AWS CERTIFIED SOLUTIONS ARCHITECT
ASSOCIATE EXAM 100 QUESTIONS WITH VERIFIED
SOLUTIONS/A+ GRADE
-
You are consulting for a finance company that has
... [Show More] specific backup and archiving
policies. Financial documents for the past six months may need to be accessed
frequently. You need to configure a setup that automatically sends any documents
that are older than six months to a lower-cost, but highly durable, environment for
archiving. Given that the company is using a Storage Gateway in File Gateway
configuration, which of the following would be the best setup to reach the objectives?
Answer- Enable S3 versioning with a lifecycle policy that sends objects older than
six months to Amazon Glacier
You business operates in a very security sensitive industry. You are looking at how
to secure a small VPC. Your environment consists of a single S3 bucket, and an
EC2 instance running in a internet connected VPC. What is the best way to lock
down the environment, allowing access to S3 but keeping the environment as secure
as possible? - Answer- Create an S3 VPC endpoint. Apply a policy restricting
access to the S3 bucket from the VPC endpoint, and remove the internet gateway.
Setup a VPN Endpoint and client to securely SSH into the EC2 instance when
needed.
You need to migrate a legacy application into AWS. It currently runs on a Linux
operating system and has a requirement for iSCSI based block storage. Which AWS
Service would you utilise to meet this requirement? - Answer- Storage Gateway
Which of the following AWS storage services are able to be natively mounted as
mount points on a Linux system. - Answer- - Instance Store
- EBS
- EFS
Which of the following are AWS managed services that can allow host access to
instances running on the respective services? (Choose all that apply) - Answer- -
Amazon EC2
- Amazon EMR
You have inherited a VPC which has a CIDR of 10.0.0.0/16. You need to design a
subnet layout which allows for four availability zones to be used. Which option below
is valid for this criteria? Pick the one which uses the least number of subnets to
decrease management overhead. - Answer- Create four subnets: 10.0.0.0/24,
10.0.1.0/24, 10.0.2.0/24 and 10.0.3.0/24, and put each one in its own availability
zone.
You are designing a VPC to host a small application. The VPC will be connected
back to your on-premises network using a VPN. An EC2 instance runs the
application, and will only need to connect to the internet for software updates. You
have a list of the software update DNS names. How can you restrict this within the
AWS CERTIFIED SOLUTIONS ARCHITECT
ASSOCIATE EXAM 100 QUESTIONS WITH VERIFIED
SOLUTIONS/A+ GRADE
AWS VPC? - Answer- Add an internet gateway to the VPC, and a proxy service
running on a EC2 instance in a public subnet with an elastic IP.
You will have an application running on an EC2 instance. The instance will be in a
private subnet. Outside of NACL's and Security groups being in place, what else is
needed to provide Internet access for the EC2 instance? - Answer- VPC, Subnets [Show Less]