★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Exam Code: AWS-Solution-Architect-Associate (Practice Exam Latest Test Questions VCE PDF)
Exam Name: AWS Certified Solutions Architect - Associate
Certification Provider: Amazon
Free Today! Guaranteed Training- Pass AWS-Solution-Architect-Associate Exam.
2016 May AWS-Solution-Architect-Associate Study Guide Questions:
Q161. What is one key difference between an Amazon EBS-backed and an instance-store backed instance?
A. Amazon EBS-backed instances can be stopped and restarted.
B. Instance-store backed instances can be stopped and restarted.
C. Auto scaling requires using Amazon EBS-backed instances.
D. Virtual Private Cloud requires EBS backed instances.
Q162. An enterprise wants to use a third-party SaaS application. The SaaS application needs to have access to issue several API commands to discover Amazon EC2 resources running within the enterprise's account The enterprise has internal security policies that require any outside access to their environment must conform to the principles of least privilege and there must be controls in place to ensure that the credentials used by the SaaS vendor cannot be used by any other third party. Which of the following would meet all of these conditions?
retrieve the access and secret key for your account.
B. Create an IAM user within the enterprise account assign a user policy to the IAM user that allows only the actions required by the SaaS application create a new access and secret key for the user and provide these credentials to the SaaS provider.
C. Create an IAM role for cross-account access allows the SaaS provider's account to assume the role and assign it a policy that allows only the actions required by the SaaS application.
D. Create an IAM role for EC2 instances, assign it a policy mat allows only the actions required tor the Saas application to work, provide the role ARM to the SaaS provider to use when launching their application instances.
Q163. Can the string value of 'Key' be prefixed with :aws:"?
A. Only in GovCloud
B. Only for S3 not EC2
Up to the immediate present AWS-Solution-Architect-Associate practice:
Q164. Your company policies require encryption of sensitive data at rest. You are considering the possible options for protecting data while storing it at rest on an EBS data volume, attached to an EC2 instance. Which of these options would allow you to encrypt your data at rest? (Choose 3 answers)
A. Implement third party volume encryption tools
B. Do nothing as EBS volumes are encrypted by default
C. Encrypt data inside your applications before storing it on EBS
D. Encrypt data using native data encryption drivers at the file system level
E. Implement SSL/TLS for all services running on the server
Q165. Is there a limit to how many groups a user can be in?
A. Yes for all users
B. Yes for all users except root
D. Yes unless special permission granted
Q166. How are the EBS snapshots saved on Amazon S3?
C. EBS snapshots are not stored in the Amazon S3
Certified AWS-Solution-Architect-Associate testing software:
Q167. You are implementing a URL whitelisting system for a company that wants to restrict outbound HTTP'S connections to specific domains from their EC2-hosted applications you deploy a single EC2 instance running proxy software and configure It to accept traffic from all subnets and EC2 instances in the VPC. You configure the proxy to only pass through traffic to domains that you define in its whitelist configuration You have a nightly maintenance window or 10 minutes where ail instances fetch new software updates. Each update Is about 200MB In size and there are 500 instances In the VPC that routinely fetch updates After a few days you notice that some machines are failing to successfully download some, but not all of their updates within the maintenance window The download URLs used for these updates are correctly listed in the proxy's whitelist configuration and you are able to access them manually using a web browser on the instances What might be happening? (Choose 2 answers)
A. You are running the proxy on an undersized EC2 instance type so network throughput is
not sufficient for all instances to download their updates in time.
B. You have not allocated enough storage to the EC2 instance running me proxy so the network buffer is filling up. causing some requests to fall
C. You are running the proxy in a public subnet but have not allocated enough EIPs lo support the needed network throughput through the Internet Gateway (IGW)
D. You are running the proxy on a affilelentiy-sized EC2 instance in a private subnet and its network throughput is being throttled by a NAT running on an undersized EO£ instance
E. The route table for the subnets containing the affected EC2 instances is not configured to direct network traffic for the software update locations to the proxy.
Q168. What does the following command do with respect to the Amazon EC2 security groups? ec2-create-group CreateSecurityGroup
A. Groups the user created security groups in to a new group for easy access.
B. Creates a new security group for use with your account.
C. Creates a new group inside the security group.
D. Creates a new rule inside the security group.
Q169. If an Amazon EBS volume is the root device of an instance, can I detach it without stopping the instance?
A. Yes but only if Windows instance
D. Yes but only if a Linux instance
Q170. A company is running a batch analysis every hour on their main transactional DB. running on an RDS MySQL instance to populate their central Data Warehouse running on Redshift During the execution of the batch their transactional applications are very slow When the batch completes they need to update the top management dashboard with the new data The dashboard is produced by another system running on-premises that is currently started when a manually-sent email notifies that an update is required The on-premises system cannot be modified because is managed by another team.
How would you optimize this scenario to solve performance issues and automate the process as much as possible?
A. Replace RDS with Redshift for the batch analysis and SNS to notify the on-premises system to update the dashboard
B. Replace ROS with Redsnift for the oaten analysis and SQS to send a message to the on-premises system to update the dashboard
C. Create an RDS Read Replica for the batch analysis and SNS to notify me on-premises system to update the dashboard
D. Create an RDS Read Replica for the batch analysis and SQS to send a message to the on-premises system to update the dashboard.
see more http://www.pdfcollection.net/AWS-Solution-Architect-Associate-pdf.html