Summer Sale Special - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sntaclus

A company has an application that is based on Amazon EC2. The company provides API access to the application through Amazon API Gateway and uses Amazon DynamoDB to store the application ' s data. A developer is investigating performance issues that are affecting the application. During peak usage, the application is overwhelmed by a large number of identical data read requests that come through APIs. What is the MOST operationally efficient way for the developer to improve the application ' s performance?

A.

Use DynamoDB Accelerator (DAX) to cache database responses.

B.

Configure Amazon EC2 Auto Scaling policies to meet fluctuating demand.

C.

Enable API Gateway caching to cache API responses.

D.

Use Amazon ElastiCache to cache application responses.

A developer has created an AWS Lambda function that makes queries to an Amazon Aurora MySQL DB instance. When the developer performs a test the OB instance shows an error for too many connections.

Which solution will meet these requirements with the LEAST operational effort?

A.

Create a read replica for the DB instance Query the replica DB instance instead of the primary DB instance.

B.

Migrate the data lo an Amazon DynamoDB database.

C.

Configure the Amazon Aurora MySQL DB instance tor Multi-AZ deployment.

D.

Create a proxy in Amazon RDS Proxy Query the proxy instead of the DB instance.

A company has an application that consists of different microservices that run inside an AWS account. The microservices are running in containers inside a single VPC. The number of microservices is constantly increasing. A developer must create a central logging solution for application logs.

Which solution will meet these requirements?

A.

Create a different Amazon CloudWatch Logs stream for each microservice.

B.

Create an AWS CloudTrail trail to log all the API calls.

C.

Configure VPC Flow Logs to track the communications between the microservices.

D.

Use AWS Cloud Map to map the interactions of the microservices.

A developer is writing an application to analyze the traffic to a fleet of Amazon EC2 instances. The EC2 instances run behind a public Application Load Balancer (ALB). An HTTP server runs on each of the EC2 instances, logging all requests to a log file.

The developer wants to capture the client public IP addresses. The developer analyzes the log files and notices only the IP address of the ALB.

What must the developer do to capture the client public IP addresses in the log file?

A.

Add a Host header to the HTTP server log configuration file.

B.

Install the Amazon CloudWatch Logs agent on each EC2 instance. Configure the agent to write to the log file.

C.

Install the AWS X-Ray daemon on each EC2 instance. Configure the daemon to write to the log file.

D.

Add an X-Forwarded-For header to the HTTP server log configuration file.

A company runs an application in a third-party cloud. The company wants to use the application to update data in AWS by using API calls to AWS services. The API calls require credentials.

The company ' s security policy requires the company to limit the scope and duration of any credentials used to make API calls to AWS services.

Which solution will meet these requirements in the MOST secure way?

A.

Create an IAM user for the application. Configure the application to load the IAM user ' s credentials as environment variables. Use the IAM user ' s credentials to interact with AWS services.

B.

Create an IAM user for the application. Populate an AWS Secrets Manager secret with the IAM user ' s AWS credentials. Use the secret to interact with AWS services.

C.

Create an IAM role for the application. Configure the application to call the AWS STS GetFederationToken API. Use the STS credentials to interact with AWS services.

D.

Create an IAM role for the application. Configure the application to call the AWS STS AssumeRole API. Use the STS credentials to interact with AWS services.

A developer is creating an application that will be deployed on IoT devices. The application will send data to a RESTful API that is deployed as an AWS Lambda function. The application will assign each API request a unique identifier. The volume of API requests from the application can randomly increase at any given time of day.

During periods of request throttling, the application might need to retry requests. The API must be able to handle duplicate requests without inconsistencies or data loss.

Which solution will meet these requirements?

A.

Create an Amazon RDS for MySQL DB instance. Store the unique identifier for each request in a database table. Modify the Lambda function to check the table for the identifier before processing the request.

B.

Create an Amazon DynamoDB table. Store the unique identifier for each request in the table. Modify the Lambda function to check the table for the identifier before processing the request.

C.

Create an Amazon DynamoDB table. Store the unique identifier for each request in the table. Modify the Lambda function to return a client error response when the function receives a duplicate request.

D.

Create an Amazon ElastiCache for Memcached instance. Store the unique identifier for each request in the cache. Modify the Lambda function to check the cache for the identifier before processing the request.

An application uses Amazon API Gateway integrated with an AWS Lambda function. Some API requests return HTTP 504 (Gateway Timeout) errors.

The Lambda function timeout is set to 20 seconds . The API Gateway integration timeout is 15 seconds . There are no errors in the Lambda logs.

Which solution will prevent the HTTP 504 errors?

A.

Increase the reserved concurrency of the Lambda function.

B.

Increase the timeout of the Lambda function.

C.

Increase the timeout of the API Gateway integration.

D.

Increase the per-client throttling limit.

An AWS Lambda function requires read access to an Amazon S3 bucket and requires read/write access to an Amazon DynamoDB table. The correct IAM policy already exists.

What is the MOST secure way to grant the Lambda function access to the S3 bucket and the DynamoDB table?

A.

Attach the existing IAM policy to the Lambda function.

B.

Create an IAM role for the Lambda function. Attach the existing IAM policy to the role. Attach the role to the Lambda function.

C.

Create an IAM user with programmatic access. Attach the existing IAM policy to the user. Add the user access key ID and secret access key as environment variables in the Lambda function.

D.

Add the AWS account root user access key ID and secret access key as encrypted environment variables in the Lambda function.

A company has an application that processes audio files for different departments. When audio files are saved to an Amazon S3 bucket, an AWS Lambda function receives an event notification and processes the audio input.

A developer needs to update the solution so that the application can process the audio files for each department independently. The application must publish the audio file location for each department to each department ' s existing Amazon SQS queue.

Which solution will meet these requirements with no changes to the Lambda function code?

A.

Configure the S3 bucket to send the event notifications to an Amazon SNS topic. Subscribe each department ' s SQS queue to the SNS topic. Configure subscription filter policies.

B.

Update the Lambda function to write the file location to a single shared SQS queue. Configure the shared SQS queue to send the file reference to each department ' s SQS queue.

C.

Update the Lambda function to send the file location to each department ' s SQS queue.

D.

Configure the S3 bucket to send the event notifications to each department ' s SQS queue.

A company ' s application uses an Amazon API Gateway REST API and AWS Lambda functions to upload media files to and fetch media files from a standard Amazon S3 Standard bucket. The company runs a nightly job on an Amazon EC2 instance to create dashboards and other visualizations for application users. The job usually runs for 1 to 2 hours.

A developer observes request throttling while the function is running. The application generates multiple 429 exceptions in the Lambda function logs when files do not process successfully. The developer needs to resolve the issue and ensure that all of the application ingests all files.

Which solution will meet these requirements?

A.

Enable S3 Transfer Acceleration on the bucket. Use the appropriate endpoint.

B.

Call the CreateMultipartUpload API in the Lambda functions to upload the files in pieces.

C.

Implement the retry with a backoff pattern in the Lambda functions.

D.

Set up an S3 Lifecycle policy to automatically move the media files to the S3 Intelligent-Tiering storage class.

A development team is working on a project in AWS CodeBuild that requires multiple interdependent builds to run simultaneously. The development team wants to optimize resource usage by combining Amazon EC2 On-Demand Instances and reserved capacity fleets for the builds. The builds include tasks for multiple platforms, such as web, mobile, and API components.

Which solution will meet these requirements in the MOST cost-effective way?

A.

Create separate CodeBuild projects for each platform. Use On-Demand Instances for all builds.

B.

Set up batch builds in CodeBuild. Define dependencies between platforms. Use a combination of Reserved Instances and On-Demand Instances.

C.

Create separate CodeBuild projects for each platform. Assign Reserved Instances or On-Demand Instances to each project based on resource availability.

D.

Configure a single CodeBuild project. Run all builds sequentially by using Reserved Instances.

A company uses AWS CloudFormation to deploy an application that includes an Amazon API Gateway REST API integrated with AWS Lambda and Amazon DynamoDB. The application has three stages: development, testing, and production, each with its own DynamoDB table.

The company wants to deploy a new production release and route 20% of traffic to the new version while keeping 80% of traffic on the existing production version. The solution must minimize the number of errors that any single customer experiences.

Which approach should the developer take?

A.

Deploy incremental portions of the changes to production in multiple steps.

B.

Use Amazon Route 53 weighted routing between the production and testing stages.

C.

Deploy an Application Load Balancer in front of the API Gateway stages and weight traffic.

D.

Configure canary deployment settings for the production API stage and route 20% of traffic to the canary.

A company ' s application runs on a fleet of Amazon EC2 instances in a VPC within private subnets that do not have public internet access. The company uses Amazon CloudWatch to monitor the application.

A developer is troubleshooting an issue with the application. Some performance metrics are not being published to CloudWatch. The developer uses EC2 Instance Connect to access an EC2 instance. The developer verifies that a CloudWatch agent is pre-installed and running.

The developer needs to ensure that the performance metrics are published to CloudWatch.

Which solution will meet this requirement in the MOST secure way?

A.

Attach the CloudWatchAgentAdminPolicy managed IAM policy to the IAM role that is associated with the EC2 instance profile. Provision a NAT gateway in a public subnet.

B.

Add a user data script to install and start up the CloudWatch agent automatically when the EC2 instances are first booted up.

C.

Attach the CloudWatchAgentServerPolicy managed IAM policy to the IAM role that is associated with the EC2 instance profile. Provision a VPC interface endpoint for CloudWatch.

D.

Attach the CloudWatchReadOnlyAccess managed IAM policy to the IAM role that is associated with the EC2 instance profile. Provision a VPC interface endpoint for CloudWatch.

A company is providing read access to objects in an Amazon S3 bucket for different customers. The company uses 1AM permissions to restrict access to the S3 bucket. The customers can access only their own files.

Due to a regulation requirement, the company needs to enforce encryption in transit for interactions with Amazon S3.

Which solution will meet these requirements?

A.

Add a bucket policy to the S3 bucket to deny S3 actions when the aws:SecureTransport condition is equal to false.

B.

Add a bucket policy to the S3 bucket to deny S3 actions when the s3:x-amz-acl condition is equal to public-read.

C.

Add an 1AM policy to the 1AM users to enforce the usage of the AWS SDK.

D.

Add an 1AM policy to the 1AM users that allows S3 actions when the s3:x-amz-acl condition is equal to bucket-owner-read.

A company stores data in an Amazon S3 bucket that is updated multiple times each day. S3 Versioning is enabled, and multiple versions of objects accumulate.

The company needs the bucket to retain only the current version and the immediately previous version of each object.

Which solution will meet these requirements?

A.

Configure an S3 bucket policy to retain one newer noncurrent version.

B.

Configure an S3 Lifecycle rule to retain one newer noncurrent version.

C.

Enable S3 Object Lock with a retention policy.

D.

Suspend S3 Versioning and modify application logic.