CS301 SAA Quiz University Quiz

1.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

A company runs its website on Amazon EC2 instances behind an Application Load Balancer that is configured as the origin for an Amazon CloudFront distribution. The company wants to protect against cross-site scripting and SQL injection attacks. Which approach should a solutions architect recommend to meet these requirements?

Enable AWS Shield Advanced. List the CloudFront distribution as a protected resource.

Define an AWS Shield Advanced policy in AWS Firewall Manager to block cross-site scripting and SQL injection attacks.

Deploy AWS Firewall Manager on the EC2 instances. Create conditions and rules that block cross-site scripting and SQL injection attacks.

Set up AWS WAF on the CloudFront distribution. Use conditions and rules that block cross-site scripting and SQL injection attacks.

2.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

A company needs to maintain data records for a minimum of 5 years. The data is rarely accessed after it is stored. The data must be accessible within 2 hours. Which solution will meet these requirements MOST cost-effectively?

Store the data in an Amazon Elastic File System (Amazon EFS) file system. Access the data by using AWS Direct Connect.

Store the data in an Amazon Elastic Block Store (Amazon EBS) volume. Create snapshots. Store the snapshots in an Amazon S3 bucket.

Store the data in an Amazon S3 bucket. Use an S3 Lifecycle policy to move the data to S3 Standard-Infrequent Access (S3 Standard-IA).

Store the data in an Amazon S3 bucket. Use an S3 Lifecycle policy to move the data to S3 Glacier Instant Retrieval

3.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

A company is investigating services to manage vulnerability scans in Amazon EC2 instances and container images that the company stores in Amazon Elastic Container Registry (Amazon ECR). The service should identify potential software vulnerabilities and categorize the severity of the vulnerabilities. Which AWS service will meet these requirements?

Amazon GuardDuty

Patch Manager, a capability of AWS Systems Manager

Amazon Inspector

AWS Config

4.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

A company is deploying a new application that will consist of an application layer and an online transaction processing (OLTP) relational database. The application must be available at all times. However, the application will have unpredictable traffic patterns. The company wants to pay the minimum for compute costs during these idle periods. Which solution will meet these requirements MOST cost effectively?

Run the application on Amazon EC2 instances by using a burstable instance type. Use Amazon Redshift for the database

Deploy the application and a MySQL database to Amazon EC2 instances by using AWS CloudFormation. Delete the instances at the beginning of the idle periods

Deploy the application on Amazon EC2 instances in an Auto Scaling group behind an Application Load Balancer. Use Amazon RDS for MySQL for the database

Run the application in containers with Amazon Elastic Container Service (Amazon ECS) on AWS Fargate. Use Amazon Aurora Serverless for the database

5.

MULTIPLE SELECT QUESTION

1 min • 1 pt

Which components are required to build a site-to-site VPN connection to AWS? Select TWO

An internet gateway

A NAT Gateway

A Customer Gateway

Amazon API Gateway

A virtual private gateway

6.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

A company is developing a new mobile version of its popular web application in the AWS Cloud. The mobile app must be accessible to internal and external users. The mobile app must handle authorization, authentication, and user management from one central source. Which solution meets these requirements?

IAM Roles

IAM Users and Groups

Amazon Cognito User Pools

AWS Security Token Service (STS)

7.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

A company is designing a disaster recovery (DR) architecture for an important application on AWS. The company has determined that the recovery time objective (RTO) is 5 minutes with a minimal running instance capacity to support the application in the AWS DR site. The company needs to minimize costs for the DR architecture. Which DR strategy will meet these requirements?

Warm Standby

Pilot Light

Multi-Site Active-Active

Backup and Restore

8.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

An application runs on two Amazon EC2 instances behind a Network Load Balancer. The EC2 instances are in a single Availability Zone. What should a solutions architect do to make this architecture more highly available?

Create a new VPC with two new EC2 instances in the same Availability Zone as the original EC2 instances. Create a VPC peering connection between the two VPCs

Replace the Network Load Balancer with an Application Load Balancer that is configured with the EC2 instances in an Auto Scaling group

Configure Amazon Route 53 to perform health checks on the EC2 instances behind the Network Load Balancer. Add a failover routing policy

Place the EC2 instances in an Auto Scaling group that extends across multiple Availability Zones. Designate the Auto Scaling group as the target of the Network Load Balancer.

9.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

A company has an application that runs on a large general purpose Amazon EC2 instance type that is part of an EC2 Auto Scaling group. The company wants to reduce future costs associated with this application. After the company reviews metrics and logs in Amazon CloudWatch, the company notices that this application runs randomly a couple of times a day to retrieve and manage data. According to CloudWatch, the maximum runtime for each request is 10 minutes, the memory use is 4 GB, and the instances are always in the running state. Which solution will reduce costs the MOST?

Deploy the application on a large burstable EC2 instance

Refactor the application code to run as an AWS Lambda function

Containerize the application by using Amazon Elastic Kubernetes Service (Amazon EKS). Host the container on EC2 instances

Use AWS Instance Scheduler to start and stop the instances based on the runtimes in the logs

10.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

A company uses one AWS account to run production workloads. The company has a separate AWS account for its security team. During periodic audits, the security team needs to view specific account settings and resource configurations in the AWS account that runs production workloads. A solutions architect must provide the required access to the security team by designing a solution that follows AWS security best practices. Which solution will meet these requirements?

Create an IAM user for each security team member in the production account. Attach a permissions policy that provides the permissions required by the security team to each user

Create an IAM role in the production account. Attach a permissions policy that provides the permissions required by the security team. Add the security team account to the trust policy

Create a new IAM user in the production account. Assign administrative privileges to the user. Allow the security team to use this account to log in to the systems that need to be accessed

Create an IAM user for each security team member in the production account. Attach a permissions policy that provides the permissions required by the security team to a new IAM group. Assign the security team members to the group

Create a free account and access millions of resources

Similar Resources on Quizizz

Popular Resources on Quizizz

Discover more resources for Information Technology (IT)