Want to know Ucertify aws solution architect associate exam dumps Exam practice test features? Want to lear more about Amazon AWS Certified Solutions Architect - Associate certification experience? Study Actual Amazon aws solution architect associate exam dumps answers to Most recent aws solution architect associate dumps questions at Ucertify. Gat a success with an absolute guarantee to pass Amazon aws solution architect associate questions (AWS Certified Solutions Architect - Associate) test on your first attempt.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for Amazon AWS-Solution-Architect-Associate Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW AWS-Solution-Architect-Associate Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/AWS-Solution-Architect-Associate-exam-dumps.html
Q231. An EC2 instance is connected to an ENI (Elastic Network Interface) in one subnet. What happens when you attach an ENI of a different subnet to this EC2 instance?
A. The EC2 instance follows the rules of the older subnet
B. The EC2 instance follows the rules of both the subnets
C. Not possible, cannot be connected to 2 ENIs
D. The EC2 instance follows the rules of the newer subnet
Answer: B
Explanation:
AWS allows you create an elastic network interface (ENI), attach an ENI to an EC2 instance, detach an ENI from an EC2 instance and attach this ENI to another EC2 instance. The attributes of a network traffic follow the ENI which is attached to an EC2 instance or detached from an EC2 instance. When you move an ENI from one EC2 instance to another, network traffic is redirected to the new EC2 instance. You can create and attach additional ENIs to an EC2 instance.
Attaching multiple network interfaces (ENIs) to an EC2 instance is useful to: Create a management network.
Use network and security appliances in your VPC.
Create dual-homed instances with workloads/roles on distinct subnets Create a low-budget, high-availability solution.
Reference: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.htm|
Q232. Are penetration tests allowed as long as they are limited to the customer's instances?
A. Yes, they are allowed but only for selected regions.
B. No, they are never allowed.
C. Yes, they are allowed without any permission.
D. Yes, they are allowed but only with approval.
Answer: D
Explanation:
Penetration tests are allowed after obtaining permission from AWS to perform them. Reference: http://aws.amazon.com/security/penetration-testing/
Q233. A favored client needs you to quickly deploy a database that is a relational database service with minimal administration as he wants to spend the least amount of time administering it. Which database would be the best option?
A. Amazon Simp|eDB
B. Your choice of relational AMs on Amazon EC2 and EBS.
C. Amazon RDS
D. Amazon Redshift
Answer: C
Explanation:
Amazon Relational Database Service (Amazon RDS) is a web service that makes it easy to set up, operate, and scale a relational database in the cloud. It provides cost-efficient and resizable capacity while managing time-consuming database administration tasks, freeing you up to focus on your applications and business.
Amazon RDS gives you access to the capabilities of a familiar MySQL, Oracle, SQL Server, or PostgreSQL database engine. This means that the code, applications, and tools you already use today with your existing databases can be used with Amazon RDS. Amazon RDS automatically patches the database software and backs up your database, storing the backups for a user-defined retention period and enabling point-in-time recovery.
Reference: https://aws.amazon.com/running_databases/#rds_anchor
Q234. A user is running a webserver on EC2. The user wants to receive the SMS when the EC2 instance utilization is above the threshold limit. Which AWS services should the user configure in this case?
A. AWS C|oudWatch + AWS SQS.
B. AWS CIoudWatch + AWS SNS.
C. AWS CIoudWatch + AWS SES.
D. AWS EC2 + AWS Cloudwatch.
Answer: B
Explanation:
Amazon SNS makes it simple and cost-effective to push to mobile devices, such as iPhone, iPad, Android, Kindle Fire, and internet connected smart devices, as well as pushing to other distributed services. In this case, the user can configure that Cloudwatch sends an alarm on when the threshold is crossed to SNS which will trigger an SMS.
Reference: http://aws.amazon.com/sns/
Q235. You are building a system to distribute confidential documents to employees. Using CIoudFront, what method could be used to serve content that is stored in S3, but not publically accessible from S3 directly?
A. Add the CIoudFront account security group "amazon-cf/amazon-cf-sg" to the appropriate S3 bucket policy.
B. Create a S3 bucket policy that lists the C|oudFront distribution ID as the Principal and the target bucket as the Amazon Resource Name (ARN).
C. Create an Identity and Access Management (IAM) User for CIoudFront and grant access to the objects in your S3 bucket to that IAM User.
D. Create an Origin Access Identity (OAI) for CIoudFront and grant access to the objects in your S3 bucket to that OAI.
Answer: D
Explanation:
You restrict access to Amazon S3 content by creating an origin access identity, which is a special CIoudFront user. You change Amazon S3 permissions to give the origin access identity permission to access your objects, and to remove permissions from everyone else. When your users access your Amazon S3 objects using CIoudFront URLs, the CIoudFront origin access identity gets the objects on your users' behalf. If your users try to access objects using Amazon S3 URLs, they're denied access. The origin access identity has permission to access objects in your Amazon S3 bucket, but users don't. Reference:
http://docs.aws.amazon.com/AmazonCIoudFront/latest/Deve|operGuide/private-content-restricting-acces s-to-s3.htmI
Q236. How many types of block devices does Amazon EC2 support?
A. 4
B. 5
C. 2
D. 1
Answer: C
Explanation:
Amazon EC2 supports 2 types of block devices. Reference:
http://docs.amazonwebservices.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html
Q237. A, _ is an indMdual, system, or application that interacts with AWS programmatically.
A. user
B. AWS Account
C. Group
D. Role
Answer: A
Q238. A web design company currently runs several FTP servers that their 250 customers use to upload and download large graphic files They wish to move this system to AWS to make it more scalable, but they wish to maintain customer privacy and Keep costs to a minimum.
What AWS architecture would you recommend?
A. ASK their customers to use an 53 client instead of an FTP client. Create a single 53 bucket Create an IAM user for each customer Put the IAM Users in a Group that has an IAM policy that permits access to sub-directories within the bucket via use of the 'username' Policy variable.
B. Create a single 53 bucket with Reduced Redundancy Storage turned on and ask their customers to use an 53 client instead of an FTP client Create a bucket for each customer with a Bucket Policy that permits access only to that one customer.
C. Create an auto-scaling group of FTP servers with a scaling policy to automatically scale-in when minimum network traffic on the auto-scaling group is below a given threshold. Load a central list of ftp users from 53 as part of the user Data startup script on each Instance.
D. Create a single 53 bucket with Requester Pays turned on and ask their customers to use an 53 client instead of an FTP client Create a bucket tor each customer with a Bucket Policy that permits access only to that one customer.
Answer: A
Q239. Disabling automated backups _ disable the point-in-time recovery.
A. if configured to can
B. will never
C. will
Answer: C
Q240. Will my standby RDS instance be in the same Availability Zone as my primary?
A. Only for Oracle RDS types
B. Yes
C. Only if configured at launch
D. No
Answer: D