TOP 10 Aws Solution Architect Certification Questions and Answers - Follow as for More

Besant Technologies Velachery Head Office

____________________________________

Question No : 1 - (Topic 1)

Company B is launching a new game app for mobile devices. Users will log into the game

using their existing social media account to streamline data capture. Company B would like

to directly save player data and scoring information from the mobile app to a DynamoDS

table named Score Data When a user saves their game the progress data will be stored to

the Game state S3 bucket. What is the best approach for storing data to DynamoDB and

S3?

A. Use an EC2 Instance that is launched with an EC2 role providing access to the Score

Data DynamoDB table and the GameState S3 bucket that communicates with the

mobile app via web services.

B. Use temporary security credentials that assume a role providing access to the Score

Data DynamoDB table and the Game State S3 bucket using web identity federation.

C. Use Login with Amazon allowing users to sign in with an Amazon account providing the

mobile app with access to the Score Data DynamoDB table and the Game State S3

bucket.

D. Use an IAM user with access credentials assigned a role providing access to the Score

Data DynamoDB table and the Game State S3 bucket for distribution with the mobile app.

------------------------------------------------Answer: A

Question No : 2 - (Topic 1)

Your company runs a customer facing event registration site This site is built with a 3-tier

architecture with web and application tier servers and a MySQL database The application

requires 6 web tier servers and 6 application tier servers for normal operation, but can run

on a minimum of 65% server capacity and a single MySQL database. When deploying this

application in a region with three availability zones (AZs) which architecture provides high

availability?

A. A web tier deployed across 2 AZs with 3 EC2 (Elastic Compute Cloud) instances in

each AZ inside an Auto Scaling Group behind an ELB (elastic load balancer), and an

application tier deployed across 2 AZs with 3 EC2 instances in each AZ inside an Auto

Scaling Group behind an ELB. and one RDS (Relational Database Service) instance

deployed with read replicas in the other AZ.?

B. A web tier deployed across 3 AZs with 2 EC2 (Elastic Compute Cloud) instances in

each A2 inside an Auto Scaling Group behind an ELB (elastic load balancer) and an

application tier deployed across 3 AZs with 2 EC2 instances in each AZ inside an Auto

Scaling Group behind an ELB and one RDS (Relational Database Service) Instance

deployed with read replicas in the two other AZs.

C. d A web tier deployed across 2 AZs with 3 EC2 (Elastic Compute Cloud) instances

in each AZ inside an Auto Scaling Group behind an ELB (elastic load balancer) and an

application tier deployed across 2 AZs with 3 EC2 instances m each AZ inside an Auto

Scaling Group behind an ELS and a Multi-AZ RDS (Relational Database Service)

deployment.

D. A web tier deployed across 3 AZs with 2 EC2 (Elastic Compute Cloud) instances in

each AZ Inside an Auto Scaling Group behind an ELB (elastic load balancer). And an

application tier deployed across 3 AZs with 2 EC2 instances In each AZ inside an Auto

Scaling Group behind an ELB. And a Multi-AZ RDS (Relational Database services)

deployment.

--------------------------------------------------Answer: B

Question No : 3 - (Topic 1)

You have an application running on an EC2 Instance which will allow users to download

flies from a private S3 bucket using a pre-assigned URL. Before generating the URL the

application should verify the existence of the file in S3.

How should the application use AWS credentials to access the S3 bucket securely?

A. Use the AWS account access Keys the application retrieves the credentials from the

source code of the application.

B. Create a IAM user for the application with permissions that allow list access to the

S3 bucket launch the instance as the IAM user and retrieve the IAM user's credentials from

the EC2 instance user data.

C. Create an IAM role for EC2 that allows list access to objects in the S3 bucket.

Launch the instance with the role, and retrieve the role's credentials from the EC2 Instance

metadata

D. Create an IAM user for the application with permissions that allow list access to the

S3 bucket. The application retrieves the IAM user credentials from a temporary directory

with permissions that allow read access only to the application user.

---------------------------------------------Answer: B

Question No : 4 - (Topic 1)

You have been asked to design the storage layer for an application. The application

requires disk performance of at least 100,000 IOPS in addition, the storage layer must be

able to survive the loss of an individual disk. EC2 instance, or Availability Zone without any

data loss. The volume you provide must have a capacity of at least 3 TB. Which of the

following designs will meet these objectives'?

A. Instantiate an 12 8xlarge instance in us-east-1a Create a RAID 0 volume using the

four 800GB SSD ephemeral disks provided with the instance Provision 3x1 TB EBS

volumes attach them to the instance and configure them as a second RAID 0 volume

Configure synchronous, block-level replication from the ephemeral-backed volume to the

EBS-backed volume.

B. Instantiate an 12 8xlarge instance in us-east-1a create a raid 0 volume using the

four 800GB SSD ephemeral disks provide with the Instance Configure synchronous blocklevel replication to an Identically configured Instance in us-east-1b.

C. Instantiate a c3 8xlarge Instance In us-east-1 Provision an AWS Storage Gateway

and configure it for 3 TB of storage and 100 000 IOPS Attach the volume to the instance.

D. Instantiate a c3 8xlarge instance in us-east-i provision 4x1TB EBS volumes, attach

them to the instance, and configure them as a single RAID 5 volume Ensure that EBS

snapshots are performed every 15 minutes.

E. Instantiate a c3 8xlarge Instance in us-east-1 Provision 3x1TB EBS volumes attach

them to the instance, and configure them as a single RAID 0 volume Ensure that EBS

snapshots are performed every 15 minutes.

--------------------------------------------------------Answer: D

Question No : 5 - (Topic 1)

To serve Web traffic for a popular product your chief financial officer and IT director have

purchased 10 ml large heavy utilization Reserved Instances (RIs) evenly spread across

two availability zones: Route 53 is used to deliver the traffic to an Elastic Load Balancer

(ELB). After several months, the product grows even more popular and you need additional

capacity As a result, your company purchases two C3.2xlarge medium utilization Ris You

register the two c3 2xlarge instances with your ELB and quickly find that the ml large

instances are at 100% of capacity and the c3 2xlarge instances have significant capacity

that's unused Which option is the most cost effective and uses EC2 capacity most

effectively?

A. Use a separate ELB for each instance type and distribute load to ELBs with Route

53 weighted round robin

B. Configure Autoscaning group and Launch Configuration with ELB to add up to 10

more on-demand mi large instances when triggered by Cloudwatch shut off c3 2xiarge

instances C. Route traffic to EC2 ml large and c3 2xlarge instances directly using Route 53

latency based routing and health checks shut off ELB

D. Configure ELB with two c3 2xiarge Instances and use on-demand Autoscailng group for

up to two additional c3.2xlarge instances Shut on mi .large instances.

-----------------------------------------------------Answer: D

Question No : 6 - (Topic 1)

Your company produces customer commissioned one-of-a-kind skiing helmets combining

nigh fashion with custom technical enhancements Customers can show off their

Individuality on the ski slopes and have access to head-up-displays. GPS rear-view cams

and any other technical innovation they wish to embed in the helmet.

The current manufacturing process is data rich and complex including assessments to

ensure that the custom electronics and materials used to assemble the helmets are to the

highest standards Assessments are a mixture of human and automated assessments you

need to add a new set of assessment to model the failure modes of the custom electronics

using GPUs with CUDA. across a cluster of servers with low latency networking.

What architecture would allow you to automate the existing process using a hybrid

approach and ensure that the architecture can support the evolution of processes over

time?

A. Use AWS Data Pipeline to manage movement of data & meta-data and

assessments Use an auto-scaling group of G2 instances in a placement group.

B. Use Amazon Simple Workflow (SWF) 10 manages assessments, movement of data

& meta-data Use an auto-scaling group of G2 instances in a placement group.

C. Use Amazon Simple Workflow (SWF) lo manages assessments movement of data

& meta-data Use an auto-scaling group of C3 instances with SR-IOV (Single Root I/O

Virtualization).

D. Use AWS data Pipeline to manage movement of data & meta-data and

assessments use auto-scaling group of C3 with SR-IOV (Single Root I/O virtualization).

------------------------------------------------------Answer: A

Question No : 7 - (Topic 1)

You deployed your company website using Elastic Beanstalk and you enabled log file

rotation to S3. An Elastic Map Reduce job is periodically analyzing the logs on S3 to build a

usage dashboard that you share with your CIO. You recently improved overall performance

of the website using Cloud Front for dynamic content delivery and your website as the

origin

After this architectural change, the usage dashboard shows that the traffic on your website

dropped by an order of magnitude. How do you fix your usage dashboard'?

A. Enable Cloud Front to deliver access logs to S3 and use them as input of the Elastic

Map Reduce job.

B. Turn on Cloud Trail and use trail log tiles on S3 as input of the Elastic Map Reduce job

C. Change your log collection process to use Cloud Watch ELB metrics as input of the

Elastic Map Reduce job

D. Use Elastic Beanstalk "Rebuild Environment" option to update log delivery to the Elastic

Map Reduce job.

E. Use Elastic Beanstalk 'Restart App server(s)" option to update log delivery to the Elastic

Map Reduce job.

------------------------------------------------------------Answer: D

Question No : 8 - (Topic 1)

You are developing a new mobile application and are considering storing user preferences

in AWS.2w This would provide a more uniform cross-device experience to users using

multiple mobile devices to access the application. The preference data for each user is

estimated to be 50KB in size Additionally 5 million customers are expected to use the

application on a regular basis. The solution needs to be cost-effective, highly available,

scalable and secure, how would you design a solution to meet the above requirements?

A. Setup an RDS MySQL instance in 2 availability zones to store the user preference

data. Deploy a public facing application on a server in front of the database to manage

security and access credentials?

B. Setup a DynamoDB table with an item for each user having the necessary attributes

to hold the user preferences. The mobile application will query the user preferences

directly from the DynamoDB table. Utilize STS. Web Identity Federation, and DynamoDB

Fine Grained Access Control to authenticate and authorize access.

C. Setup an RDS MySQL instance with multiple read replicas in 2 availability zones to

store the user preference data .The mobile application will query the user preferences from

the read replicas. Leverage the MySQL user management and access privilege system to

manage security and access credentials.

D. Store the user preference data in S3 Setup a DynamoDB table with an item for each

user and an item attribute pointing to the user’ S3 object. The mobile application will

retrieve the S3 URL from DynamoDB and then access the S3 object directly utilize STS,

Web identity Federation, and S3 ACLs to authenticate and authorize access.

-------------------------------------------------------Answer: B

Question No : 9 - (Topic 1)

An AWS customer is deploying an application mat is composed of an AutoScaling group of

EC2 Instances.

The customers security policy requires that every outbound connection from these

instances to any other service within the customers

Virtual Private Cloud must be authenticated using a unique x 509 certificate that contains

the specific instance-id.

In addition an x 509 certificates must Designed by the customer's Key management service

in order to be trusted for authentication.

Which of the following configurations will support these requirements?

A. Configure an IAM Role that grants access to an Amazon S3 object containing a

signed certificate and configure me Auto Scaling group to launch instances with this role

Have the instances bootstrap get the certificate from Amazon S3 upon first boot.

B. Embed a certificate into the Amazon Machine Image that is used by the Auto

Scaling group Have the launched instances generate a certificate signature request with

the instance's assigned instance-id to the Key management service for signature.

C. Configure the Auto Scaling group to send an SNS notification of the launch of a new

instance to the trusted key management service. Have the Key management service

generate a signed certificate and send it directly to the newly launched instance.?

D. Configure the launched instances to generate a new certificate upon first boot Have

the Key management service poll the AutoScaling group for associated instances and

send new instances a certificate signature (hat contains the specific instance-id.

---------------------------------------------------Answer: A

Question No : 10 - (Topic 1)

Your company is in the process of developing a next generation pet collar that collects

biometric information to assist families with promoting healthy lifestyles for their pets Each

collar will push 30kb of biometric data In JSON format every 2 seconds to a collection

platform that will process and analyze the data providing health trending information back

to the pet owners and veterinarians via a web portal Management has tasked you to

architect the collection platform ensuring the following requirements are met.

Provide the ability for real-time analytics of the inbound biometric data

Ensure processing of the biometric data is highly durable. Elastic and parallel

The results of the analytic processing should be persisted for data mining

Which architecture outlined below win meet the initial requirements for the collection

platform?

A. Utilize S3 to collect the inbound sensor data analyze the data from S3 with a daily

scheduled Data Pipeline and save the results to a Redshift Cluster.

B. Utilize Amazon Kinesis to collect the inbound sensor data, analyze the data with Kinesis

clients and save the results to a Redshift cluster using EMR.

C. Utilize SQS to collect the inbound sensor data analyze the data from SQS with Amazon

Kinesis and save the results to a Microsoft SQL Server RDS instance.

D. Utilize EMR to collect the inbound sensor data, analyze the data from EUR with Amazon

Kinesis and save me results to DynamoDB.

------------------------------------------------- Answer: B

#besanttechnologiesvelachery #besanttechnologiesvelacheryplacement #besanttechnologiesvelacheryreview #AWS #awscloudpractitioner #awssolutionsarchitect #awsinterview