• ホーム
  • ブログ
  • 2023年最新のAWS-Solutions-Associate試験資料AWS-Solutions-Associate学習ガイド [Q151-Q174]

2023年最新のAWS-Solutions-Associate試験資料AWS-Solutions-Associate学習ガイド [Q151-Q174]

Share

2023年最新のAWS-Solutions-Associate試験資料AWS-Solutions-Associate学習ガイド

お手軽に合格させるAWS-Solutions-Associate試験にはこちらが提供する問題集PDFテストエンジン


AWS-Solutions-Associate試験は、最新のAWSサービスとベストプラクティスに合わせて、定期的に更新されています。この試験に挑戦する前に、候補者はAWS上でのアプリケーションの設計と展開に少なくとも1年の経験を持つことが推奨されています。

 

質問 # 151
In the context of AWS IAM, identify a true statement about user passwords (login profiles).

  • A. They cannot contain Basic Latin (ASCII) characters.
  • B. They must contain Unicode characters.
  • C. They must begin and end with a forward slash (/).
  • D. They can contain any Basic Latin (ASCII) characters.

正解:D

解説:
The user passwords (login profiles) of IAM users can contain any Basic Latin (ASCII)characters.
Reference:
http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html


質問 # 152
A retail company has a custom .NET web application running on AWS that uses Microsoft SQL Server for the database. The application servers maintain a user's session locally.
Which combination of architecture changes are needed to ensure all tiers of the solution are highly available? (Choose three.)

  • A. Deploy Amazon CloudFront in front of the application tier. Configure CloudFront to serve content from healthy application instances only.
  • B. Refactor the application to store the user's session in Amazon ElastiCache. Use Application Load Balancers to distribute the load between application instances.
  • C. Move the .NET content to an Amazon S3 bucket. Configure the bucket for static website hosting.
  • D. Migrate the database to Amazon RDS for SQL Server. Configure the RDS instance to use a Multi-AZ deployment.
  • E. Set up the database to generate hourly snapshots using Amazon EBS. Configure an Amazon CloudWatch Events rule to launch a new database instance if the primary one fails.
  • F. Put the application instances in an Auto Scaling group. Configure the Auto Scaling group to create new instances if an instance becomes unhealthy.

正解:C、E、F


質問 # 153
A company hostss a three application on Amazon EC2 instances in a single Availability Zone. The web application uses a self-managed MySQL database that is hosted on an EC2 instances to store data in an Amazon Elastic Block Store (Amazon EBS) volumn. The MySQL database currently uses a 1 TB Provisioned IOPS SSD (io2) EBS volume. The company expects traffic of 1,000 IOPS for both reads and writes at peak traffic.
The company wants to minimize any distruptions, stabilize perperformace, and reduce costs while retaining the capacity for double the IOPS. The company wants to more the database tier to a fully managed solution that is highly available and fault tolerant.
Which solution will meet these requirements MOST cost-effectively?

  • A. Use Amazon S3 Intelligent-Tiering access tiers.
  • B. Use two large EC2 instances to host the database in active-passive mode.
  • C. Use a Multi-AZ deployment of an Amazon RDS for MySQL DB instance with an io2 Block Express EBS volume.
  • D. Use a Multi-AZ deployment of an Amazon RDS for MySQL DB instance with a General Purpose SSD (gp2) EBS volume.

正解:C


質問 # 154
You are responsible for a legacy web application whose server environment is approaching end of life You would like to migrate this application to AWS as quickly as possible, since the application environment currently has the following limitations:
The VM's single 10GB VMDK is almost full Me virtual network interface still uses the 10Mbps driver, which leaves your 100Mbps WAN connection completely underutilized It is currently running on a highly customized. Windows VM within a VMware environment:
You do not have me installation media
This is a mission critical application with an RTO (Recovery Time Objective) of 8 hours. RPO (Recovery Point Objective) of 1 hour. How could you best migrate this application to AWS while meeting your business continuity requirements?

  • A. Use me ec2-bundle-instance API to Import an Image of the VM into EC2
  • B. Use the EC2 VM Import Connector for vCenter to import the VM into EC2.
  • C. Use Import/Export to import the VM as an ESS snapshot and attach to EC2.
  • D. Use 53 to create a backup of the VM and restore the data into EC2.

正解:B


質問 # 155
Which combination of two policies enables AWS identity and access management cross- account access? Choose 2 answers

  • A. Permission policy
  • B. Trust policy
  • C. Bucket policy
  • D. Key policy
  • E. Access policy

正解:A、C


質問 # 156
A solutions architect is designing an application for a two-step order process The first step is synchronous and must return to the user with little latency The second step takes longer, so it will be implemented in a separate component Orders must be processed exactly once and in the order in which they are received How should the solutions architect integrate these components?

  • A. Create an SNS topic and subscribe an Amazon SQS Standard queue to that topic.
  • B. Use an Amazon SQS FIFO queues
  • C. Use an AWS Lambda function along with Amazon SQS standard queues
  • D. Create an SNS topic and subscribe an Amazon SQS FIFO queue to that topic

正解:B

解説:
Explanation
https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/FIFO-queues.html


質問 # 157
A company is running a batch application on Amazon EC2 instances The application consists of a backend with multiple Amazon RDS databases The application is causing a high number of reads on the databases A solutions architect must reduce the number of database reads while ensuring high availability.
What should the solutions architect do to meet this requirement?

  • A. Add Amazon RDS read replicas.
  • B. Use Amazon ElastiCache for Memcached
  • C. Use Amazon ElastiCache for Redis
  • D. Use Amazon Route 53 DNS caching

正解:A


質問 # 158
A company has an AWS account that contains three VPCs (Dev, Test, and Prod) in the same region. Test is peered to both Prod and Dev. All VPCs have non-overlapping CIDR blocks. The company wants to push minor code releases from Dev to Prod to speed up time to market. Which of the following options helps the company accomplish this?

  • A. Create a new entry to Prod in the Dev route table using the peering connection as the target.
  • B. The VPCs have non-overlapping CIDR blocks in the same account. The route tables contain local routes for all VPCs.
  • C. Attach a second gateway to Dev. Add a new entry in the Prod route table identifying the gateway as the target.
  • D. Create a new peering connection Between Prod and Dev along with appropriate routes.

正解:D


質問 # 159
Fill in the blanks: A _ is a storage device that moves data in sequences of bytes or bits (blocks).
Hint: These devices support random access and generally use buffered 1/0.

  • A. mapping device
  • B. block map
  • C. storage block
  • D. block device

正解:D


質問 # 160
A company wants to reduce the cost of its existing three-tier web architecture. The web, application, and database servers are running on Amazon EC2 instances for the development, test, and production environments. The EC2 instances average 30% CPU utilization during peak hours and 10% CPU utilization during non-peak hours.
The production EC2 instances run 24 hours a day. The development and test EC2 instances run for at least 8 hours each day. The company plans to implement automation to stop the development and test EC2 instances when they are not in use.
Which EC2 instance purchasing solution will meet the company's requirements MOST cost-effectively?

  • A. Use On-Demand Instances for the production EC2 instances. Use Spot blocks for the development and test EC2 instances.
  • B. Use Spot Instances for the production EC2 instances. Use Reserved Instances for the development and test EC2 instances.
  • C. Use Spot blocks for the production EC2 instances. Use Reserved Instances for the development and test EC2 instances.
  • D. Use Reserved Instances for the production EC2 instances. Use On-Demand Instances for the development and test EC2 instances.

正解:D


質問 # 161
A Solutions Architect is designing a web application for document sharing. The users will upload documents that are then made available to other users. There will be tens of thousands of these documents.
What is the MOST cost-effective storage solution?

  • A. Amazon EFS
  • B. Amazon Glacier
  • C. Amazon EBS
  • D. Amazon S3

正解:D

解説:
Explanation
https://dzone.com/articles/confused-by-aws-storage-options-s3-ebs-amp-efs-explained


質問 # 162
Select the correct set of options. These are the initial settings for the default security group:

  • A. Allow all inbound traffic, Allow all outbound traffic and Does NOT allow instances associated with this security group to talk to each other
  • B. Allow no inbound traffic, Allow all outbound traffic and Allow instances associated with this security group to talk to each other
  • C. Allow no inbound traffic, Allow all outbound traffic and Does NOT allow instances associated with this security group to talk to each other
  • D. Allow all inbound traffic, Allow no outbound traffic and Allow instances associated with this security group to talk to each other

正解:B

解説:
A default security group is named default, and it has an ID assigned by AWS. The following are the initial settings for each default security group:
Allow inbound traffic only from other instances associated with the default security group Allow all outbound traffic from the instance The default security group specifies itself as a source security group in its inbound rules. This is what allows instances associated with the default security group to communicate with other instances associated with the default security group.
Reference:
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-security-groups.html#default-%20security- group


質問 # 163
A company has developed a microservices application. It uses a client-facing API with Amazon API Gateway and multiple internal services hosted on Amazon EC2 instances to process user requests The API is designed to support unpredictable surges in traffic, but internal services may become overwhelmed and unresponsive for a period of time during surges A solutions architect needs to design a more reliable solution that reduces errors when internal services become unresponsive or unavailable.
Which solution meets these requirements?

  • A. Use AWS Auto Scaling to scale up internal services when there is a surge in traffic.
  • B. Use different Availability Zones to host internal services Send a notification to a system administrator when an internal service becomes unresponsive
  • C. Use Amazon Simple Queue Service (Amazon SQS) to store user requests as they arrive. Change the internal services to retrieve the requests from the queue for processing
  • D. Use an Elastic Load Balancer to distribute the traffic between internal services Configure Amazon CloudWatch metrics to monitor traffic to internal services

正解:C


質問 # 164
A company hosts its web application on AWS using seven Amazon EC2 instances. The company requires that the IP addresses of all healthy EC2 instances be returned in response to DNS queries.
Which policy should be used to meet this requirement?

  • A. Simple routing policy
  • B. Latency routing policy
  • C. Multivalue routing policy
  • D. Geolocation routing policy

正解:C

解説:
Explanation
https://aws.amazon.com/premiumsupport/knowledge-center/multivalue-versus-simple-policies/
"Use a multivalue answer routing policy to help distribute DNS responses across multiple resources. For example, use multivalue answer routing when you want to associate your routing records with a Route 53 health check."
https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html#routing-policy-multivalue


質問 # 165
Does DynamoDB support in-place atomic updates?

  • A. Yes
  • B. It is not defined
  • C. It does support in-place non-atomic updates
  • D. No

正解:A

解説:
DynamoDB supports in-place atomic updates.
Reference:
http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/WorkingWithItems.html#Working WithItems.AtomicCounters


質問 # 166
Fill in the blanks: _____ is a durable, block-level storage volume that you can attach to a single, running Amazon EC2 instance.

  • A. Amazon S3
  • B. None of these
  • C. Amazon EBS
  • D. All of these

正解:C


質問 # 167
A company needs to implement a relational database with a multi-Region disaster recovery Recovery Point Objective (RPO) of 1 second and an Recovery Time Objective (RTO) of 1 minute Which AWS solution can achieve this?

  • A. Amazon Aurora Global Database
  • B. Amazon RDS for MySQL with Multi-AZ enabled
  • C. Amazon DynamoDB global tables
  • D. Amazon RDS for MySQL with a cross-Region snapshot copy

正解:A


質問 # 168
A company has an application that provides marketing services to stores. The services are based on previous purchases by store customers. The stores upload transaction data to the company through SFTP, and the data is processed and analyzed to generate new marketing offers. Some of the files can exceed 200 GB in size.
Recently, the company discovered that some of the stores have uploaded files that contain personally identifiable information (PII) that should not have been included. The company wants administrators to be alerted if PII is shared again. The company also wants to automate remediation.
What should a solutions architect do to meet these requirements with the LEAST development effort?

  • A. Use an Amazon S3 bucket as a secure transfer point. Use Amazon Inspector to scan me objects in the bucket. If objects contain Pll. trigger an S3 Lifecycle policy to remove the objects that contain Pll.
  • B. Use an Amazon S3 bucket as a secure transfer point. Use Amazon Macie to scan the objects in the bucket. If objects contain Pll. Use Amazon Simple Notification Service (Amazon SNS) to trigger a notification to the administrators to remove the objects mat contain Pll.
  • C. Implement custom scanning algorithms in an AWS Lambda function. Trigger the function when objects are loaded into the bucket. It objects contain Rll. use Amazon Simple Notification Service (Amazon SNS) to trigger a notification to the administrators to remove the objects that contain Pll.
  • D. Implement custom scanning algorithms in an AWS Lambda function. Trigger the function when objects are loaded into the bucket. If objects contain Pll. use Amazon Simple Email Service (Amazon STS) to trigger a notification to the administrators and trigger on S3 Lifecycle policy to remove the objects mot contain PII.

正解:B


質問 # 169
You are building a system to distribute confidential documents to employees. Using CloudFront, what method could be used to serve content that is stored in S3, but not publically accessible from S3 directly?

  • A. Create an Origin Access Identity (OAI) for CloudFront and grant access to the objects in your S3 bucket to that OAI.
  • B. Create a S3 bucket policy that lists the CloudFront distribution ID as the Principal and the target bucket as the Amazon Resource Name (ARN).
  • C. Add the CloudFront account security group "amazon-cf/amazon-cf-sg" to the appropriate S3 bucket policy.
  • D. Create an Identity and Access Management (IAM) User for CloudFront and grant access to the objects in your S3 bucket to that IAM User.

正解:A

解説:
You restrict access to Amazon S3 content by creating an origin access identity, which is a special CloudFront user. You change Amazon S3 permissions to give the origin access identity permission to access your objects, and to remove permissions from everyone else. When your users access your Amazon S3 objects using CloudFront URLs, the CloudFront origin access identity gets the objects on your users' behalf. If your users try to access objects using Amazon S3 URLs, they're denied access. The origin access identity has permission to access objects in your Amazon S3 bucket, but users don't.
Reference:
http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-acces s-to-s3.html


質問 # 170
Name the disk storage supported by Amazon Elastic Compute Cloud (EC2).

  • A. None of these
  • B. Amazon AppStream store
  • C. Amazon Instance Store
  • D. Amazon SNS store

正解:C

解説:
Amazon EC2 supports the following storage options: Amazon Elastic Block Store (Amazon EBS) Amazon EC2 Instance Store Amazon Simple Storage Service (Amazon S3) Reference: http://docs.amazonwebservices.com/AWSEC2/latest/UserGuide/Storage.html


質問 # 171
A company has migrated an application to Amazon EC2 Linux instances. One of these EC2 instances runs several 1-hour tasks on a schedule. These tasks were written by different teams and have no common programming language. The company is concerned about performance and scalability while these tasks run on a single instance. A solutions architect needs to implement a solution to resolve these concerns.
Which solution will meet these requirements with the LEAST operational overhead?

  • A. Convert the EC2 instance to a container. Use AWS App Runner to create the container on demand to run the tasks as jobs.
  • B. Create an Amazon Machine Image (AMI) of the EC2 instance that runs the tasks. Create an Auto Scaling group with the AMI to run multiple copies of the instance.
  • C. Copy the tasks into AWS Lambda functions. Schedule the Lambda functions by using Amazon EventBridge (Amazon CloudWatch Events).
  • D. Use AWS Batch to run the tasks as jobs. Schedule the jobs by using Amazon EventBridge (Amazon CloudWatch Events).

正解:C


質問 # 172
Your company has an on-premises multi-tier PHP web application, which recently experienced downtime due to a large burst In web traffic due to a company announcement Over the coming days, you are expecting similar announcements to drive similar unpredictable bursts, and are looking to find ways to quickly improve your infrastructures ability to handle unexpected increases in traffic.
The application currently consists of 2 tiers a web tier which consists of a load balancer and several Linux Apache web servers as well as a database tier which hosts a Linux server hosting a MySQL database.
Which scenario below will provide full site functionality, while helping to improve the ability of your application in the short timeframe required?

  • A. Offload traffic from on-premises environment: Setup a CloudFront distribution, and configure CloudFront to cache objects from a custom origin. Choose to customize your object cache behavior, and select a TIL that objects should exist in cache.
  • B. Migrate to AWS: Use VM Import/Export to quickly convert an on-premises web server to an AMI.
    Create an Auto Scaling group, which uses the imported AMI to scale the web tier based on incoming traffic. Create an RDS read replica and setup replication between the RDS instance and on-premises MySQL server to migrate the database.
  • C. Hybrid environment: Create an AMI, which can be used to launch web servers in EC2. Create an Auto Scaling group, which uses the AMI to scale the web tier based on incoming traffic. Leverage Elastic Load Balancing to balance traffic between on-premises web servers and those hosted In AWS.
  • D. Failover environment: Create an 53 bucket and configure it for website hosting. Migrate your DNS to Route53 using zone file import, and leverage Route53 DNS failover to failover to the 53 hosted website.

正解:A


質問 # 173
You are designing an SSUTLS solution that requires HTTPS clients to be authenticated by the Web server using client certificate authentication. The solution must be resilient.
Which of the following options would you consider for configuring the web server infrastructure? (Choose 2 answers)

  • A. Configure your Web servers with EIPS Place the Web servers in a Route53 Record Set and configure health checks against all Web servers.
  • B. Configure ELB with TCP listeners on TCP/4d3. And place the Web servers behind it.
  • C. Configure ELB with HTTPS listeners, and place the Web servers behind it.
  • D. Configure your web servers as the origins for a CloudFront distribution. Use custom SSL certificates on your CloudFront distribution.

正解:B、D


質問 # 174
......

AWS-Solutions-AssociateのPDFで合格させるスゴ問題集でAWS-Solutions-Associate最新のリアル試験問題:https://www.goshiken.com/Amazon/AWS-Solutions-Associate-mondaishu.html

有効なAWS-Solutions-Associateテスト解答AWS-Solutions-Associate試験PDF:https://drive.google.com/open?id=1XQO7bKyqWF0TVZadc1V3Jbo6VBn6zk5t

関するブログ

もっと
AWS-Solutions-Associate無料問題集