve the performance of the application, the engineering team has also created a CloudFront distribution with the Application Load Balancer as the custom origin. The security team at the company has noticed a spike in the number and types of SQL injection and cross-site scripting attack vectors on the application. As a solutions architect, which of the following solutions would you recommend as the MOST effective in countering these malicious attacks?

Use Security Hub with Cloudfront distribution

Use Web Application Firewall (WAF) with Cloudfront distribution

Use Web Firewall Manager with Cloudfront distribution

Use Route 53 with Cloudfront distribution

3. A media publishing company is looking at moving their on-premises infrastructure to AWS Cloud. Their flagship application uses a massive PostgreSQL database and the engineering team would like to retain control over managing the patches, version upgrades for the database, and consistent performance with high IOPS. The team wants to install the database on an EC2 instance with the optimal storage type on the attached EBS volume. As a solutions architect, which of the following configurations would you suggest to the engineering team?

Amazon EC2 with EBS Volumes of Provisioned IOPS SSD (io1) type

Amazon EC2 with EBS Volumes of General Purpose SSD (gp2) type

Amazon EC2 with EBS Volumes of cold HDD (sc1) type

Amazon EC2 with EBS Volumes of Throughput Optimized HDD (st1) type

4. A big-data consulting firm is working on a client engagement where the ETL workloads are currently handled via a Hadoop cluster deployed in the on-premises data center. The client wants to migrate their ETL workloads to AWS Cloud. The AWS Cloud solution needs to be highly available with about 50 EC2 instances per Availability Zone. As a solutions architect, which of the following EC2 placement groups would you recommend handling the distributed ETL workload?

Spread Placement Group

Cluster Placement Group

Partition Partition Group

Both Partition Partition Group Spread Placement Group

5. The engineering team at a startup is running a Proof-of-Concept to move their business to AWS Cloud. The team wants to store business-critical data on Elastic Block Storage (EBS) volumes which provide persistent storage independent of EC2 instances. During a test run, the team found out that on terminating an Amazon EC2 instance, the attached Elastic Block Storage (EBS) volume was also lost, which was contrary to their assumptions. As a solutions architect, could you explain this issue?

The EBS Volumes were not backed up on EFS File System Storage, resulting in the loss of volume

The EBS Volume was configured as the root volume of Amazon EC2 instance. On termination of the instance, the defualt behaviour also terminate the attached root volume

The EBS Volumes were not backed up on Amazon S3 Storage resulting in the loss of volume

On termination of an EC2 instance, all the attached EBS volumes were always terminated

6. The engineering team at an IT company is deploying an Online Transactional Processing (OLTP) application, which will have unpredictable spikes of usage, that they do not know in advance. Which database would you recommend using?

Aurora Serverless

DynamoDB with provisioned Capacity and Auto Scaling

RDS PostgreSQL with Auto Scaling

DynamoDB with On-Demand Capacity

7. A financial services company is looking to transition its IT infrastructure from on-premises to AWS Cloud. They are moving towards a single log processing model for all their log files (consisting of system logs, application logs, database logs, etc) that can be processed in a serverless fashion and then durably stored for downstream analytics. They want to use an AWS managed service that automatically scales to match the throughput of the log data and requires no ongoing administration. As a solutions architect, which of the following AWS services would you recommend solving this problem?

Amazon EMR

Kinesis Data Streams

AWS Lambda

Kinesis Data Firehose

8. A junior developer is learning to build websites using HTML, CSS, and JavaScript. He has created a static website and then deployed it on Amazon S3. Now he can't seem to figure out the endpoint for his super cool website. As a solutions architect, can you help him figure out the allowed formats for the Amazon S3 website endpoints? (Select two)

http://s3-website-Region.bucket-name.amazonaws.com

http://bucket-name.Region.s3-website.amazonaws.com

http://s3-website.Region.bucket-name.amazonaws.com

http://bucket-name.s3-website-Region.amazonaws.com

http://bucket-name.s3-website.Region.amazonaws.com

9. Your company has a monthly big data workload, running for about 2 hours, which can be efficiently distributed across various servers of various sizes, with a variable number of CPU, and that can withstand server failures. Which is the MOST cost-optimal solution for this workload?

Run the workload on Reserved Instances

Run the workload on a Spot Fleet

Run the workload on Dedicated Hosts

Run the workload on Spot Instances

10. You are building an application that will be deployed on 10 EC2 instances using Amazon Linux 2 AMI. The application needs access to a shared network file system that is POSIX compliant. What do you recommend?

EBS

Instance Store

EFS

11. An HTTP application is deployed on an Auto Scaling Group, is accessible from an Application Load Balancer that provides HTTPS termination, and accesses a PostgreSQL database managed by RDS. How should you configure the security groups? (Select three)

The Security group of ALB should have an inbound rule from anywhere on Port 443

The Security group of the EC2 Instances should have an inbound rule from the security group of the RDS Database on Port 5432

The Security group of RDS should have an inbound rule from the security group of the EC2 instances in the ASG on Port 5432

The Security group of the EC2 Instances should have an inbound rule from the security group of the ALB on Port 80

The Security group of RDS should have an inbound rule from the security group of the EC2 instances in the ASG on Port 80

The Security group of ALB should have an inbound rule from anywhere on Port 80

12. The infrastructure team at a company maintains 5 different VPCs (let's call these VPCs A, B, C, D, E) for resource isolation. Due to the changed organizational structure, the team wants to interconnect all VPCs together. To facilitate this, the team has set up VPC peering connections between VPC A and all other VPCs in a hub and spoke model with VPC A at the center. However, the team has still failed to establish connectivity between all VPCs. As a solutions architect, which of the following would you recommend as the MOST resource-efficient and scalable solution?

Use an internet gateway to interconnect the VPCs

Establish VPC Peering connections between all VPCs

Use a transit gateway to interconnect the VPCs

Use a VPC Endpoint to interconnect the VPCs

13. An Industrial Appliances company has just moved a significant percentage of its existing workloads to the AWS Cloud, and all departments now use some AWS solutions. Although these changes have helped the company to become more flexible, but the DevOps team still needs to ramp up on IT security. Currently, the team wants to enable a highly available architecture for a bastion host solution. As a solutions architect, which of the following options would you recommend as the solution?

Create a public Application Load Balancer that links to EC2 instances that are bastion hosts managed by an ASG

Create a VPC Endpoint for a fleet of EC2 instances that are bastion hosts managed by an ASG

Create a public Network Load Balancer that links to EC2 instances that are bastion hosts managed by an ASG

Create an Elastic IP and assign it to all EC2 instances that are bastion hosts managed by an ASG

14. A financial services company has to retain the activity logs for each of their customers to meet regulatory and compliance guidelines. Depending on the business line, the company wants to retain the logs for 5-10 years in highly available and durable storage on AWS. The overall data size is expected to be in PetaBytes. In case of an audit, the data would need to be accessible within a timeframe of up to 48 hours. Which AWS storage option is the MOST cost-effective for the given compliance requirements?

Amazon S3 Glacier

Amazon S3 Standard Storage

Amazon S3 Glacier Deep Archive

Third Party Tape Storage

15. A tax computation software runs on Amazon EC2 instances behind a Classic Load Balancer. The instances are managed by an Auto Scaling Group. The tax computation software has an optimization module, which can take up to 10 minutes to find the optimal answer. How do you ensure that when the Auto Scaling Group initiates a scale-in event, the users do not see their current requests interrupted?

Create an ASG Scheduled Action

Enable Stickiness on the CLB

Increase the deregistration delay to more than 10 times

Enable ELB Health Checks on the ASG

16. An e-commerce website hosted on an EC2 instance consumes messages from an SQS queue which has records for pending orders. The SQS queue has a visibility timeout of 30 minutes. The EC2 instance sends out an email once an order has been processed. The development team observes that 12 emails have been sent but only 4 orders have been placed. As a solutions architect, which of the following options would you choose to describe this issue?

Queue is set to distributed mode forcing delivery of duplicate messages

Queue is set to long polling so the messages are being picked up multiple times by the consumer application

Because of a configuration issue, the consumer application is not deleting the messages in the SQS Queue after it has processsed them

Queue is set to short polling so the messages are being picked up multiple times by the consumer application

17. An IT company has an Access Control Management (ACM) application that uses Amazon RDS for MySQL but is running into performance issues despite using Read Replicas. The company has hired you as a solutions architect to address these performance-related challenges on an urgent basis without moving away from the underlying relational database schema. The company has branch offices across the world, and it needs the solution to work on a global scale. Which of the following will you recommend as the MOST cost-effective and high-performance solution?

Spin up a Redshift cluster in each AWS region, Migrate the existing data into Redshift Clusters

Use Amazon DynamoDB Global Tables to provide fast, local, read and write performance in each region

Use Amazon Aurora Global Database to enable fast local reads with low latency in each region

Spin up EC2 instances in each AWS region, install MySQL databases and migrate the existing data into these new databases

18. You would like to use Snowball to move on-premises backups into a long term archival tier on AWS. Which solution provides the MOST cost savings?

Create a Snowball job and target a Glacier Deep Archive Vault

Create a Snowball job and target a Glacier Vault

Create a Snowball job and target an S3 bucket. Create a lifecycle policy to immediate move data to Glacier

Create a Snowball job and target an S3 bucket. Create a lifecycle policy to immediate move data to Glacier Deep Archive

19. To improve the performance and security of the application, the engineering team at a company has created a CloudFront distribution with an Application Load Balancer as the custom origin. The team has also set up a Web Application Firewall (WAF) with CloudFront distribution. The security team at the company has noticed a surge in malicious attacks from a specific IP address to steal sensitive data stored on the EC2 instances. As a solutions architect, which of the following actions would you recommend to stop the attacks?

Create a ticket with AWS Support to take action against the Malicious IP

Create an IP match condition in the WAF to block the Malicious IP Address

Create a Deny Rule for Malicious IP in the NACL associated with each of the instances

Create a Deny Rule for Malicious IP in the Security Group associated with each of the instances

20. A silicon valley based startup has a content management application with the web-tier running on EC2 instances and the database tier running on Amazon Aurora. Currently, the entire infrastructure is located in us-east-1 region. The startup has 90% of its customers in the US and Europe. The engineering team is getting reports of deteriorated application performance from customers in Europe with high application load time. As a solutions architect, which of the following would you recommend addressing these performance issues? (Select two)

Create Amazon Aurora Multi-AZ standby instance in the eu-west-1 region

Create Amazon Aurora read-replicas in the eu-west-1 region

Setup another fleet of EC2 Instances for the web tier in the eu-west-1 region. Enable latency routing policy in Route 53

Setup another fleet of EC2 Instances for the web tier in the eu-west-1 region. Enable geolocation routing policy in Route 53

Setup another fleet of EC2 Instances for the web tier in the eu-west-1 region. Enable failover routing policy in Route 53

Please fill in the comment box below.

Post Views: 1,521

AWS Certified Solutions Architect Associate Practice – Quiz 3

Recommended Reading..

How to Build Nginx from Source on Ubuntu 20.04 and Centos 8.0

AWS Certified Solutions Architect Associate Practice – Quiz 4

How to create a systemd service unit for Shell Scripts in Linux

1 thought on “AWS Certified Solutions Architect Associate Practice – Quiz 3”

Leave a Comment Cancel reply