Free AWS-Solution-Architect-Associate Exam Braindumps

- (Exam Topic 1)
A company hosts its web applications in the AWS Cloud. The company configures Elastic Load Balancers to use certificate that are imported into AWS Certificate Manager (ACM). The company’s security team must be notified 30 days before the expiration of each certificate.
What should a solutions architect recommend to meet the requirement?

1. A. Add a rule m ACM to publish a custom message to an Amazon Simple Notification Service (Amazon SNS) topic every day beginning 30 days before any certificate will expire.
2. B. Create an AWS Config rule that checks for certificates that will expire within 30 day
3. C. Configure Amazon EventBridge (Amazon CloudWatch Events) to invoke a custom alert by way of Amazon Simple Notification Service (Amazon SNS) when AWS Config reports a noncompliant resource
4. D. Use AWS trusted Advisor to check for certificates that will expire within to day
5. E. Create an Amazon CloudWatch alarm that is based on Trusted Advisor metrics for check status changes Configure the alarm to send a custom alert by way of Amazon Simple rectification Service (Amazon SNS)
6. F. Create an Amazon EventBridge (Amazon CloudWatch Events) rule to detect any certificates that will expire within 30 day
7. G. Configure the rule to invoke an AWS Lambda functio
8. H. Configure the Lambda function to send a custom alert by way of Amazon Simple Notification Service (Amazon SNS).

Correct Answer: B
https://aws.amazon.com/premiumsupport/knowledge-center/acm-certificate-expiration/

- (Exam Topic 3)
A company has an application thai runs on several Amazon EC2 instances Each EC2 instance has multiple Amazon Elastic Block Store (Amazon EBS) data volumes attached to it The application's EC2 instance configuration and data need to be backed up nightly The application also needs to be recoverable in a different AWS Region
Which solution will meet these requirements in the MOST operationally efficient way?

1. A. Write an AWS Lambda function that schedules nightly snapshots of the application's EBS volumes and copies the snapshots to a different Region
2. B. Create a backup plan by using AWS Backup to perform nightly backup
3. C. Copy the backups to another Region Add the application's EC2 instances as resources
4. D. Create a backup plan by using AWS Backup to perform nightly backups Copy the backups to another Region Add the application's EBS volumes as resources
5. E. Write an AWS Lambda function that schedules nightly snapshots of the application's EBS volumes and copies the snapshots to a different Availability Zone

Correct Answer: B
The most operationally efficient solution to meet these requirements would be to create a backup plan by using AWS Backup to perform nightly backups and copying the backups to another Region. Adding the application's EBS volumes as resources will ensure that the application's EC2 instance configuration and data are backed up, and copying the backups to another Region will ensure that the application is recoverable in a different AWS Region.

- (Exam Topic 2)
A company wants to run a gaming application on Amazon EC2 instances that are part of an Auto Scaling group in the AWS Cloud. The application will transmit data by using UDP packets. The company wants to ensure that the application can scale out and in as traffic increases and decreases.
What should a solutions architect do to meet these requirements?

1. A. Attach a Network Load Balancer to the Auto Scaling group
2. B. Attach an Application Load Balancer to the Auto Scaling group.
3. C. Deploy an Amazon Route 53 record set with a weighted policy to route traffic appropriately
4. D. Deploy a NAT instance that is configured with port forwarding to the EC2 instances in the Auto Scaling group.

Correct Answer: B

- (Exam Topic 2)
A company's application Is having performance issues The application staleful and needs to complete m-memory tasks on Amazon EC2 instances. The company used AWS CloudFormation to deploy
infrastructure and used the M5 EC2 Instance family As traffic increased, the application performance degraded Users are reporting delays when the users attempt to access the application.
Which solution will resolve these issues in the MOST operationally efficient way?

1. A. Replace the EC2 Instances with T3 EC2 instances that run in an Auto Scaling grou
2. B. Made the changes by using the AWS Management Console.
3. C. Modify the CloudFormation templates to run the EC2 instances in an Auto Scaling grou
4. D. Increase the desired capacity and the maximum capacity of the Auto Scaling group manually when an increase is necessary
5. E. Modify the CloudFormation template
6. F. Replace the EC2 instances with R5 EC2 instance
7. G. Use Amazon CloudWatch built-in EC2 memory metrics to track the application performance for future capacity planning.
8. H. Modify the CloudFormation template
9. I. Replace the EC2 instances with R5 EC2 instance
10. J. Deploy the Amazon CloudWatch agent on the EC2 instances to generate custom application latency metrics for future capacity planning.

Correct Answer: D
https://aws.amazon.com/premiumsupport/knowledge-center/cloudwatch-memory-metrics-ec2/

- (Exam Topic 3)
A company has a web server running on an Amazon EC2 instance in a public subnet with an Elastic IP address. The default security group is assigned to the EC2 instance. The default network ACL has been modified to block all traffic. A solutions architect needs to make the web server accessible from everywhere on port 443.
Which combination of steps will accomplish this task? (Choose two.)

1. A. Create a security group with a rule to allow TCP port 443 from source 0.0.0.0/0.
2. B. Create a security group with a rule to allow TCP port 443 to destination 0.0.0.0/0.
3. C. Update the network ACL to allow TCP port 443 from source 0.0.0.0/0.
4. D. Update the network ACL to allow inbound/outbound TCP port 443 from source 0.0.0.0/0 and to destination 0.0.0.0/0.
5. E. Update the network ACL to allow inbound TCP port 443 from source 0.0.0.0/0 and outbound TCP port 32768-65535 to destination 0.0.0.0/0.

Correct Answer: AC
The combination of steps that will accomplish the task of making the web server accessible from everywhere on port 443 is to create a security group with a rule to allow TCP port 443 from source 0.0.0.0/0 (A) and to update the network ACL to allow inbound TCP port 443 from source 0.0.0.0/0 (C). This will ensure that traffic to port 443 is allowed both at the security group level and at the network ACL level, which will make the web server accessible from everywhere on port 443.