SAP-C02 Exam Dumps - AWS Certified Solutions Architect - Professional

Searching for workable clues to ace the Amazon Web Services SAP-C02 Exam? You’re on the right place! ExamCert has realistic, trusted and authentic exam prep tools to help you achieve your desired credential. ExamCert’s SAP-C02 PDF Study Guide, Testing Engine and Exam Dumps follow a reliable exam preparation strategy, providing you the most relevant and updated study material that is crafted in an easy to learn format of questions and answers. ExamCert’s study tools aim at simplifying all complex and confusing concepts of the exam and introduce you to the real exam scenario and practice it with the help of its testing engine and real exam dumps

Go to page:

Question # 121

A financial company uses AWS Control Tower to govern multiple AWS accounts. The company must comply with data residency regulations. The regulations require customer data and backups to remain only in specific approved AWS Regions. Additionally, the company must retain control of the cryptographic root of trust. The company must use encryption keys in hardware security modules (HSMs) that the company operates in-country. The company needs a preventive control that blocks resource creation outside the approved Regions.

Which solution will meet these requirements with the LEAST operational overhead?

Use an AWS KMS external key store (XKS) backed by the companyâ€™s in-country HSMs for encryption. Apply an AWS Control Tower Region deny control to the relevant OUs to deny actions outside the approved Regions.

Use AWS KMS multi-Region keys for all encryption. Use AWS Config rules to detect resources that are created outside the approved Regions.

Use an AWS KMS custom key store backed by an AWS CloudHSM cluster deployed in one approved Region. Apply separate IAM policies in each account. Configure the policies to deny actions outside the approved Regions by using the aws:RequestedRegion condition key.

Use standard AWS KMS customer managed keys for encryption. Apply an AWS Control Tower Region deny control to the relevant OUs to deny actions outside the approved Regions.

Full Access

Question # 122

A company wants to migrate its data analytics environment from on premises to AWS The environment consists of two simple Node js applications One of the applications collects sensor data and loads it into a MySQL database The other application aggregates the data into reports When the aggregation jobs run. some of the load jobs fail to run correctly

The company must resolve the data loading issue The company also needs the migration to occur without interruptions or changes for the company ' s customers

What should a solutions architect do to meet these requirements?

Set up an Amazon Aurora MySQL database as a replication target for the on-premises database Create an Aurora Replica for the Aurora MySQL database, and move the aggregation jobs to run against the Aurora Replica Set up collection endpomts as AWS Lambda functions behind a Network Load Balancer (NLB). and use Amazon RDS Proxy to wnte to the Aurora MySQL database When the databases are synced disable the replication job and restart the Aurora

Set up an Amazon Aurora MySQL database Use AWS Database Migration Service (AWS DMS) to perform continuous data replication from the on-premises database to Aurora Move the aggregation jobs to run against the Aurora MySQL database Set up collection endpomts behind an Application Load Balancer (ALB) as Amazon EC2 instances in an Auto Scaling group When the databases are synced, point the collector DNS record to the ALB Disable the AWS DMS syn

Set up an Amazon Aurora MySQL database Use AWS Database Migration Service (AWS DMS) to perform continuous data replication from the on-premises database to Aurora Create an AuroraReplica for the Aurora MySQL database and move the aggregation jobs to run against the Aurora Replica Set up collection endpoints as AWS Lambda functions behind an Application Load Balancer (ALB) and use Amazon RDS Proxy to write to the Aurora MySQL database When t

Set up an Amazon Aurora MySQL database Create an Aurora Replica for the Aurora MySQL database and move the aggregation jobs to run against the Aurora Replica Set up collection endpoints as an Amazon Kinesis data stream Use Amazon Kinesis Data Firehose to replicate the data to the Aurora MySQL database When the databases are synced disable the replication job and restart the Aurora Replica as the primary instance Point the collector DNS reco

Full Access

Question # 123

A company has migrated its forms-processing application to AWS. When users interact with the application, they upload scanned forms as files through a web application. A database stores user metadata and references to files that are stored in Amazon S3. The web application runs on Amazon EC2 instances and an Amazon RDS for PostgreSQL database.

When forms are uploaded, the application sends notifications to a team through Amazon Simple Notification Service (Amazon SNS). A team member then logs in and processes each form. The team member performs data validation on the form and extracts relevant data before entering the information into another system that uses an API.

A solutions architect needs to automate the manual processing of the forms. The solution must provide accurate form extraction, minimize time to market, and minimize long-term operational overhead.

Which solution will meet these requirements?

Develop custom libraries to perform optical character recognition (OCR) on the forms. Deploy the libraries to an Amazon Elastic Kubernetes Service (Amazon EKS) cluster as an application tier. Use this tier to process the forms when forms are uploaded. Store the output in Amazon S3. Parse this output by extracting the data into an Amazon DynamoDB table. Submit the data to the target system ' s API. Host the new application tier on EC2 instan

Extend the system with an application tier that uses AWS Step Functions and AWS Lambda. Configure this tier to use artificial intelligence and machine learning (AI/ML) models that are trained and hosted on an EC2 instance to perform optical character recognition (OCR) on the forms when forms are uploaded. Store the output in Amazon S3. Parse this output by extracting the data that is required within the application tier. Submit the data to

Host a new application tier on EC2 instances. Use this tier to call endpoints that host artificial intelligence and machine learning (Al/ML) models that are trained and hosted in Amazon SageMaker to perform optical character recognition (OCR) on the forms. Store the output in Amazon ElastiCache. Parse this output by extracting the data that is required within the application tier. Submit the data to the target system ' s API.

Extend the system with an application tier that uses AWS Step Functions and AWS Lambda. Configure this tier to use Amazon Textract and Amazon Comprehend to perform optical character recognition (OCR) on the forms when forms are uploaded. Store the output in Amazon S3. Parse this output by extracting the data that is required within the application tier. Submit the data to the target system ' s API.

Full Access

Question # 124

A company hosts a game player-matching service on a public-facing, physical, on-premises instance that all users are able to access over the instance uses UDP. The company wants to migrate the service to AWS and provide a high level of security. A solutions architect needs to de matching service using AWS.

Which combination of steps should the solutions architect take to meet these requirements? (Select THREE.)

Use a Network Load Balancer (NLB) in front of the player-matching instance. Use a friendly DNS entry in Amazon Route 53-point address.

Use an Application Load Balancer (ALB) in front of the player-matching instance. Use a friendly DNS entry in Amazon Route 53 p facing fully qualified domain name (FQDN).

Define an AWS WAF rule to explicitly drop non-UDP traffic, and associate the rule with the load balancer.

Configure a network ACL rule to block all non-UDP traffic. Associate the network ACL with the subnets that hold the load balance

Full Access

Question # 125

A company is hosting an image-processing service on AWS in a VPC. The VPC extends across two Availability Zones. Each Availability Zone contains one public subnet and one private subnet.

The service runs on Amazon EC2 instances in the private subnets. An Application Load Balancer in the public subnets is in front of the service. The service needs to communicate with the internet and does so through two NAT gateways. The service uses Amazon S3 for image storage. The EC2 instances retrieve approximately 1 ×€Â¢×€ â€™ of data from an S3 bucket each day.

The company has promoted the service as highly secure. A solutions architect must reduce cloud expenditures as much as possible without compromising the service ' s security posture or increasing the time spent on ongoing operations.

Which solution will meet these requirements?

Replace the NAT gateways with NAT instances. In the VPC route table, create a route from the private subnets to the NAT instances.

Move the EC2 instances to the public subnets. Remove the NAT gateways.

Set up an S3 gateway VPC endpoint in the VPC. Attach an endpoint policy to the endpoint to allow the required actions on the S3 bucket.

Attach an Amazon Elastic File System (Amazon EFS) volume to the EC2 instances. Host the image on the EFS volume.

Full Access

Question # 126

A company is launching a new online game on Amazon EC2 instances. The game must be available globally. The company plans to run the game in three AWS Regions: us-east-1, eu-west-1, and ap-southeast-1. The game ' s leaderboards. player inventory, and event status must be available across Regions.

A solutions architect must design a solution that will give any Region the ability to scale to handle the load of all Regions. Additionally, users must automatically connect to the Region that provides the least latency.

Which solution will meet these requirements with the LEAST operational overhead?

Create an EC2 Spot Fleet. Attach the Spot Fleet to a Network Load Balancer (NLB) in each Region. Create an AWS Global Accelerator IP address that points to the NLB. Create an Amazon Route 53 latency-based routing entry for the Global Accelerator IP address. Save the game metadata to an Amazon RDS for MySQL DB instance in each Region. Set up a read replica in the other Regions.

Create an Auto Scaling group for the EC2 instances. Attach the Auto Scaling group to a Network Load Balancer (NLB) in each Region. For each Region, create an Amazon Route 53 entry that uses geoproximity routing and points to the NLB in that Region. Save the game metadata to MySQL databases on EC2 instances in each Region. Save the game metadata to MySQL databases on EC2 instances in each Region. Set up replication between the database EC2 i

Use EC2 Global View. Deploy the EC2 instances to each Region. Attach the instances to a Network Load Balancer (NLB). Deploy a DNS server on an EC2 instance in each Region. Set up custom logic on each DNS server to redirect the user to the Region that provides the lowest latency. Save the game metadata to an Amazon Aurora global database.

Full Access

Answer:

Explanation:

The best option is to use an Auto Scaling group, a Network Load Balancer, Amazon Route 53, and Amazon DynamoDB to create a scalable, highly available, and low-latency online game application. An Auto Scaling group can automatically adjust the number of EC2 instances based on the demand and traffic in each Region. A Network Load Balancer can distribute the incoming traffic across the EC2 instances and handle millions of requests per second. Amazon Route 53 can use latency-based routing to direct the users to the Region that provides the best performance. Amazon DynamoDB global tables can replicate the game metadata across multiple Regions, ensuring consistency and availability of thedata. This approach minimizes the operational overhead and cost, as it leverages fully managed services and avoids custom logic or replication.

Option A is not optimal because using an EC2 Spot Fleet can introduce the risk of losing the EC2 instances if the Spot price exceeds the bid price, which can affect the availability and performance of the game. Using AWS Global Accelerator can improve the network performance, but it is not necessary if Amazon Route 53 can already route the users to the closest Region. Using Amazon RDS for MySQL can store the game metadata, but it requires setting up read replicas and managing the replication lag across Regions, which can increase the complexity and cost.

Option B is not optimal because using geoproximity routing can direct the users to the Region that is geographically closer, but it does not account for the network latency or performance. Using MySQL databases on EC2 instances can store the game metadata, but it requires managing the EC2 instances, the database software, the backups, the patches, and the replication across Regions, which can increase the operational overhead and cost.

Option D is not optimal because using EC2 Global View is not a valid service. Using a custom DNS server on an EC2 instance can redirect the user to the Region that provides the lowest latency, but it requires developing and maintaining the custom logic, as well as managing the EC2 instance, which can increase the operational overhead and cost. Using Amazon Aurora global database can store the game metadata, but it is more expensive and complex than using Amazon DynamoDB global tables.

Auto Scaling groups

Network Load Balancer

Amazon Route 53

Amazon DynamoDB global tables

Question # 127

An online retail company is migrating its legacy on-premises .NET application to AWS. The application runs on load-balanced frontend web servers, load-balanced application servers, and a Microsoft SQL Server database.

The company wants to use AWS managed services where possible and does not want to rewrite the application. A solutions architect needs to implement a solution to resolve scaling issues and minimize licensing costs as the application scales.

Which solution will meet these requirements MOST cost-effectively?

Deploy Amazon EC2 instances in an Auto Scaling group behind an Application Load Balancerfor the web tier and for the application tier. Use Amazon Aurora PostgreSQL with Babelfish turned on to replatform the SOL Server database.

Create images of all the servers by using AWS Database Migration Service (AWS DMS). Deploy Amazon EC2 instances that are based on the on-premises imports. Deploy the instances in an Auto Scaling group behind a Network Load Balancer for the web tier and for the application tier. Use Amazon DynamoDB as the database tier.

Containerize the web frontend tier and the application tier. Provision an Amazon Elastic Kubernetes Service (Amazon EKS) cluster. Create an Auto Scaling group behind a Network Load Balancer for the web tier and for the application tier. Use Amazon RDS for SOL Server to host the database.

Separate the application functions into AWS Lambda functions. Use Amazon API Gateway for the web frontend tier and the application tier. Migrate the data to Amazon S3. Use Amazon Athena to query the data.

Full Access

Question # 128

A company uses a Grafana data visualization solution that runs on a single Amazon EC2 instance to monitor the health of the company ' s AWS workloads. The company has invested time and effort to create dashboards that the company wants to preserve. The dashboards need to be highly available and cannot be down for longer than 10 minutes. The company needs to minimize ongoing maintenance.

Which solution will meet these requirements with the LEAST operational overhead?

Migrate to Amazon CloudWatch dashboards. Recreate the dashboards to match the existing Grafana dashboards. Use automatic dashboards where possible.

Create an Amazon Managed Grafana workspace. Configure a new Amazon CloudWatch data source. Export dashboards from the existing Grafana instance. Import the dashboards into the new workspace.

Create an AMI that has Grafana pre-installed. Store the existing dashboards in Amazon Elastic File System (Amazon EFS). Create an Auto Scaling group that uses the new AMI. Set the Auto Scaling group ' s minimum, desired, and maximum number of instances to one. Create an Application Load Balancer that serves at least two Availability Zones.

Configure AWS Backup to back up the EC2 instance that runs Grafana once each hour. Restore the EC2 instance from the most recent snapshot in an alternate Availability Zone when required.

Full Access