Sample Questions
Question 1
A Solutions Architect wants to make sure that only AWS users or roles with suitablepermissions can access a new Amazon API Gateway endpoint. The SolutionsArchitect wants an end-to-end view of each request to analyze the latency of the requestand create service maps.How can the Solutions Architect design the API Gateway access control and performrequest inspections?
A. For the API Gateway method, set the authorization to AWS_IAM. Then, give the IAM user or role execute-api:Invoke permission on the REST API resource. Enable the APIcaller to sign requests with AWS Signature when accessing the endpoint. Use AWS X-Rayto trace and analyze user requests to API Gateway.
B. For the API Gateway resource, set CORS to enabled and only return the company'sdomain in Access-Control-Allow-Origin headers. Then, give the IAM user or role executeapi:Invoke permission on the REST API resource. Use Amazon CloudWatch to trace andanalyze user requests to API Gateway.
C. Create an AWS Lambda function as the custom authorizer, ask the API client to passthe key and secret when making the call, and then use Lambda to validate the key/secretpair against the IAM system. Use AWS X-Ray to trace and analyze user requests to APIGateway.
D. Create a client certificate for API Gateway. Distribute the certificate to the AWS usersand roles that need to access the endpoint. Enable the API caller to pass the clientcertificate when accessing the endpoint. Use Amazon CloudWatch to trace and analyzeuser requests to API Gateway.
ANSWER : A
Question 2
A live-events company is designing a scaling solution for its ticket application on AWS. Theapplication has high peaks of utilization during sale events. Each sale event is a one-timeevent that is scheduled. The application runs on Amazon EC2 instances that are in an AutoScaling group.The application uses PostgreSQL for the database layer.The company needs a scaling solution to maximize availability during the sale events.Which solution will meet these requirements?
A. Use a predictive scaling policy for the EC2 instances. Host the database on an AmazonAurora PostgreSQL Serverless v2 Multi-AZ DB instance with automatically scaling readreplicas. Create an AWS Step Functions state machine to run parallel AWS Lambdafunctions to pre-warm the database before a sale event. Create an Amazon EventBridgerule to invoke the state machine.
B. Use a scheduled scaling policy for the EC2 instances. Host the database on an AmazonRDS for PostgreSQL Multi-AZ DB instance with automatically scaling read replicas. Createan Amazon EventBridge rule that invokes an AWS Lambda function to create a larger readreplica before a sale event. Fail over to the larger read replica. Create another EventBridgerule that invokes another Lambda function to scale down the read replica after the saleevent.
C. Use a predictive scaling policy for the EC2 instances. Host the database on an AmazonRDS for PostgreSQL Multi-AZ DB instance with automatically scaling read replicas. Createan AWS Step Functions state machine to run parallel AWS Lambda functions to pre-warmthe database before a sale event. Create an Amazon EventBridge rule to invoke the statemachine.
D. Use a scheduled scaling policy for the EC2 instances. Host the database on an AmazonAurora PostgreSQL Multi-AZ DB cluster. Create an Amazon EventBridge rule that invokesan AWS Lambda function to create a larger Aurora Replica before a sale event. Fail over tothe larger Aurora Replica. Create another EventBridge rule that invokes another Lambdafunction to scale down the Aurora Replica after the sale event.
ANSWER : D
Question 3
A company is building an image service on the web that will allow users to upload andsearch random photos. At peak usage, up to 10.000 users worldwide will upload theirimages. The service will then overlay text on the uploaded images, which will then bepublished on the company website.Which design should a solutions architect implement?
A. Store the uploaded images in Amazon Elastic File System (Amazon EFS). Sendapplication log information about each image to Amazon CloudWatch Logs Create a fleetof Amazon EC2 instances that use CloudWatch Logs to determine which images need tobe processed Place processed images in another directory in Amazon EFS. EnableAmazon CloudFront and configure the origin to be the one of the EC2 instances in the fleet
B. Store the uploaded images in an Amazon S3 bucket and configure an S3 bucket eventnotification to send a message to Amazon Simple Notification Service (Amazon SNS)Create a fleet of Amazon EC2 instances behind an Application Load Balancer (ALB) to pullmessages from Amazon SNS to process the images and place them in Amazon Elastic FileSystem (Amazon EFS) Use Amazon CloudWatch metrics for the SNS message volume toscale out EC2 instances. Enable Amazon CloudFront and configure the origin to be theALB in front of the EC2 instances
C. Store the uploaded images in an Amazon S3 bucket and configure an S3 bucket eventnotification to send a message to the Amazon Simple Queue Service (Amazon SQS)queue Create a fleet of Amazon EC2 instances to pull messages from the SQS queue toprocess the images and place them in another S3 bucket. Use Amazon CloudWatchmetncs for queue depth to scale out EC2 instances Enable Amazon CloudFront andconfigure the origin to be the S3 bucket that contains the processed images.
D. Store the uploaded images on a shared Amazon Elastic Block Store (Amazon EBS)volume amounted to a fleet of Amazon EC2 Spot instances. Create an AmazonDynamoDB table that contains information about each uploaded image and whether it hasbeen processed Use an Amazon EventBndge rule to scale out EC2 instances. EnableAmazon CloudFront and configure the origin to reference an Elastic Load Balancer in frontof the fleet of EC2 instances.
ANSWER : C
Question 4
A company is building an application that will run on an AWS Lambda function. Hundredsof customers will use the application. The company wants to give each customer a quota ofrequests for a specific time period. The quotas must match customer usage patterns. Somecustomers must receive a higher quota for a shorter time period.Which solution will meet these requirements?
A. Create an Amazon API Gateway REST API with a proxy integration to invoke theLambda function. For each customer, configure an API Gateway usage plan that includesan appropriate request quota. Create an API key from the usage plan for each user that thecustomer needs.
B. Create an Amazon API Gateway HTTP API with a proxy integration to invoke theLambda function. For each customer, configure an API Gateway usage plan that includesan appropriate request quota. Configure route-level throttling for each usage plan. Createan API key from the usage plan for each user that the customer needs.
C. Create a Lambda function alias for each customer. Include a concurrency limit with anappropriate request quota. Create a Lambda function URL for each function alias. Sharethe Lambda function URL for each alias with the relevant customer.
D. Create an Application Load Balancer (ALB) in a VPC. Configure the Lambda function asa target for the ALB. Configure an AWS WAF web ACL for the ALB. For each customer,configure a rate-based rule that includes an appropriate request quota.
ANSWER : A