Free AWS-Solution-Architect-Associate Exam Braindumps

- (Exam Topic 1)
A company has applications that run on Amazon EC2 instances in a VPC. One of the applications needs to call the Amazon S3 API to store and read objects. According to the company's security regulations, no traffic from the applications is allowed to travel across the internet.
Which solution will meet these requirements?

1. A. Configure an S3 interface endpoint.
2. B. Configure an S3 gateway endpoint.
3. C. Create an S3 bucket in a private subnet.
4. D. Create an S3 bucket in the same Region as the EC2 instance.

Correct Answer: B
https://docs.aws.amazon.com/AmazonS3/latest/userguide/privatelink-interface-endpoints.html#types-of-vpc-end https://docs.aws.amazon.com/vpc/latest/userguide/vpc-endpoints-s3.html

- (Exam Topic 3)
A solutions architect must secure a VPC network that hosts Amazon EC2 instances The EC2 ^stances contain highly sensitive data and tun n a private subnet According to company policy the EC2 instances mat run m the VPC can access only approved third-party software repositories on the internet for software product updates that use the third party's URL Other internet traffic must be blocked.
Which solution meets these requirements?

1. A. Update the route table for the private subnet to route the outbound traffic to an AWS Network Firewall.Configure domain list rule groups
2. B. Set up an AWS WAF web AC
3. C. Create a custom set of rules that filter traffic requests based on source and destination IP address range sets.
4. D. Implement strict inbound security group roles Configure an outbound rule that allows traffic only to the authorized software repositories on the internet by specifying the URLs
5. E. Configure an Application Load Balancer (ALB) in front of the EC2 instance
6. F. Direct an outbound traffic to the ALB Use a URL-based rule listener in the ALB's target group for outbound access to the internet

Correct Answer: C

- (Exam Topic 2)
A gaming company hosts a browser-based application on AWS. The users of the application consume a large number of videos and images that are stored in Amazon S3. This content is the same for all users.
The application has increased in popularity, and millions of users worldwide are accessing these media files. The company wants to provide the files to the users while reducing the load on the origin.
Which solution meets these requirements MOST cost-effectively?

1. A. Deploy an AWS Global Accelerator accelerator in front of the web servers.
2. B. Deploy an Amazon CloudFront web distribution in front of the S3 bucket.
3. C. Deploy an Amazon ElastiCache for Redis instance in front of the web servers.
4. D. Deploy an Amazon ElastiCache for Memcached instance in front of the web servers.

Correct Answer: B

- (Exam Topic 1)
A company's containerized application runs on an Amazon EC2 instance. The application needs to download security certificates before it can communicate with other business applications. The company wants a highly secure solution to encrypt and decrypt the certificates in near real time. The solution also needs to store data in highly available storage after the data is encrypted.
Which solution will meet these requirements with the LEAST operational overhead?

1. A. Create AWS Secrets Manager secrets for encrypted certificate
2. B. Manually update the certificates as neede
3. C. Control access to the data by using fine-grained IAM access.
4. D. Create an AWS Lambda function that uses the Python cryptography library to receive and perform encryption operation
5. E. Store the function in an Amazon S3 bucket.
6. F. Create an AWS Key Management Service (AWS KMS) customer managed ke
7. G. Allow the EC2 role to use the KMS key for encryption operation
8. H. Store the encrypted data on Amazon S3.
9. I. Create an AWS Key Management Service (AWS KMS) customer managed ke
10. J. Allow the EC2 role to use the KMS key for encryption operation
11. K. Store the encrypted data on Amazon Elastic Block Store (Amazon EBS) volumes.

Correct Answer: D

- (Exam Topic 3)
A company has deployed a web application on AWS. The company hosts the backend database on Amazon RDS for MySQL with a primary DB instance and five read replicas to support scallng needs. The read replicas must lag no more than 1 second behind the primary DB instance. The database routinely runs scheduled stored procedures.
As traffic on the website increases, the replicas experince addtional lag during periods of peak load. A solutions architect must reduce the replication lag as much as possible. The solutin architect must minimize changes to the application code and must minimize ongoing operational overhead.
Which solution will meet these requirements?

1. A. Migrate the database to Amazon Aurora MySQ
2. B. Replace the read replicas with Aurora Replicas, and configure Aurora Auto Scalin
3. C. Replace the store procedures with Aurora MySQL native functions.
4. D. Deploy an Amazon ElasticCache for Redis cluster in front of the databas
5. E. Modify the application to check the cache before the applicatin queries the databas
6. F. Replace the stored procedures with AWS Lambda functions.
7. G. Migrate the database to a MySQL database that runs on Amazon EC2 instance
8. H. Choose large, compute optimized EC2 instances for all replica node
9. I. Maintain the stored procedures on the EC2 instances.
10. J. Migrate the database to Amazon DynamicDB provision a large number of read capacity units(RCUs) to support the required throught, and configure on-demand capacity scalin
11. K. Replace the store procedures with DynamoDB streams

Correct Answer: A