11.11 Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 65pass65

Good News !!! SAP-C02 AWS Certified Solutions Architect - Professional is now Stable and With Pass Result

  1. Home
  2. Amazon Web Services
  3. AWS Certified Professional
  4. SAP-C02
  5. AWS Certified Solutions Architect - Professional

SAP-C02 Practice Exam Questions and Answers

AWS Certified Solutions Architect - Professional

Last Update 4 hours ago
Total Questions : 569

AWS Certified Professional is stable now with all latest exam questions are added 4 hours ago. Incorporating SAP-C02 practice exam questions into your study plan is more than just a preparation strategy.

SAP-C02 exam questions often include scenarios and problem-solving exercises that mirror real-world challenges. Working through SAP-C02 dumps allows you to practice pacing yourself, ensuring that you can complete all AWS Certified Professional practice test within the allotted time frame.

SAP-C02 PDF

SAP-C02 PDF (Printable)
$43.75
$124.99
 Add to Cart

SAP-C02 Testing Engine

SAP-C02 PDF (Printable)
$50.75
$144.99
 Add to Cart

SAP-C02 PDF + Testing Engine

SAP-C02 PDF (Printable)
$63.7
$181.99
 Add to Cart
Question # 1

A company is migrating its on-premises file transfer solution to AWS Transfer Family. The on-premises host includes an SFTP server to receive files, an application that performs a transformation of the files, and a messaging server. The transformations run every 5 minutes. When a transformation is complete, the application sends a message to a queue on the messaging server. The company needs to simplify the solution and reduce the management of the components. What should the company do to meet these requirements with the LEAST operational overhead?

Options:

A.  

Configure Transfer Family to use Amazon EFS storage. Use a cron job on Amazon EFS to perform the transformations. Configure the cron job to publish a message to an Amazon SNS topic when a file has been transformed.

B.  

Configure Transfer Family to use Amazon S3 storage. Use Amazon EMR to perform the transformations. Configure Amazon EMR to send a message to an Amazon SNS topic when a file has been transformed.

C.  

Configure Transfer Family to use Amazon S3 storage. Use AWS Glue to perform the transformations after S3 event notifications. Configure AWS Glue to send a message to an Amazon SQS queue when a file has been transformed.

D.  

Configure Transfer Family to use Amazon EFS storage. Create an AWS Glue time-based job to run every 5 minutes to initiate an AWS Glue transformation. Configure AWS Glue to send a message to an Amazon SQS queue when a file has been transformed.

Discussion 0
Question # 2

A company provides a centralized Amazon EC2 application hosted in a single shared VPC The centralized application must be accessible from client applications running in the VPCs of other business units The centralized application front end is configured with a Network Load Balancer (NLB) for scalability

Up to 10 business unit VPCs will need to be connected to the shared VPC Some ot the business unit VPC CIDR blocks overlap with the shared VPC and some overlap with each other Network connectivity to the centralized application in the shared VPC should be allowed from authorized business unit VPCs only

Which network configuration should a solutions architect use to provide connectivity from the client applications in the business unit VPCs to the centralized application in the shared VPC?

Options:

A.  

Create an AWS Transit Gateway Attach the shared VPC and the authorized business unit VPCs to the transit gateway Create a single transit gateway route table and associate it with all of the attached VPCs Allow automatic propagation of routes from the attachments into the route table Configure VPC routing tables to send traffic to the transit gateway

B.  

Create a VPC endpoint service using the centralized application NLB and enable the option to require endpoint acceptance Create a VPC endpoint in each of the business unit VPCs using the service name of the endpoint service. Accept authorized endpoint requests from the endpoint serviceconsole.

C.  

Create a VPC peering connection from each business unit VPC to the shared VPC Accept the VPC peering connections from the shared VPC console Configure VPC routing tables to send traffic to the VPC peering connection

D.  

Configure a virtual private gateway for the shared VPC and create customer gateways for each of the authorized business unit VPCs Establish a Site-to-Site VPN connection from the business unit VPCs to the shared VPC Configure VPC routing tables to send traffic to the VPN connection

Discussion 0
Question # 3

A financial company is planning to migrate its web application from on premises to AWS. The company uses a third-party security tool to monitor the inbound traffic to the application. The company has used the security tool for the last 15 years, and the tool has no cloud solutions available from its vendor. The company's security team is concerned about how to integrate the security tool with AWS technology.

The company plans to deploy the application migration to AWS on Amazon EC2 instances. The EC2 instances will run in an Auto Scaling group in a dedicated VP

C.  

The company needs to use the security tool to inspect all packets that come in and out of the VP

C.  

This inspection must occur in real time and must not affect the application's performance. A solutions architect must design a target architecture on AWS that is highly available within an AWS Region.

Which combination of steps should the solutions architect take to meet these requirements? (Select TWO.)

Options:

A.  

Deploy the security tool on EC2 instances in a new Auto Scaling group in the existing VP

C.  

B.  

Deploy the web application behind a Network Load Balancer.

C.  

Deploy an Application Load Balancer in front of the security tool instances.

D.  

Provision a Gateway Load Balancer for each Availability Zone to redirect the traffic to the security tool.

E.  

Provision a transit gateway to facilitate communication between VPCs.

Discussion 0
Question # 4

A company runs a simple Linux application on Amazon EKS by using nodes of the M6i (general purpose) instance type. The company has an EC2 Instance Savings Plan for the M6i family that will expire soon.

A solutions architect must minimize the EKS compute costs when the Savings Plan expires.

Which combination of steps will meet this requirement? (Select THRE

E.  

)

Options:

A.  

Rebuild the application container images to support ARM64 architecture.

B.  

Rebuild the application container images to support containers.

C.  

Migrate the EKS nodes to the most recent generation of Graviton-based instances.

D.  

Replace the EKS nodes with the most recent generation of x86_64 instances.

E.  

Purchase a new EC2 Instance Savings Plan for the newly selected Graviton instance family.

F.  

Purchase a new EC2 Instance Savings Plan for the newly selected x86_64 instance family.

Discussion 0
Question # 5

A company with several AWS accounts is using AWS Organizations and service control policies (SCPs). An Administrator created the following SCP and has attached it to an organizational unit (OU) that contains AWS account 1111-1111-1111:

Question # 5

Developers working in account 1111-1111-1111 complain that they cannot create Amazon S3 buckets. How should the Administrator address this problem?

Options:

A.  

Add s3:CreateBucket withג€Allowג€ effect to the SCP.

B.  

Remove the account from the OU, and attach the SCP directly to account 1111-1111-1111.

C.  

Instruct the Developers to add Amazon S3 permissions to their IAM entities.

D.  

Remove the SCP from account 1111-1111-1111.

Discussion 0
Question # 6

A company's factory and automaton applications are running in a single VPC More than 23 applications run on a combination of Amazon EC2, Amazon Elastic Container Service (Amazon ECS), are Amazon RDS.

The company has software engineers spread across three teams. One of the three teams owns each application, and each team is responsible for the cost and performance of all of its applications.Team resources have tags that represent their application and team. The learns use IAH access for daily activities.

The company needs to determine which costs on the monthly AWS bill are attributable to each application or team. The company also must be able to create reports to compare costs item the last 12 months and to help forecast costs tor the next 12 months. A solution architect must recommend an AWS Billing and Cost Management solution that provides these cost reports.

Which combination of actions will meet these requirement? Select THRE

E.  

)

Options:

A.  

Activate the user-defined cost allocation tags that represent the application and the team.

B.  

Activate the AWS generated cost allocation tags that represent the application and the team.

C.  

Create a cost category for each application in Billing and Cost Management

D.  

Activate IAM access to Billing and Cost Management.

E.  

Create a cost budget

F.  

Enable Cost Explorer.

Discussion 0
Question # 7

A company has an application that is deployed on Amazon EC2 instances behind an Application Load Balancer (ALB). The instances are part of an Auto Scaling group.Theapplication has unpredictable workloads and frequently scales out and in. The company's development team wants to analyze application logs to find ways to improve the application's performance. However, the logs are no longer available after instances scale in.

Which solution will give the development team the ability to view the application logs after a scale-in event?

Options:

A.  

Enable access logs for the AL

B.  

Store the logs in an Amazon S3 bucket.

B.  

Configure the EC2 instances lo publish logs to Amazon CloudWatch Logs by using the unified CloudWatch agent.

C.  

Modify the Auto Scaling group to use a step scaling policy.

D.  

Instrument the application with AWS X-Ray tracing.

Discussion 0
Question # 8

A company uses a load balancer to distribute traffic to Amazon EC2 instances in a single Availability Zone. The company is concerned about security and wants a solutions architect to re-architect the solution to meet the following requirements:

•Inbound requests must be filtered for common vulnerability attacks.

•Rejected requests must be sent to a third-party auditing application.

•All resources should be highly available.

Which solution meets these requirements?

Options:

A.  

Configure a Multi-AZ Auto Scaling group using the application's AMI. Create an Application Load Balancer (ALB) and select the previously created Auto Scaling group as the target. Use Amazon Inspector to monitor traffic to the ALB and EC2 instances. Create a web ACL in WA

F.  

Create an AWS WAF using the web ACL and AL

B.  

Use an AWS Lambda function to frequently push the Amazon Inspector report to the third-party auditing application.

B.  

Configure an Application Load Balancer (ALB) and add the EC2 instances as targets Create a web ACL in WA

F.  

Create an AWS WAF using the web ACL and ALB name and enable logging with Amazon CloudWatch Logs. Use an AWS Lambda function to frequently push the logs to the third-party auditing application.

C.  

Configure an Application Load Balancer (ALB) along with a target group adding the EC2 instances as targets. Create an Amazon Kinesis Data Firehose with the destination of the third-party auditing application. Create a web ACL in WA

F.  

Create an AWS WAF using the web ACL and ALB then enable logging by selecting the Kinesis Data Firehose as the destination. Subscribe to AWS Managed Rules in AWS Marketplace, choosing the WAF as the subscriber.<

D.  

Configure a Multi-AZ Auto Scaling group using the application's AMI. Create an Application Load Balancer (ALB) and select the previously created Auto Scaling group as the target. Create an Amazon Kinesis Data Firehose with a destination of the third-party auditing application. Create a web ACL in WA

F.  

Create an AWS WAF using the WebACL and ALB then enable logging by selecting the Kinesis Data Firehose as the destination. Subscribe to AWS Ma
Discussion 0
Question # 9

A security engineer determined that an existing application retrieves credentials to an Amazon RDS for MySQL database from an encrypted file in Amazon S3. For the next version of the application, the security engineer wants to implement the following application design changes to improve security:

The database must use strong, randomly generated passwords stored in a secure AWS managed service.

The application resources must be deployed through AWS CloudFormation.

The application must rotate credentials for the database every 90 days.

A solutions architect will generate a CloudFormation template to deploy the application.

Which resources specified in the CloudFormation template will meet the security engineer's requirements with the LEAST amount of operational overhead?

Options:

A.  

Generate the database password as a secret resource using AWS Secrets Manager. Create an AWS Lambda function resource to rotate the database password. Specify a Secrets Manager RotationSchedule resource to rotate the database password every 90 days.

B.  

Generate the database password as a SecureString parameter type using AWS Systems Manager Parameter Store. Create an AWS Lambda function resource to rotate the database password. Specifya Parameter Store RotationSchedule resource to rotate the database password every 90 days.

C.  

Generate the database password as a secret resource using AWS Secrets Manager. Create an AWS Lambda function resource to rotate the database password. Create an Amazon EventBridge scheduled rule resource to trigger the Lambda function password rotation every 90 days.

D.  

Generate the database password as a SecureString parameter type using AWS Systems Manager Parameter Store. Specify an AWS AppSync DataSource resource to automatically rotate the database password every 90 days.

Discussion 0
Question # 10

A company wants to migrate its workloads from on premises to AWS. The workloads run on Linuxand Windows. The company has a large on-premises intra structure that consists of physical machines and VMs that host numerous applications.

The company must capture details about the system configuration. system performance. running processure and network coi.net lions of its o. -premises ,on boards. The company also must divide the on-premises applications into groups for AWS migrations. The company needs recommendations for Amazon EC2 instance types so that the company can run its workloads on AWS in the most cost-effective manner.

Which combination of steps should a solutions architect take to meet these requirements? (Select THRE

E.  

)

Options:

A.  

Assess the existing applications by installing AWS Application Discovery Agent on the physical machines and VMs.

B.  

Assess the existing applications by installing AWS Systems Manager Agent on the physical machines and VMs

C.  

Group servers into applications for migration by using AWS Systems Manager Application Manager.

D.  

Group servers into applications for migration by using AWS Migration Hub.

E.  

Generate recommended instance types and associated costs by using AWS Migration Hub.

F.  

Import data about server sizes into AWS Trusted Advisor. Follow the recommendations for cost optimization.

Discussion 0
Question # 11

Question:

A company runs production workloads on EC2 On-Demand Instances and RDS for PostgreSQL. They want to reduce costs without compromising availability or capacity.

Options:

A.  

Use CUR and Lambda to terminate underutilized instances. Buy Savings Plans.

B.  

Use Budgets and Trusted Advisor, then manually terminate and buy RIs.

C.  

UseCompute OptimizerandTrusted Advisorfor recommendations. Apply rightsizing, auto scaling, and purchase a Compute Savings Plan.

D.  

Use Cost Explorer, alerts, and replace with Spot Instances.

Discussion 0
Question # 12

A company has an application that uses an Amazon Aurora PostgreSQL DB cluster for the application's database. The DB cluster contains one small primary instance and three larger replica instances. The application runs on an AWS Lambda function. The application makes many short-lived connections to the database's replica instances to perform read-only operations.

During periods of high traffic, the application becomes unreliable and the database reports that too many connections are being established. The frequency of high-traffic periods is unpredictable.

Which solution will improve the reliability of the application?

Options:

A.  

Use Amazon RDS Proxy to create a proxy for the DB cluster. Configure a read-only endpoint for the proxy. Update the Lambda function to connect to the proxyendpoint.

B.  

Increase the max_connections setting on the DB cluster's parameter group. Reboot all the instances in the DB cluster. Update the Lambda function to connect to the DB cluster endpoint.

C.  

Configure instance scaling for the DB cluster to occur when the DatabaseConnections metric is close to the max _ connections setting. Update the Lambda function to connect to the Aurora reader endpoint.

D.  

Use Amazon RDS Proxy to create a proxy for the DB cluster. Configure a read-only endpoint for the Aurora Data API on the proxy. Update the Lambda function to connect to the proxy endpoint.

Discussion 0
Question # 13

A company is refactoring its on-premises order-processing platform in the AWS Cloud. The platform includes a web front end that is hosted on a fleet of VMs RabbitMQ to connect the front end to the backend, and a Kubernetes cluster to run a containerized backend system to process the orders. The company does not want to make any major changes to the application

Which solution will meet these requirements with the LEAST operational overhead?

Options:

A.  

Create an AMI of the web server VM Create an Amazon EC2 Auto Scaling group that uses the AMI and an Application Load Balancer Set up Amazon MQ to replace the on-premises messaging queue Configure Amazon Elastic Kubernetes Service (Amazon EKS) to host the order-processing backend

B.  

Create a custom AWS Lambda runtime to mimic the web server environment Create an Amazon API Gateway API to replace the front-end web servers Set up Amazon MQ to replace the on-premises messaging queue Configure Amazon Elastic Kubernetes Service (Amazon EKS) to host the order-processing backend

C.  

Create an AMI of the web server VM Create an Amazon EC2 Auto Scaling group that uses the AMI and an Application Load Balancer Set up Amazon MQ to replace the on-premises messaging queue Install Kubernetes on a fleet of different EC2 instances to host the order-processing backend

D.  

Create an AMI of the web server VM Create an Amazon EC2 Auto Scaling group that uses the AMI and an Application Load Balancer Set up an Amazon Simple Queue Service (Amazon SQS) queue to replace the on-premises messaging queue Configure Amazon Elastic Kubernetes Service (Amazon EKS) to host the order-processing backend

Discussion 0
Question # 14

A solutions architect has developed a web application that uses an Amazon API Gateway Regional endpoint and an AWS Lambda function. The consumers of the web application are all close to the AWS Region where the application will be deployed. The Lambda function only queries an Amazon Aurora MySQL database. The solutions architect has configured the database to have three read replicas.

During testing, the application does not meet performance requirements. Under high load, the application opens a large number of database connections. The solutions architect must improve the application's performance.

Which actions should the solutions architect take to meet these requirements? (Choose two.)

Options:

A.  

Use the cluster endpoint of the Aurora database.

B.  

Use RDS Proxy to set up a connection pool to the reader endpoint of the Aurora database.

C.  

Use the Lambda Provisioned Concurrency feature.

D.  

Move the code for opening the database connection in the Lambda function outside of the event handler.

E.  

Change the API Gateway endpoint to an edge-optimized endpoint.

Discussion 0
Question # 15

A company needs to improve the security of its web-based application on AWS. The application uses Amazon CloudFront with two custom origins. The first custom origin routes requests to an Amazon API Gateway HTTP API. The second custom origin routes traffic to an Application Load Balancer (ALB) The application integrates with an OpenlD Connect (OIDC) identity provider (IdP) for user management.

A security audit shows that a JSON Web Token (JWT) authorizer provides access to the API The security audit also shows that the ALB accepts requests from unauthenticated users

A solutions architect must design a solution to ensure that all backend services respond to only authenticated users

Which solution will meet this requirement?

Options:

A.  

Configure the ALB to enforce authentication and authorization by integrating the ALB with the IdP Allow only authenticated users to access the backend services

B.  

Modify the CloudFront configuration to use signed URLs Implement a permissive signing policy that allows any request to access the backend services

C.  

Create an AWS WAF web ACL that filters out unauthenticated requests at the ALB level. Allow only authenticated traffic to reach the backend services.

D.  

Enable AWS CloudTrail to log all requests that come to the ALB Create an AWS Lambda function to analyze the togs and block any requests that come from unauthenticated users.

Discussion 0
Get SAP-C02 dumps and pass your exam in 24 hours!

Free Exams Sample Questions

101 Exam Questions
220-1101 Exam Questions
220-1102 Exam Questions
312-40 Exam Questions
312-50v12 Exam Questions
350-401 Exam Questions
700-250 Exam Questions
AZ-900 Exam Questions
HPE0-V26 Exam Questions
HPE0-V27 Exam Questions
HPE7-A02 Exam Questions
300-715 Exam Questions
P_SAPEA_2023 Questions
PT0-003 Exam Questions
ITIL Exam Questions
JN0-231 Exam Questions
MS-102 Exam Questions
N10-009 Exam Questions
NCS-Core Exam Questions
NS0-521 Exam Questions
PDI Exam Questions
PMP Exam Questions
SPLK-1002 Exam Questions
SY0-701 Exam Questions
Sales-Cloud-Consultant Exam Questions
Salesforce-AI-Associate Exam Questions
MCD-Level-2 Exam Questions
Financial-Services-Cloud Exam Questions
IIA-CIA-Part2 Exam Questions
JavaScript-Developer-I Exam Questions
Marketing-Cloud-Email-Specialist Dumps
Service-Cloud-Consultant Dumps
Platform-App-Builder Dumps
PDI Dumps
200-901 Dumps
350-401 Dumps
MCIA-Level-1 Dumps
AZ-104 Dumps
NCS-Core Dumps
3V0-21.23 Dumps
JN0-214 Dumps
CFCS Dumps
2V0-13.24 Dumps
Fire-Inspector-II Dumps
SPLK-5002 Dumps
SC-401 Dumps