Daily AWS Solution Architect questions #6

Q26: A company runs multiple Windows workloads on AWS. The company's employees use Windows file shares that are hosted on two Amazon EC2 instances. The file shares synchronize data between themselves and maintain duplicate copies. The company wants a highly available and durable storage solution that preserves how users currently access the files. What should a solutions architect do to meet these requirements?

• A.?Migrate all the data to Amazon S3. Set up IAM authentication for users to access files.
• B.?Set up an Amazon S3 File Gateway. Mount the S3 File Gateway on the existing EC2 instances.
• C.?Extend the file share environment to Amazon FSx for Windows File Server with a Multi-AZ configuration. Migrate all the data to FSx for Windows File Server.
• D.?Extend the file share environment to Amazon Elastic File System (Amazon EFS) with a Multi-AZ configuration. Migrate all the data to Amazon EFS.

Explain: EFS is not supported on Windows instances https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/AmazonEFS.html Amazon FSx for Windows File Server provides fully managed Microsoft Windows file servers, backed by a fully native Windows file system. https://docs.aws.amazon.com/fsx/latest/WindowsGuide/what-is.html

Q27: A solutions architect is developing a VPC architecture that includes multiple subnets. The architecture will host applications that use Amazon EC2 instances and Amazon RDS DB instances. The architecture consists of six subnets in two Availability Zones. Each Availability Zone includes a public subnet, a private subnet, and a dedicated subnet for databases. Only EC2 instances that run in the private subnets can have access to the RDS databases. Which solution will meet these requirements?

• A.?Create a new route table that excludes the route to the public subnets' CIDR blocks. Associate the route table with the database subnets.
• B.?Create a security group that denies inbound traffic from the security group that is assigned to instances in the public subnets. Attach the security group to the DB instances.
• C.?Create a security group that allows inbound traffic from the security group that is assigned to instances in the private subnets. Attach the security group to the DB instances.
• D.?Create a new peering connection between the public subnets and the private subnets. Create a different peering connection between the private subnets and the database subnets.

Q28: A company is running a popular social media website. The website gives users the ability to upload images to share with other users. The company wants to make sure that the images do not contain inappropriate content. The company needs a solution that minimizes development effort. What should a solutions architect do to meet these requirements?

• A.?Use Amazon Comprehend to detect inappropriate content. Use human review for low-confidence predictions.
• B.?Use Amazon Rekognition to detect inappropriate content. Use human review for low-confidence predictions.
• C.?Use Amazon SageMaker to detect inappropriate content. Use ground truth to label low-confidence predictions.
• D.?Use AWS Fargate to deploy a custom machine learning model to detect inappropriate content. Use ground truth to label low-confidence predictions.

Explain: Option B is indeed the best solution for this scenario. Let's break down why:

• Amazon Rekognition: This is a purpose-built service for image and video analysis, including content moderation. It's designed to detect inappropriate content in images, which perfectly fits the company's needs.
• Minimizes development effort: Rekognition is a fully managed service, meaning the company doesn't need to build, train, or maintain their own machine learning models. This significantly reduces development effort compared to other options.
• Human review for low-confidence predictions: This approach allows for a balance between automation and accuracy. Most content can be automatically moderated, while edge cases are handled by human reviewers, ensuring high overall accuracy. The other options are less suitable:

• A: Amazon Comprehend is primarily for text analysis, not image content moderation.
• C: Amazon SageMaker would require more development effort to build and train a custom model.
• D: Using AWS Fargate to deploy a custom ML model would require the most development effort and ongoing maintenance. By choosing Amazon Rekognition, the company can quickly implement an effective content moderation system with minimal development work, meeting both their functional requirements and their desire to minimize effort. The pricing of Rekognition service Image Analysis:
• $1.00 per?1,000 images processed
• The?first 1?million images processed per month are free?(as part?of the AWS?Free Tier) Video Analysis:
• $0.10 per minute of video?processed
• The?first 1,000 minutes of video?processed per month are free?(as part of the?AWS Free Tier) Storage:
• There?are?no additional charges for data?storage. You?only pay for the images?or videos you analyze.

Q29: A company wants to run its critical applications in containers to meet requirements for scalability and availability. The company prefers to focus on maintenance of the critical applications. The company does not want to be responsible for provisioning and managing the underlying infrastructure that runs the containerized workload. What should a solutions architect do to meet these requirements?

• A.?Use Amazon EC2 instances, and install Docker on the instances.
• B.?Use Amazon Elastic Container Service (Amazon ECS) on Amazon EC2 worker nodes.
• C.?Use Amazon Elastic Container Service (Amazon ECS) on AWS Fargate.
• D.?Use Amazon EC2 instances from an Amazon Elastic Container Service (Amazon ECS)-optimized Amazon Machine Image (AMI).

Explain: Option?C?(Amazon ECS on AWS?Fargate) is?the best choice because:

• It?runs?containerized applications, meeting the scalability and availability requirements.
• Fargate is serverless, so?the company doesn't need to provision?or manage any?underlying?infrastructure.
• It?allows the company to focus?solely on maintaining their critical?applications.
• AWS?handles all?infrastructure?management, including?scaling, patching, and capacity provisioning.
• It provides?a fully?managed container?environment?with?less?operational overhead. This?solution?best?aligns with the company's desire?to run?containerized workloads while avoiding responsibility?for infrastructure management.

Q30: A company hosts more than 300 global websites and applications. The company requires a platform to analyze more than 30 TB of clickstream data each day. What should a solutions architect do to transmit and process the clickstream data?

• A.?Design an AWS Data Pipeline to archive the data to an Amazon S3 bucket and run an Amazon EMR cluster with the data to generate analytics.
• B.?Create an Auto Scaling group of Amazon EC2 instances to process the data and send it to an Amazon S3 data lake for Amazon Redshift to use for analysis.
• C.?Cache the data to Amazon CloudFront. Store the data in an Amazon S3 bucket. When an object is added to the S3 bucket. run an AWS Lambda function to process the data for analysis.
• D.?Collect the data from Amazon Kinesis Data Streams. Use Amazon Kinesis Data Firehose to transmit the data to an Amazon S3 data lake. Load the data in Amazon Redshift for analysis.

Explain: Option D is the most appropriate solution for transmitting and processing the clickstream data in this scenario. Amazon Kinesis Data Streams is a highly scalable and durable service that enables real-time processing of streaming data at a high volume and high rate. You can use Kinesis Data Streams to collect and process the clickstream data in real-time. Amazon Kinesis Data Firehose is a fully managed service that loads streaming data into data stores and analytics tools. You can use Kinesis Data Firehose to transmit the data from Kinesis Data Streams to an Amazon S3 data lake. Once the data is in the data lake, you can use Amazon Redshift to load the data and perform analysis on it. Amazon Redshift is a fully managed, petabyte-scale data warehouse service that allows you to quickly and efficiently analyze data using SQL and your existing business intelligence tools.