AWS Certified Solutions Architect - Associate 2018 (SAA-001) v1.0

Page:    1 / 12   
Exam contains 169 questions

A company plans to use AWS for all new batch processing workloads. The company"™s developers use Docker containers for the new batch processing. The system design must accommodate critical and non-critical batch processing workloads 24/7.
How should a Solutions Architect design this architecture in a cost-efficient manner?

  • A. Purchase Reserved Instances to run all containers. Use Auto Scaling groups to schedule jobs.
  • B. Host a container management service on Spot Instances. Use Reserved Instances to run Docker containers.
  • C. Use Amazon ECS orchestration and Auto Scaling groups: one with Reserve Instances, one with Spot Instances.
  • D. Use Amazon ECS to manage container orchestration. Purchase Reserved Instances to run all batch workloads at the same time.

Answer : C

A company is evaluating Amazon S3 as a data storage solution for their daily analyst reports. The company has implemented stringent requirements concerning the security of the data at rest. Specifically, the CISO asked for the use of envelope encryption with separate permissions for the use of an envelope key, automated rotation of the encryption keys, and visibility into when an encryption key was used and by whom.
Which steps should a Solutions Architect take to satisfy the security requirements requested by the CISO?

  • A. Create an Amazon S3 bucket to store the reports and use Server-Side Encryption with Customer-Provided Keys (SSE-C).
  • B. Create an Amazon S3 bucket to store the reports and use Server-Side Encryption with Amazon S3-Managed Keys (SSE-S3).
  • C. Create an Amazon S3 bucket to store the reports and use Server-Side Encryption with AWS KMS-Managed Keys (SSE-KMS).
  • D. Create an Amazon S3 bucket to store the reports and use Amazon s3 versioning with Server-Side Encryption with Amazon S3-Managed Keys (SSE-S3).

Answer : C

A customer has a production application that frequently overwrites and deletes data, the application requires the most up-to-date version of the data every time it is requested.
Which storage should a Solutions Architect recommend to bet accommodate this use case?

  • A. Amazon S3
  • B. Amazon RDS
  • C. Amazon RedShift
  • D. AWS Storage Gateway

Answer : A

A Solutions Architect is designing a photo application on AWS. Every time a user uploads a photo to Amazon S3, the Architect must insert a new item to a
DynamoDB table.
Which AWS-managed service is the BEST fit to insert the item?

Answer : B


An application relies on messages being sent and received in order. The volume will never exceed more than 300 transactions each second.
Which service should be used?

  • A. Amazon SQS
  • B. Amazon SNS
  • C. Amazon ECS
  • D. AWS STS

Answer : A

A Solutions Architect is designing an application on AWS that uses persistent block storage. Data must be encrypted at rest.
Which solution meets the requirement?

  • A. Enable SSL on Amazon EC2 instances.
  • B. Encrypt Amazon EBS volumes on Amazon EC2 instances.
  • C. Enable server-side encryption on Amazon S3.
  • D. Encrypt Amazon EC2 Instance Storage.

Answer : B

Reference -

A company is launching a static website using the zone apex ( The company wants to use Amazon Route 53 for DNS.
Which steps should the company perform to implement a scalable and cost-effective solution? (Choose two.)

  • A. Host the website on an Amazon EC2 instance with ELB and Auto Scaling, and map a Route 53 alias record to the ELB endpoint.
  • B. Host the website using AWS Elastic Beanstalk, and map a Route 53 alias record to the Beanstalk stack.
  • C. Host the website on an Amazon EC2 instance, and map a Route 53 alias record to the public IP address of the Amazon EC2 instance.
  • D. Serve the website from an Amazon S3 bucket, and map a Route 53 alias record to the website endpoint.
  • E. Create a Route 53 hosted zone, and set the NS records of the domain to use Route 53 name servers.

Answer : CD

A manufacturing company captures data from machines running at customer sites. Currently, thousands of machines send data every 5 minutes, and this is expected to grow to hundreds of thousands of machines in the near future. The data is logged with the intent to be analyzed in the future as needed.
What is the SIMPLEST method to store this streaming data at scale?

  • A. Create an Amazon Kinesis Firehouse delivery stream to store the data in Amazon S3.
  • B. Create an Auto Scaling group of Amazon EC2 servers behind ELBs to write the data into Amazon RDS.
  • C. Create an Amazon SQS queue, and have the machines write to the queue.
  • D. Create an Amazon EC2 server farm behind an ELB to store the data in Amazon EBS Cold HDD volumes.

Answer : B

A bank is writing new software that is heavily dependent upon the database transactions for write consistency. The application will also occasionally generate reports on data in the database, and will do joins across multiple tables. The database must automatically scale as the amount of data grows.
Which AWS service should be used to run the database?

  • A. Amazon S3
  • B. Amazon Aurora
  • C. Amazon DynamoDB
  • D. Amazon Redshift

Answer : B

A Solutions Architect is designing a new application that needs to access data in a different AWS account located within the same region. The data must not be accessed over the Internet.
Which solution will meet these requirements with the LOWEST cost?

  • A. Add rules to the security groups in each account.
  • B. Establish a VPC Peering connection between accounts.
  • C. Configure Direct Connect in each account.
  • D. Add a NAT Gateway to the data account.

Answer : B

A Solutions Architect is designing a mobile application that will capture receipt images to track expenses. The Architect wants to store the images on Amazon S3.
However, uploading images through the web server will create too much traffic.
What is the MOST efficient method to store images from a mobile application on Amazon S3?

  • A. Upload directly to S3 using a pre-signed URL.
  • B. Upload to a second bucket, and have a Lambda event copy the image to the primary bucket.
  • C. Upload to a separate Auto Scaling group of servers behind an ELB Classic Load Balancer, and have them write to the Amazon S3 bucket.
  • D. Expand the web server fleet with Spot Instances to provide the resources to handle the images.

Answer : C

A company requires that the source, destination, and protocol of all IP packets be recorded when traversing a private subnet.
What is the MOST secure and reliable method of accomplishing this goal.

  • A. Create VPC flow logs on the subnet.
  • B. Enable source destination check on private Amazon EC2 instances.
  • C. Enable AWS CloudTrail logging and specify an Amazon S3 bucket for storing log files.
  • D. Create an Amazon CloudWatch log to capture packet information.

Answer : A

A Solutions Architect has a multi-layer application running in Amazon VPC. The application has an ELB Classic Load Balancer as the front end in a public subnet, and an Amazon EC2-based reverse proxy that performs content-based routing to two backend Amazon EC2 instances hosted in a private subnet. The Architect sees tremendous traffic growth and is concerned that the reverse proxy and current backend set up will be insufficient.
Which actions should the Architect take to achieve a cost-effective solution that ensures the application automatically scales to meet traffic demand? (Select two.)

  • A. Replace the Amazon EC2 reverse proxy with an ELB internal Classic Load Balancer.
  • B. Add Auto Scaling to the Amazon EC2 backend fleet.
  • C. Add Auto Scaling to the Amazon EC2 reverse proxy layer.
  • D. Use t2 burstable instance types for the backend fleet.
  • E. Replace both the frontend and reverse proxy layers with an ELB Application Load Balancer.

Answer : AB

A company is launching a marketing campaign on their website tomorrow and expects a significant increase in traffic. The website is designed as a multi-tiered web architecture, and the increase in traffic could potentially overwhelm the current design.
What should a Solutions Architect do to minimize the effects from a potential failure in one or more of the tiers?

  • A. Migrate the database to Amazon RDS.
  • B. Set up DNS failover to a statistic website.
  • C. Use Auto Scaling to keep up with the demand.
  • D. Use both a SQL and a NoSQL database in the design.

Answer : C

A web application experiences high compute costs due to serving a high amount of static web content.
How should the web server architecture be designed to be the MOST cost-efficient?

  • A. Create an Auto Scaling group to scale out based on average CPU usage.
  • B. Create an Amazon CloudFront distribution to pull static content from an Amazon S3 bucket.
  • C. Leverage Reserved Instances to add additional capacity at a significantly lower price.
  • D. Create a multi-region deployment using an Amazon Route 53 geolocation routing policy.

Answer : B

Page:    1 / 12   
Exam contains 169 questions

Talk to us!

Have any questions or issues ? Please dont hesitate to contact us

Certlibrary doesn't offer Real Microsoft Exam Questions.
Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.