0% AWS Certified Solutions Architect Associate - Sample Practice Exam 10 Questions | 20 Minutes | 80% Correct Required to Pass 1 / 10 1) Amazon EC2 instances in a development environment run between 9am and 5pm Monday-Friday. Production instances run 24/7. Which pricing models should be used to optimize cost and ensure capacity is available? (Select TWO) On-demand capacity reservations for the development environment Use Reserved instances for the development environment Use On-Demand instances for the production environment Use Reserved instances for the production environment Use Spot instances for the development environment Check 2 / 10 2) A company requires that all AWS IAM user accounts have specific complexity requirements and minimum password length. How should a Solutions Architect accomplish this? Set a password policy for the entire AWS account. Create an IAM policy that enforces the requirements and apply it to all users. Set a password policy for each IAM user in the AWS account. Use an AWS Config rule to enforce the requirements when creating user accounts. 3 / 10 3) A company wishes to restrict access to their Amazon DynamoDB table to specific, private source IP addresses from their VPC. What should be done to secure access to the table? Create an interface VPC endpoint in the VPC with an Elastic Network Interface (ENI) Create the Amazon DynamoDB table in the VPC Create a gateway VPC endpoint and add an entry to the route table Create an AWS VPN connection to the Amazon DynamoDB endpoint 4 / 10 4) An Amazon VPC contains several Amazon EC2 instances. The instances need to make API calls to Amazon DynamoDB. A solutions architect needs to ensure that the API calls do not traverse the internet. How can this be accomplished? (Select TWO) Create a route table entry for the endpoint Create a VPC peering connection between the VPC and DynamoDB Create a new DynamoDB table that uses the endpoint Create an ENI for the endpoint in each of the subnets of the VPC Create a gateway endpoint for DynamoDB Check 5 / 10 5) A company hosts a multiplayer game on AWS. The application uses Amazon EC2 instances in a single Availability Zone and users connect over Layer 4. Solutions Architect has been tasked with making the architecture highly available and also more cost-effective. How can the solutions architect best meet these requirements? (Select TWO) Configure an Auto Scaling group to add or remove instances in the Availability Zone automatically Configure an Auto Scaling group to add or remove instances in multiple Availability Zones automatically Configure an Application Load Balancer in front of the EC2 instances Configure a Network Load Balancer in front of the EC2 instances Increase the number of instances and use smaller EC2 instance types Check 6 / 10 6) A company hosts an application on Amazon EC2 instances behind Application Load Balancers in several AWS Regions. Distribution rights for the content require that users in different geographies must be served content from specific regions. Which configuration meets these requirements? Configure Application Load Balancers with multi-Region routing. Configure Amazon CloudFront with multiple origins and AWS WAF. Create Amazon Route 53 records with a geoproximity routing policy. Create Amazon Route 53 records with a geolocation routing policy. 7 / 10 7) An Amazon RDS Read Replica is being deployed in a separate region. The master database is not encrypted but all data in the new region must be encrypted. How can this be achieved? Enable encryption using Key Management Service (KMS) when creating the cross-region Read Replica Enabled encryption on the master DB instance, then create an encrypted cross-region Read Replica Encrypt a snapshot from the master DB instance, create an encrypted cross-region Read Replica from the snapshot Encrypt a snapshot from the master DB instance, create a new encrypted master DB instance, and then create an encrypted cross-region Read Replica 8 / 10 8) An application running on an Amazon ECS container instance using the EC2 launch type needs permissions to write data to Amazon DynamoDB. How can you assign these permissions only to the specific ECS task that is running the application? Modify the AmazonECSTaskExecutionRolePolicy policy to add permissions for DynamoDB Create an IAM policy with permissions to DynamoDB and attach it to the container instance Use a security group to allow outbound connections to DynamoDB and assign it to the container instance Create an IAM policy with permissions to DynamoDB and assign It to a task using the taskRoleArn parameter 9 / 10 9) A company's application is running on Amazon EC2 instances in a single Region. In the event of a disaster, a solutions architect needs to ensure that the resources can also be deployed to a second Region. Which combination of actions should the solutions architect take to accomplish this? (Select TWO) Copy an Amazon Machine Image (AMI) of an EC2 instance and specify the second Region for the destination Copy an Amazon Elastic Block Store (Amazon EBS) volume from Amazon S3 and launch an EC2 instance in the second Region using that EBS volume Launch a new EC2 instance from an Amazon Machine Image (AMI) in the second Region Detach a volume on an EC2 instance and copy it to an Amazon S3 bucket in the second Region Launch a new EC2 instance in the second Region and copy a volume from Amazon S3 to the new instance Check 10 / 10 10) An application running on Amazon EC2 needs to asynchronously invoke an AWS Lambda function to perform data processing. The services should be decoupled. Which service can be used to decouple the compute services? Amazon MQ AWS Step Functions Amazon SNS AWS Config Your score is Exit
