Premium

AWS Certified Solutions Architect - Professional Questions and Answers (Dumps and Practice Questions)



Question : You require the ability to analyze a customer's clickstream data on a website so they can do behavioral analysis. Your customer needs to know what sequence of pages and
ads their customer clicked on. This data will be used in real time to modify the page layouts as customers click through the site to increase stickiness and advertising
click-through. Which option meets the requirements for captioning and analyzing this data?
: You require the ability to analyze a customer's clickstream data on a website so they can do behavioral analysis. Your customer needs to know what sequence of pages and
1. Log clicks in weblogs by URL store to Amazon S3, and then analyze with Elastic MapReduce
2. Push web clicks by session to Amazon Kinesis and analyze behavior using Kinesis workers
 3. Access Mostly Uused Products by 50000+ Subscribers
4. Publish web clicks by session to an Amazon SQS queue men periodically drain these events to Amazon RDS and analyze with sol


Correct Answer : Get Lastest Questions and Answer :
Explanation: Amazon Kinesis is a fully managed, cloud-based service for real-time data processing over large, distributed data streams. Amazon Kinesis can continuously
capture and store terabytes of data per hour from hundreds of thousands of sources such as website clickstreams, financial transactions, social media feeds, IT logs, and
location-tracking events. With Amazon Kinesis Client Library (KCL), you can build Amazon Kinesis Applications and use streaming data to power real-time dashboards, generate alerts,
implement dynamic pricing and advertising, and more. You can also emit data from Amazon Kinesis to other AWS services such as Amazon Simple Storage Service (Amazon S3), Amazon
Redshift, Amazon Elastic Map Reduce (Amazon EMR), and AWS Lambda.







Question : You have deployed a three-tier web application in a VPC with a CIDR block of / You initially deploy two web servers, two application servers, two database
servers and one NAT instance for a total of seven EC2 instances. The web Application and database servers are deployed across two availability zones (AZs). You also deploy an ELB in
front of the two web servers, and use Route53 for DNS Web (traffic gradually increases in the first few days following the deployment, so you attempt to double the number of
instances in each tier of the application to handle the new load, unfortunately some of these new instances fail to launch.
Which of the following could be the root caused? (Choose 2 answers)

A. The Internet Gateway (IGW) of your VPC has scaled-up adding more instances to handle the traffic spike, reducing the number of available private IP addresses for new instance
launches.
B. AWS reserves one IP address in each subnet's CIDR block for Route53 so you do not have enough addresses left to launch all of the new EC2 instances.
C. AWS reserves the first and the last private IP address in each subnet's CIDR block so you do not have enough addresses left to launch all of the new EC2 instances.
D. The ELB has scaled-up. Adding more instances to handle the traffic reducing the number of available private IP addresses for new instance launches.
E. AWS reserves the first four and the last IP address in each subnet's CIDR block so you do not have enough addresses left to launch all of the new EC2 instances.


: You have deployed a three-tier web application in a VPC with a CIDR block of / You initially deploy two web servers, two application servers, two database
1. A,B
2. B,C
 3. Access Mostly Uused Products by 50000+ Subscribers
4. D,E



Correct Answer : Get Lastest Questions and Answer :

Explanation: Creates a subnet in an existing VPC : When you create each subnet, you provide the VPC ID and the CIDR block you want for the subnet. After you create a subnet, you can't
change its CIDR block. The subnet's CIDR block can be the same as the VPC's CIDR block (assuming you want only a single subnet in the VPC), or a subset of the VPC's CIDR block. If
you create more than one subnet in a VPC, the subnets' CIDR blocks must not overlap. The smallest subnet (and VPC) you can create uses a /28 netmask (16 IP addresses), and the
largest uses a /16 netmask (65,536 IP addresses).

Important : AWS reserves both the first four and the last IP address in each subnet's CIDR block. They're not available for use. If you add more than one subnet to a VPC, they're set
up in a star topology with a logical router in the middle.

Amazon Elastic Load Balancers have multiple IP addresses for a number of reasons, including:

- to support failover in the event of an outage.
- to have endpoints in each availability zone in the ELB configuration. Amazon recommends that everything you build should continue to operate if a single availability zone is
suddenly unavailable. The EC2 SLA doesn't kick in until more than one availability zone is completely out of service.
- to support traffic scaling. The device behind each IP address can handle a finite number of requests per second. As your traffic grows, ELB may add more IP addresses to keep the
service responsive. (They can also scale vertically to larger ELB devices, but with enough traffic, you eventually need to increase IP addresses.)
Please note that the IP addresses for a given ELB can and do change over time. You should never use them directly, but should use the provided DNS name, generally as the target of
you own CNAME entry.






Question : You are designing a social media site and are considering how to mitigate distributed denial-of-service (DDoS) attacks. Which of the below are viable mitigation
techniques? (Choose 3 answers)

A. Add multiple elastic network interfaces (ENIs) to each EC2 instance to increase the network bandwidth.
B. Use dedicated instances to ensure that each instance has the maximum performance possible.
C. Use an Amazon CloudFront distribution for both static and dynamic content.
D. Use an Elastic Load Balancer with auto scaling groups at the web, App and Amazon Relational Database Service (RDS) tiers
E. Add alert Amazon CloudWatch to look for high Network in and CPU utilization.
F. Create processes and capabilities to quickly add and remove rules to the instance OS firewall.

: You are designing a social media site and are considering how to mitigate distributed denial-of-service (DDoS) attacks. Which of the below are viable mitigation
1. A,B,D
2. B,D,F
 3. Access Mostly Uused Products by 50000+ Subscribers
4. D,E,F



Correct Answer : Get Lastest Questions and Answer :
Exp: You could also use Amazon CloudFront to absorb DoS/DDoS flooding attacks. A potential attacker trying to attack content behind CloudFront is likely to send most or all requests
to CloudFront edge locations, where the AWS infrastructure would absorb the extra requests with minimal to no impact on the back-end customer web servers. Again, there would be
additional AWS service charges for absorbing the attack, but you should weigh this against the costs the attacker would incur in order to continue the attack as well.

Along with conventional approaches for DoS/DDoS attack mitigation and protection, the AWS cloud provides capabilities based on its elasticity.In the cloud, you have the option of
absorbing such an attack. Using AWS technologies like Elastic Load Balancing and Auto Scaling, you can configure the web servers to scale out when under attack (based on load), and
shrink back when the attack stops. Even under heavy attack, the web servers could scale to perform and provide optimal user experience by leveraging cloud elasticity. By absorbing
the attack, you might incur additional AWS service costs; but sustaining such an attack is so financially challenging for the attacker that absorbed attacks are unlikely to persist.

Traditional firewall techniques limit the attack surface for potential attackers and deny traffic to and from the source of destination of attack.





Related Questions

Question : Acmeshell is trying to setting up a backup and restore system in AWS of their in premise system and needs HA and DR but is okay to have a longer
recovery time to save costs. Which of the below mentioned setup options helps achieve the objective of cost saving as well as DR in the most effective way?
 : Acmeshell is trying to setting up a backup and restore system in AWS of their in premise system and needs HA and DR but is okay to have a longer
1. Setup a small instance with AutoScaling; in case of DR start diverting all the load to AWS from on premise.
2. Replicate on premise DB to EC2 at regular intervals and setup a scenario similar to the pilot light.
3. Access Mostly Uused Products by 50000+ Subscribers
4. Setup the backup data on S3 and transfer data to S3 regularly using the storage gateway.




Question : Acmeshell.com is having an application which can start and stop an EC instance as per schedule and needs the MAC address of the instance
to be registered with its software. The instance is launched in EC2-CLASSIC. How can the organization update the MAC registration every time an instance is booted?
 : Acmeshell.com is having an application which can start and stop an EC instance as per schedule and needs the MAC address of the instance
1. The instance MAC address never changes. Thus, it is not required to register the MAC address every time.
2. AWS never provides a MAC address to an instance; instead the instance ID is used for identifying the instance for any software registration.
 3. Access Mostly Uused Products by 50000+ Subscribers
4. Acmeshell should write a boot strapping script which will get the MAC address from the instance metadata and use that script to register with the application.




Question : QuickTechie.com is setting up a highly scalable application using the Elastic Beanstalk. The organization is using ELB as well as VPC with public and
private subnets. The organization wants that all the EC2 instances should have a private IP as well as receive data from ELB. Which of below mentioned requirements
will not be required while configuring this setup?
 : QuickTechie.com is setting up a highly scalable application using the Elastic Beanstalk. The organization is using ELB as well as VPC with public and
1. Configure ELB and NAT as a part of the public subnet only.
2. Launch the EC2 instances with only the public subnet.
 3. Access Mostly Uused Products by 50000+ Subscribers
4. Create routing rules which will route all outbound traffic from the EC2 instances through NAT.




Question : QuickTechie.com is planning to use EBS for his DB requirement and QuickTechie already has an EC instance running in the VPC private subnet.
How can QuickTechie attach the EBS volume to a running instance?
 : QuickTechie.com is planning to use EBS for his DB requirement and QuickTechie already has an EC instance running in the VPC private subnet.
1. QuickTechie can create EBS in the same zone as the subnet of instance and attach that EBS to instance.
2. It is not possible to attach an EBS to an instance running in VPC until the instance is stopped.
 3. Access Mostly Uused Products by 50000+ Subscribers
4. QuickTechie must create EBS within the same VPC and then attach it to a running instance.




Question : QuickTechie.com has five branches across the globe (NeYork, Mumbai, HongKong, Geneva and London). They want to expand their data centers such that
their web server will be in the AWS and each branch would have their own database in the local data center. Based on the user login, the company wants to connect
to the data center. How can MySecureData company implement this scenario with the AWS VPC?
 : QuickTechie.com has five branches across the globe (NeYork, Mumbai, HongKong, Geneva and London). They want to expand their data centers such that
1. It is not possible to connect different data centers from a single VPC.
2. Create five VPCs with the public subnet for the app server and setup the VPN gateway for each VPN to connect them individually.
 3. Access Mostly Uused Products by 50000+ Subscribers
4. Use the AWS VPN CloudHub to communicate with multiple VPN connections.




Question : AWS has launched T instances which come with CPU usage credit. QuickTechie.com has a requirement which keeps an instance running for hours.
However, QuickTechie has high usage only during 11 AM to 12 PM and planning to use a T2 small instance for this purpose.
If QuickTechie.com already has multiple instances running since Jan 2012, which of the below mentioned options should the QuickTechie implement while launching a T2 instance?
 : AWS has launched T instances which come with CPU usage credit. QuickTechie.com has a requirement which keeps an instance running for hours.
1. While launching a T2 instance the organization must select EC2-VPC as the platform.
2. The organization must migrate to the EC2-VPC platform first before launching a T2 instance.
 3. Access Mostly Uused Products by 50000+ Subscribers
4. While launching a T2 instance the organization must create a new AWS account as this account does not have the EC2-VPC platform.