Free AWS-Solution-Architect-Associate Exam Braindumps

- (Exam Topic 3)
A solutions architect observes that a nightly batch processing job is automatically scaled up for 1 hour before the desired Amazon EC2 capacity is reached. The peak capacity is the ‘same every night and the batch jobs always start at 1 AM. The solutions architect needs to find a cost-effective solution that will allow for the desired EC2 capacity to be reached quickly and allow the Auto Scaling group to scale down after the batch jobs are complete.
What should the solutions architect do to meet these requirements?

1. A. Increase the minimum capacity for the Auto Scaling group.
2. B. Increase the maximum capacity for the Auto Scaling group.
3. C. Configure scheduled scaling to scale up to the desired compute level.
4. D. Change the scaling policy to add more EC2 instances during each scaling operation.

Correct Answer: C
By configuring scheduled scaling, the solutions architect can set the Auto Scaling group to automatically scale up to the desired compute level at a specific time (IAM) when the batch job starts and then automatically scale down after the job is complete. This will allow the desired EC2 capacity to be reached quickly and also help in reducing the cost.

- (Exam Topic 3)
An ecommerce company is running a multi-tier application on AWS. The front-end and backend tiers run on Amazon EC2, and the database runs on Amazon RDS for MYSQL. The backend tier communities with the RDS instance. There are frequent calls to return identical database from the database that are causing performance slowdowns.
Which action should be taken to improve the performance of the backend?

1. A. Implement Amazon SNS to store the database calls.
2. B. Implement Amazon ElasticCache to cache the large database.
3. C. Implement an RDS for MySQL read replica to cache database calls.
4. D. Implement Amazon Kinesis Data Firehose to stream the calls to the database.

Correct Answer: B

- (Exam Topic 3)
A company is developing a new mobile app. The company must implement proper traffic filtering to protect its Application Load Balancer (ALB) against common application-level attacks, such as cross-site scripting or SQL injection. The company has minimal infrastructure and operational staff. The company needs to reduce its share of the responsibility in managing, updating, and securing servers for its AWS environment.
What should a solutions architect recommend to meet these requirements?

1. A. Configure AWS WAF rules and associate them with the ALB.
2. B. Deploy the application using Amazon S3 with public hosting enabled.
3. C. Deploy AWS Shield Advanced and add the ALB as a protected resource.
4. D. Create a new ALB that directs traffic to an Amazon EC2 instance running a third-party firewall, which then passes the traffic to the current ALB.

Correct Answer: A
A solutions architect should recommend option A, which is to configure AWS WAF rules and associate them with the ALB. This will allow the company to apply traffic filtering at the application layer, which is necessary for protecting the ALB against common application-level attacks such as cross-site scripting or SQL injection. AWS WAF is a managed service that makes it easy to protect web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources. The company can easily manage and update the rules to ensure the security of its application.

- (Exam Topic 3)
A company is concerned that two NAT instances in use will no longer be able to support the traffic needed for the company’s application. A solutions architect wants to implement a solution that is highly available, fault tolerant, and automatically scalable.
What should the solutions architect recommend?

1. A. Remove the two NAT instances and replace them with two NAT gateways in the same Availability Zone.
2. B. Use Auto Scaling groups with Network Load Balancers for the NAT instances in different Availability Zones.
3. C. Remove the two NAT instances and replace them with two NAT gateways in different Availability Zones.
4. D. Replace the two NAT instances with Spot Instances in different Availability Zones and deploy a Network Load Balancer.

Correct Answer: C
If you have resources in multiple Availability Zones and they share one NAT gateway, and if the NAT
gateway’s Availability Zone is down, resources in the other Availability Zones lose internet access. To create an Availability Zone-independent architecture, create a NAT gateway in each Availability Zone and configure your routing to ensure that resources use the NAT gateway in the same Availability Zone. https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-basics

- (Exam Topic 3)
A company has a custom application with embedded credentials that retrieves information from an Amazon RDS MySQL DB instance. Management says the application must be made more secure with the least amount of programming effort.
What should a solutions architect do to meet these requirements?

1. A. Use AWS Key Management Service (AWS KMS) customer master keys (CMKs) to create keys.Configure the application to load the database credentials from AWS KM
2. B. Enable automatic key rotation.
3. C. Create credentials on the RDS for MySQL database for the application user and store the credentials in AWS Secrets Manage
4. D. Configure the application to load the database credentials from Secrets Manage
5. E. Create an AWS Lambda function that rotates the credentials in Secret Manager.
6. F. Create credentials on the RDS for MySQL database for the application user and store the credentials in AWS Secrets Manage
7. G. Configure the application to load the database credentials from Secrets Manage
8. H. Set up a credentials rotation schedule for the application user in the RDS for MySQL database using Secrets Manager.
9. I. Create credentials on the RDS for MySQL database for the application user and store the credentials in AWS Systems Manager Parameter Stor
10. J. Configure the application to load the database credentials from Parameter Stor
11. K. Set up a credentials rotation schedule for the application user in the RDS for MySQL database using Parameter Store.

Correct Answer: B