A team has an application that detects new objects being uploaded into an Amazon S3 bucket. The uploads trigger a Lambda function to write object metadata into an Amazon DynamoDB table and RDS PostgreSQL database. Which action should the team take to ensure high availability? A Solutions Architect is designing a solution that can monitor memory and disk space utilization of all Amazon EC2 instances running Amazon Linux and Windows. Which solution meets this requirement? A company is designing a failover strategy in Amazon Route 53 for its resources between two AWS Regions. The company must have the ability to route a user's traffic to the region with least latency, and if both regions are healthy, Route 53 should route traffic to resources in both regions.Which strategy should the Solutions Architect recommend ? A Solutions Architect is designing a solution to send Amazon CloudWatch Alarm noti cations to a group of users on a smartphone mobile application. What are the key steps to this solution? (Choose two.) A development team is building an application with front - end and backend application tiers.Each tier consists of Amazon EC2 instances behind an ELB Classic Load Balancer.The instances run in Auto Scaling groups across multiple Availability Zones.The network team has allocated the 10.0 .0 .0 / 24 address space for this application. Only the front-end load balancer should be exposed to the Internet.There are concerns about the limited size of the address space and the ability of each tier to scale.What should the VPC subnet design be in each Availability Zone? A university is running an internal web application on AWS that students can access from the university network to check their exam results. The web application runs on Amazon EC2 instances and pulls results from an Amazon DynamoDB table. Auto Scaling is currently Configured to add a new web server when CPU is greater than 80% for 5 minutes. DynamoDB is Configured to increase both read and write capacity units by ve when utilization is greater than 80%. Exam results are released at 9:00 a.m. each Monday, and 80% of students, attempt to access their unique result within the rest 30 minutes. Despite Auto Scaling being enabled, students are complaining of slow response times and errors when they view the site. There are no performance complaints after 9:30 a.m. on Monday. 56/29/2020 p p y Which recommendation should a Solutions Architect make to improve performance in a cost-effective manner? A Solutions Architect plans to migrate a load balancer tier from a data center to AWS. Several websites have multiple domains that require secure load balancing. The Architect decides to use Elastic Load Balancing Application Load Balancers. What is the MOST efficient method for achieving secure communication? An application that runs on an Amazon EC2 instance must make secure calls to Amazon S3 buckets. 4 Which steps can a Solutions Architect take to ensure that the calls are made without exposing credentials? A Solutions Architect is building a new feature using a Lambda to create metadata when a user uploads a picture to Amazon S3. All metadata must be indexed.Which AWS service should the Architect use to store this metadata? A media company has more than 100 TB of data to be stored and retrieved infrequently.However,the company occasionally receives requestsfor data within an hour.The company needs a low - cost retrieval method to handle the requests.Which service meets this requirement ? A Solutions Architect must select the storage type for a big data application that requires very high sequential I / O. The data must persist if the instance is stopped.Which of the following storage types will provide the best at the LOWEST cost for the application? When designing an Amazon SQS message-processing solution, messages in the queue must be processed before the maximum retention time has elapsed. Which actions will meet this requirement? (Choose two.) A company creates business-critical 3D images every night. The images are batch-processed every Friday and require an uninterrupted 48 hours to complete. What is the MOST cost-effective Amazon EC2 pricing model for this scenario? A Solutions Architect is building a multi - tier website.The web servers will be in a public subnet,and the database servers will be in a private subnet.Only the web servers can be accessed from the Internet.The database servers must have Internet accessfor software updates.Which solution meets the requirements ? A customer has written an application that uses Amazon S3 exclusively as a data store. The application works well until the customer increases the rate at which the application is updating information. The customer now reports that outdated data occasionally appears when the application accesses objects in Amazon S3. What could be the problem, given that the application logic is otherwise correct? A mobile application serves scientific articles from individual files in an Amazon S3 bucket.Articles older than 30 days are rarely read.Articles older than 60 days no longer need to be available through the application,but the application owner would like to keep themfor historical purposes.Which cost - effective solution BEST meets these requirements ? A Solutions Architect is designing a web application for document sharing. The users will upload documents that are then made available to other users. There will be tens of thousands of these documents. What is the MOST cost-effective storage solution? A client reports that they want see an audit log of any changes made to AWS resources in their account. What can the client do to achieve this? A company deployed a three-tier web application on Amazon EBS backed Amazon EC2 instances for the web and application tiers, and Amazon RDS for the database tier. The company is concerned about loss of data in the web and application tiers. What is the MOST efficient way to prevent data loss? A company is using AWS Key Management Service (AWS KMS) to secure their Amazon RDS databases. An auditor has recommended that the company log all use of their AWS KMS keys. What is the SIMPLEST solution? A Solutions Architect must review an application deployed on EC2 instances that currently stores multiple 5-GB files on attached instance store volumes. The company recently experienced a significant data loss after stopping and starting their instances and wants to prevent the data loss from happening again. The solution should minimize performance impact and the number of code changes required. What should the Solutions Architect recommend? A company has an application that generates invoices and makes the invoices available online. Invoices are stored as PDFs in an Amazon S3 bucket. Customers typically only view each invoice during the month it is issued. However, past invoices need to be immediately available. There are concerns over rising storage costs as the company gains more customers. What is the MOST cost-effective method to store the data? An online company wants to conduct real-time sentiment analysis about its products from its social media channels using SQL. Which of the following solutions has the LOWEST cost and operational burden? A Solutions Architect is designing a web application that will be hosted on Amazon EC2 instances in a public subnet. The web application uses a MySQL database in a private subnet. The database should be accessible to database administrators. Which of the following options should the Architect recommend? (Choose two.) A company runs a legacy application with a single-tier architecture on an Amazon EC2 instance. Disk I/O is low, with occasional small spikes during business hours. The company requires the instance to be stopped from 8 PM to 8 AM daily. Which storage option is MOST appropriate for this workload? An organization is currently hosting a large amount of frequently accessed data consisting of key-value pairs and semi-structured documents in their data center. They are planning to move this data to AWS. Which of one of the following services MOST effectively meets their needs? A Solutions Architect needs to deploy an HTTP/HTTPS service on Amazon EC2 instances with support for WebSockets using load balancers. How can the Architect meet these requirements? A Solutions Architect needs to design a solution that will allow Website Developers to deploy static web content without managing server infrastructure. All web content must be accessed over HTTPS with a custom domain name. The solution should be scalable as the company continues to grow. Which of the following will provide the MOST cost-effective solution? A Solutions Architect is designing a solution for a dynamic website, 'example.com', that is deployed in two regions: Tokyo, Japan and Sydney, Australia. The 4 Architect wants to ensure that users located in Australia are directed to the website deployed in the Sydney region and users located in Japan are redirected to the website in the Tokyo region when they browse to 'example.com'. Which service should the Architect use to achieve this goal with the LEAST administrative effort? An application produces monthly reports that must be immediately accessible for up to 7 days. After 7 days, the data can be archived. Compliance policies require that the archived data be retrievable within 24 hours of a request. What is the MOST cost-effective approach to satisfy the compliance requirement? A Solutions Architect is developing a new web application on AWS.The Architect expects the application to become very popular,so the application must scale to support the load.The Architect wants to focus on software development and deploying new features without provisioning or managing instances.What solution is appropriate ? An Internet-facing multi-tier web application must be highly available. An ELB Classic Load Balancer is deployed in front of the web tier. Amazon EC2 instances at the web application tier are deployed evenly across two Availability Zones.The database is deployed using RDS Multi-AZ. A NAT instance is launched for Amazon EC2 instances and database resources to access the Internet. These instances are not assigned with public IP addresses. Which component poses a potential single point of failure in this architecture? A Solutions Architect needs to design an architecture for a new, mission - critical batch processing billing application. The application is required to run Monday, Wednesday,and Friday from 5 AM to 11 AM.2 Which is the MOST cost-effective Amazon EC2 pricing model? A Solutions Architect needs to Configure scaling policies based on Amazon CloudWatch metrics for an Auto Scaling group. The application running on the instances is memory intensive. How can the Architect meet this requirement? A company has a website running on Amazon EC2. The application DNS name points to an Elastic IP address associated with the EC2 instance. In the event of an attack on the website coming from a speci c IP address, the company wants a way to block the offending IP address. Which tool or service should a Solutions Architect recommend to block the IP address? A company has a web application running in a Docker container that connects to a MySQL server in an on-premises data center. The deployment and maintenance of this application are becoming time-consuming and slowing down new feature releases. The company wants to migrate the application to AWS and use services that helps facilitate infrastructure management and deployment. Which architectures should the company consider on AWS? (Choose two.) An organization designs a mobile application for their customers to upload photos to a site. The application needs a secure login with MFA. The organization wants to limit the initial build time and maintenance of the solution. Which solution should a Solutions Architect recommend to meet the requirements? A Solution Architect is designing a three-tier web application. The Architect wants to restrict access to the database tier to accept traffic from the application servers only. However, these application servers are in an Auto Scaling group and may vary in quantity. How should the Architect Configure the database servers to meet the requirements? A call center application consists of a three - tier application using Auto Scaling groups to automatically scale resources as needed. Users report that every morning at 9:00 AM the system becomes very slow for about 15 minutes.A Solution Architect determines that a large percentage of the call center staff starts work at 9:00 AM,so Auto Scaling does not have enough time to scale out to meet demand.How can the Architect x the problem? A customer has a production application that frequently overwrites and deletes data, the application requires the most up-to-date version of the data every time it is requested. Which storage should a Solutions Architect recommend to bet accommodate this use case? A website experiences unpredictable traffic. During peak traffic times, the database is unable to keep up with the write request. Which AWS service will help decouple the web application from the database? A Solutions Architect is designing a new social media application. The application must provide a secure method for uploading profile photos. Each user should be able to upload a profile photo into a shared storage location for one week after their profile is created. Which approach will meet all of these requirements? A media company has deployed a multi-tier architecture on AWS. Web servers are deployed in two Availability Zones using an Auto Scaling group with a default Auto Scaling termination policy. The web servers' Auto Scaling group currently has 15 instances running. Which instance will be terminated rest during a scale-in operation? A Solutions Architect is asked to improve the fault tolerance of an existing Python application. The web application places 1-MB images is an S3 bucket. The application then uses a single t2.large instance to transform the image to include a watermark with the company's brand before writing the image back to the S3 bucket. What should the Solutions Architect recommend to increase the fault tolerance of the solution? A Solutions Architect was tasked with reviewing several templates that build VPCs and ensuring that they meet speci c security requirements. After reviewing the templates, the Architect realizes that all of the templates are missing important security best practices. What should the Architect do to implement security best practices in an efficient manner? A Solutions Architect is about to deploy an API on multiple EC2 instances in an Auto Scaling group behind an ELB. The support team has the following operational requirements: 1 They get an alert when the requests per second go over 50,000 2 They get an alert when latency goes over 5 seconds 3 They can validate how many times a day users call the API requesting highly-sensitive data Which combination of steps does the Architect need to take to satisfy these operational requirements? (Select two.) A company processed 10 TB of raw data to generate quarterly reports. Although it is unlikely to be used again, the raw data needs to be preserved for compliance and auditing purposes. What is the MOST cost-effective way to store the data in AWS? A company needs to store data for 5 years. The company will need to have immediate and highly available access to the data at any point in time, but will not require frequent access. What lifecycle action should be taked to meet the requirements while reducing costs? An AWS workload in a VPC is running a legacy database on an Amazon EC2 instance. Data is stored on a 200GB Amazon EBS (gp2) volume. At peak load times, logs show excessive wait time. What solution should be implemented to improve database performance using persistent storage? An application relies on messages being sent and received in order. The volume will never exceed more than 300 transactions each second. Which service should be used? An organization uses Amazon S3 to store video content served via its website. It only has rights to deliver this content to users within its own country and needs to restrict access. How can the organization ensure that these files are only accessible from within its country? An application launched on Amazon EC2 instances needs to publish personally identi able information (PII) about customers using Amazon SNS. The application is launched in private subnets within an Amazon VPC. Which is the MOST secure way to allow the application to access service endpoints in the same region? A Solutions Architect is designing an application that will run on Amazon ECS behind an Application Load Balancer (ALB). For security reasons, 8 the Amazon EC2 host instances for the ECS cluster are in a private subnet. What should be done to ensure that the incoming traffic to the host instances is from the ALB only? A web server will be provisioned on two Amazon EC2 instances with an Application Load Balancer. Which of the following configurations will allow traffic on HTTP and HTTPS when con guring a security group to apply to each of these servers? A credit card processing application, hosted on an on-premises server, needs to communicate directly with a database hosted on an Amazon EC2 instance running in a private subnet of a VPC. Compliance requirements state that end-to-end communication should be encrypted. Which solution will ensure that this requirement is met? A web application stores all data in an Amazon RDS Aurora database instance. A Solutions Architect wants to provide access to the data for a detailed report for the Marketing team, but is concerned that the additional load on the database will affect the performance of the web application. How can the report be created without affecting the performance of the application? A company is implementing a data lake solution on Amazon S3. Its security policy mandates that the data stored in Amazon S3 should be encrypted at rest. Which options can achieve this? (Select TWO.) A company is building a critical ingestion service on AWS that will receive 1000 incoming events per second. The events must be processed in order, and no events may be lost. Multiple applications will need to process each event.The company will expose the service as RESTful calls through an API Gateway.What should a Solutions Architect use to receive the events based on these requirements ? A company has two different types of reporting needs on their 200-GB data warehouse: ✑ Data scientists run a small number of concurrent ad hoc SQL queries that can take several minutes each to run. 5 ✑ Display screens throughout the company run many fast SQL queries to populate dashboards. Which design would meet these requirements with the LEAST cost? An application publishes Amazon SNS messages in response to several events. An AWS Lambda function subscribes to these messages. Occasionally the function will fail while processing a message, so the original event message must be preserved for root cause analysis. What architecture will meet these requirements without changing the work ow? A company has an Amazon RDS-managed online transaction processing system that has very heavy read and write. The Solutions Architect notices throughput issues with the system. How can the responsiveness of the primary database be improved? A Solutions Architect has designed a VPC that meets all necessary security requirements for their organization. Any applications deployed in the organization must use this VPC design. How can project teams deploy, manage, and delete VPCs that meet this design with the LEAST administrative effort? A company has many applications on Amazon EC2 instances running in Auto Scaling groups. Company policies require that data on the attached Amazon EBS volume must be retained. Which actions will meet this requirement without impacting performance? An e-commerce application places orders in an Amazon SQS queue. When a message is received, Amazon EC2 worker instances process the request. The EC2 instances are in an Auto Scaling group. How should the architecture be designed to scale up and down with the LEAST amount of operational overhead? A Solutions Architect is designing a log-processing solution that requires storage that supports up to 500 MB/s throughput. The data is sequentially accessed by an Amazon EC2 instance. Which Amazon storage type satisfies these requirements? A customer has an application that is used by enterprise customers outside of AWS. Some of these customers use legacy rewalls that cannot whitelist by DNS name, but whitelist based only on IP address. The application is currently deployed in two Availability Zones, with one EC2 instance in each that has Elastic IP addresses. The customer wants to whitelist only two IP addresses, but the two existing EC2 instances cannot sustain the amount of traffic. What can a Solutions Architect do to support the customer and allow for more capacity? (Choose two.) Developers are creating a new online transaction processing (OLTP) application for a small database that is very read-write intensive. A single table in the database is updated continuously throughout the day, and the developers want to ensure that the database performance is consistent. Which Amazon EBS storage option will achieve the MOST consistent performance to help maintain application performance? A Solutions Architect needs to deploy a node.js-based web application that is highly available and scales automatically. The Marketing team needs to roll back on application releases quickly, and they need to have an operational dashboard. The Marketing team does not want to manage deployment of OS patches to the Linux servers. Use of which AWS service will satisfy these requirements? A customer owns a MySQL database that is accessed by various clients who expect, at most, 100 ms latency on requests. Once a record is stored in the database, it rarely changed. Clients only access one record at a time. Database access has been increasing exponentially due to increased client demand. The resultant load will soon exceed the capacity of the most expensive hardware available for purchase. The customer wants to migrate to AWS, and is willing to change database systems. Which service would alleviate the database load issue and offer virtually unlimited scalability for the future? An application stores data in an Amazon RDS PostgreSQL Multi-AZ database instance. The ratio of read requests to write requests is about 2 to 1. Recent increases in traffic are causing very high latency. How can this problem be corrected? An e-commerce application is hosted in AWS. The last time a new product was launched, the application experienced a performance issue due to an enormous spike in traffic. Management decided that capacity must be doubled the week after the product is launched. Which is the MOST efficient way for management to ensure that capacity requirements are met? A Solutions Architect is designing a photo application on AWS. Every time a user uploads a photo to Amazon S3, the Architect must insert a new item to a DynamoDB table. Which AWS-managed service is the BEST t to insert the item? A Solutions Architect is helping a customer migrate an application to AWS. The application is composed of a fleet of Linux servers that currently use a shared le system to read and write data. One of the goals of moving this application to AWS is to increase the reliability of the storage tier. What solution would increase reliability while minimizing the operational overhead of managing this infrastructure? A news organization plans to migrate their 20 TB video archive to AWS.The files are rarely accessed,but when they are,a request is made in advance and a 3 to 5 - hour retrieval time frame is acceptable.However,when there is a breaking news story,the editors require access to archived footage within minutes.Which storage solution meets the needs of this organizationwhile providing the LOWEST cost of storage ? A web application is running on Amazon EC2 instances behind an Elastic Load Balancing Application Load Balancer (ALB). The EC2 instances should receive no traffic, except for web requests to the application. Based on these requirements, what security group rules should be put on the Amazon EC2 instances? A Solutions Architect must design a web application that will be hosted on AWS, allowing users to purchase access to premium, shared content that is stored in an S3 bucket. Upon payment, content will be available for download for 14 days before the user is denied access. Which of the following would be the LEAST complicated implementation? A company plans to migrate a website to AWS to use a serverless architecture. The website contains both static and dynamic content and is accessed by users across the world. The website should maintain sessions for returning users to improve the user experience. Which service should a Solutions Architect use for a cost-efficient cient solution with the LOWEST latency? Employees from several companies use an application once a year during a speci c 30-day period. The periods are different for each company. traffic to the application spikes during these 30-day periods. How can the application be designed to handle these traffic spikes? An application requires block storage for le updates.The data is 500 GB and must continuously sustain 100 MiB / s of aggregate read / write operations.Which storage option is appropriate for this application ? A company is launching an application that it expects to be very popular. The company needs a database that can scale with the rest of the application. The schema will change frequently. The application cannot afford any downtime for database changes. Which AWS service allows the company to achieve these objectives? A company wants to migrate a three-tier web application to AWS. The company wants to control the placement of the instances and have visibility into underlying sockets and cores for licensing purposes. Which compute model should a Solutions Architect choose to accomplish this task? A company is migrating its data center to AWS.As part of this migration,there is a three - tier web application that has strict data - at - rest encryption requirements.The customer deploys this application on Amazon EC2 using Amazon EBS,and now must provide encryption at - rest.How can this requirement be met without changing the application ? A company plans to use AWS for all new batch processing workloads.The company 's developers use Docker containers for the new batch processing. The system design must accommodate critical and non-critical batch processing workloads 24/7. How should a Solutions Architect design this architecture in a cost-efficient manner? A Security team reviewed their company's VPC Flow Logs and found that traffic is being directed to the internet. The application in the VPC uses Amazon EC2 instances for compute and Amazon S3 for storage. The company's goal is to eliminate internet access and allow the application to continue to function. What change should be made in the VPC before updating the route table? A company is launching a dynamic website, and the Operations team expects up to 10 times the traffic on the launch date. This website is hosted on Amazon EC2 instances and traffic is distributed by Amazon Route 53. A Solutions Architect must ensure that there is enough backend capacity to meet user demands. The Operations team wants to scale down as quickly as possible after the launch. What is the MOST cost-effective and fault-tolerant solution that will meet the company's customer demands? (Choose two.) A Solutions Architect is designing a VPC. Instances in a private subnet must be able to establish IPv6 traffic to the Internet. The design must scale automatically and not incur any additional cost. This can be accomplished with: A company needs to use AWS resources to expand capacity for a website hosted in an on-premises data center. The AWS resources will include load balancers, Auto Scaling, and Amazon EC2 instances that will access an on-premises database. Network connectivity has been established, but no traffic is going to the AWS environment. How should Amazon Route 53 be Configured to distribute load to the AWS environment? (Select TWO.) A Solutions Architect is designing a database solution that must support a high rate of random disk reads and writes.It must provide consistent performance,and requires long - term persistence.Which storage solution BEST meets these requirements ? A Solutions Architect is building a WordPress-based web application hosted on AWS using Amazon EC2. This application serves as a blog for an international internet security company. The application must be geographically redundant and scalable. It must separate the public Amazon EC2 web servers from the private Amazon RDS database, it must be highly available, and it must support dynamic port routing. Which combination of AWS services or capabilities will meet these requirements? A Solutions Architect notices slower response times from an application. The CloudWatch metrics on the MySQL RDS indicate Read IOPS are high and uctuate significantly when the database is under load. How should the database environment be re-designed to resolve the IOPS uctuation? A media company asked a Solutions Architect to design a highly available storage solution to serve as a centralized document store for their Amazon EC2 instances. The storage solution needs to be POSIX - compliant, scale dynamically, and be able to serve up to 100 concurrent EC2 instances.Which solution meets these requirements ? A company uses Amazon S3 for storing a variety of files. A Solutions Architect needs to design a feature that will allow users to instantly restore any deleted files within 30 days of deletion. Which is the MOST cost-efficient cient solution? An application tier currently hosts two web services on the same set of instances, listening on different ports. Which AWS service should a Solutions Architect use to route traffic to the service based on the incoming request path? A Solutions Architect must select the most cost-efficient cient architecture for a service that responds to web requests. These web requests are small and query a DynamoDB table. The request rate ranges from zero to several hundred each second, without any predictable patterns. What is the MOST cost-efficient cient architecture for this service? A company is launching a static website using the zone apex (mycompany.com). The company wants to use Amazon Route 53 for DNS. Which steps should the company perform to implement a scalable and cost-effective solution? (Choose two.) A Solutions Architect is developing a solution for sharing files in an organization. The solution must allow multiple users to access the storage service at once from different virtual machines and scale automatically. It must also support le-level locking. Which storage service meets the requirements of this use case? A Solutions Architect is designing an application in AWS. The Architect must not expose the application or database tier over the Internet for security reasons. The application must be low-cost and have a scalable front end. The databases and application tier must have only one-way Internet access to download software and patch updates. Which solution helps to meet these requirements? An organization must process a stream of large - volume hashtag data in real time and needs to run custom SQL queries on the data to get insights on certain tags.The organization needs this solution to be elastic and does not want to manage clusters.Which of the following AWS services meets these requirements ? A Solutions Architect has been asked to deliver video content stored on Amazon S3 to speci c users from Amazon CloudFront while restricting access by unauthorized users. How can the Architect implement a solution to meet these requirements? A company wants to durably store data in 8 KB chunks.The company will access the data once every few months.However,when the company does access the data,it must be done with as little latency as possible.Which AWS service should a Solutions Architect recommendif cost is NOT a factor ? A Solutions Architect is architecting a workload that requires a performant object-based storage system that must be shared with multiple Amazon EC2 instances. Which AWS service meets this requirement? A Solution Architect is designing a disaster recovery solution for a 5 TB Amazon Redshift cluster. The recovery site must be at least 500 miles (805 kilometers) from the live site. How should the Architect meet these requirements? A Solutions Architect is designing a multi-tier application consisting of an Application Load Balancer, an Amazon RDS database instance, and an Auto Scaling group on Amazon EC2 instances. Each tier is in a separate subnet. There are some EC2 instances in the subnet that belong to another application. The RDS database instance should accept traffic only from the EC2 instances in the Auto Scaling group. What should be done to meet these requirements? An AWS Lambda function requires access to an Amazon RDS for SQL Server instance. It is against company policy to store passwords in Lambda functions. How can a Solutions Architect enable the Lambda function to retrieve the database password without violating company policy? An interactive, dynamic website runs on Amazon EC2 instances in a single subnet behind an ELB Classic Load Balancer. Which design changes will make the site more highly available? A Solutions Architect must design a storage solution for incoming billing reports in CSV format. The data does not need to be scanned frequently and is discarded after 30 days. Which service will be MOST cost-effective in meeting these requirements? A user is designing a new service that receives location updates from 3,600 rental cars every hour. The cars upload their location to an Amazon S3 bucket. Each location must be checked for distance from the original rental location. Which services will process the updates and automatically scale? An application is running on an Amazon EC2 instance in a private subnet. The application needs to read and write data onto Amazon Kinesis Data Streams, and corporate policy requires that this traffic should not go to the internet. How can these requirements be met? A restaurant reservation application needs the ability to maintain a waiting list. When a customer tries to reserve a table, and none are available, the customer must be put on the waiting list, and the application must notify the customer when a table becomes free. What service should the Solutions Architect recommend to ensure that the system respects the order in which the customer requests are put onto the waiting list? An application running in a private subnet accesses an Amazon DynamoDB table. There is a security requirement that the data never leave the AWS network. How should this requirement be met? A company is migrating on-premises databases to AWS. The company's backend application produces a large amount of database queries for reporting purposes, and the company wants to o oad some of those reads to Read Replica, allowing the primary database to continue performing efficiently. Which AWS database platforms will accomplish this? (Select TWO.) A Solutions Architect is designing a new architecture that will use an Amazon EC2 Auto Scaling group. Which of the following factors determine the health check grace period? (Select TWO.) A company has an application that uses Amazon CloudFront for content that is hosted on an Amazon S3 bucket. After an unexpected refresh, the users are still seeing old content. Which step should the Solutions Architect take to ensure that new content is displayed? A Solutions Architect is designing an Amazon VPC that requires access to a remote API server using IPv6. Resources within the VPC should not be accessed directly from the Internet. How should this be achieved? A company uses AWS Elastic Beanstalk to deploy a web application running on c4.large instances. Users are reporting high latency and failed requests. Further investigation reveals that the EC2 instances are running at or near 100% CPU utilization. What should a Solutions Architect do to address the performance issues? A Solutions Architect is designing an application on AWS that will connect to the on - premise data center through a VPN connection.The solution must be able to log network traffic over the VPN.Which service logs this network traffic ? A Solutions Architect is designing a solution that includes a managed VPN connection. To monitor whether the VPN connection is up or down, the Architect should use: A social networking portal experiences latency and throughput issues due to an increased number of users. Application servers use very large datasets from an Amazon RDS database, which creates a performance bottleneck on the database. Which AWS service should be used to improve performance? A Solutions Architect is building an application on AWS that will require 20,000 IOPS on a particular volume to support a media event.Once the event ends,the IOPS need is no longer required.The marketing team asks the Architect to build the platform to optimize storage without incurring downtime.How should the Architect design the platform to meet these requirements ? One company wants to share the contents of their Amazon S3 bucket with another company. Security requirements mandate that only the other company's AWS accounts have access to the contents of the Amazon S3 bucket. Which Amazon S3 feature will allow secure access to the Amazon S3 bucket? A company wants to analyze all of its sales information aggregated over the last 12 months. The company expects there to be over 10TB of data from multiple sources. What service should be used? A Solutions Architect is designing an architecture for a mobile gaming application. The application is expected to be very popular. The Architect needs to prevent the Amazon RDS MySQL database from becoming a bottleneck due to frequently accessed queries. Which service or feature should the Architect add to prevent a bottleneck? A Solutions Architect is developing a new web application on AWS. The services must scale to support an increasing load. The Architect wants to focus on software development and deploying new features rather than provisioning or managing servers. Which AWS service is appropriate? An on-premises database is experiencing significant performance problems when running SQL queries. With 10 users, the lookups are performing as expected. As the number of users increases, the lookups take three times longer than expected to return values to an application. Which action should a Solutions Architect take to maintain performance as the user count increases? A customer set up an Amazon VPC with one private subnet and one public subnet with a NAT gateway. The VPC will contain a group of Amazon EC2 instances. All instances will Configure themselves at startup by downloading a bootstrap script from an Amazon S3 bucket with a policy that only allows access from the customer's Amazon EC2 instances and then deploys an application through GIT. A Solutions Architect has been asked to design a solution that provides the highest level of security regarding network connectivity to the Amazon EC2 instances. How should the Architect design the infrastructure? A company is using an Amazon S3 bucket located in us-west-2 to serve videos to their customers. Their customers are located all around the world and the videos are requested a lot during peak hours. Customers in Europe complain about experiencing slow downloaded speeds, and during peak hours, customers in all locations report experiencing HTTP 500 errors. What can a Solutions Architect do to address these issues? A company has gigabytes of web log files stored in an Amazon S3 bucket. A Solutions Architect wants to copy those files into Amazon Redshift for analysis. The company's security policy mandates that data is encrypted at rest both in the Amazon Redshift cluster and the Amazon S3 bucket. Which process will fulfill the security requirements? A Solutions Architect is designing a Lambda function that calls an API to list all running Amazon RDS instances.How should the request be authorized ? A Solutions Architect has a multi-layer application running in Amazon VPC. The application has an ELB Classic Load Balancer as the front end in a public subnet, and an Amazon EC2-based reverse proxy that performs content-based routing to two backend Amazon EC2 instances hosted in a private subnet. The Architect sees tremendous traffic growth and is concerned that the reverse proxy and current backend set up will be insu cient. Which actions should the Architect take to achieve a cost-effective solution that ensures the application automatically scales to meet traffic demand? (Select two.) An application server needs to be in a private subnet without access to the Internet. The solution must retrieve and upload files to an Amazon S3 bucket. How should a Solutions Architect design a solution to meet these requirements? A company wants to create an application that will transmit protected health information (PHI) to thousands of service consumers in different AWS accounts. The application servers will sit in private VPC subnets. The routing for the application must be fault tolerant. What should be done to meet these requirements? A company is moving to AWS. Management has identified a set of approved AWS services that meet all deployment requirements. The company would like to restrict access to all other unapproved services to which employees would have access. Which solution meets these requirements with the LEAST amount of operational overhead? A Solutions Architect needs to allow developers to have SSH connectivity to web servers.The requirements are as follows : ✑Limit access to users origination from the corporate network. ✑Web servers cannot have SSH access directly from the Internet. ✑Web servers reside in a private subnet. Which combination of steps must the Architect complete to meet these requirements?(Choose two.) A Solutions Architect is designing a highly-available website that is served by multiple web servers hosted outside of AWS. If an instance becomes unresponsive, the Architect needs to remove it from the rotation. What is the MOST efficient way to fulfill this requirement? A company requires that the source, destination, and protocol of all IP packets be recorded when traversing a private subnet. What is the MOST secure and reliable method of accomplishing this goal. A company is developing several critical long - running applications hosted on Docker.How should a Solutions Architect design a solution to meet the scalability and orchestration requirements on AWS ? Legacy applications currently send messages through a single Amazon EC2 instance, which then routes the messages to the appropriate destinations. The Amazon EC2 instance is a bottleneck and single point of failure, so the company would like to address these issues.Which services could address this architectural use case?(Choose two.) A company has a legacy application using a proprietary le system and plans to migrate the application to AWS.Which storage service should the company use ? A data-processing application runs on an i3.large EC2 instance with a single 100 GB EBS gp2 volume. The application stores temporary data in a small database (less than 30 GB) located on the EBS root volume. The application is struggling to process the data fast enough, and a Solutions Architect has determined that the I/O speed of the temporary database is the bottleneck. What is the MOST cost-efficient cient way to improve the database response times? A company wants to migrate a highly transactional database to AWS. Requirements state that the database has more than 6 TB of data and will grow exponentially. Which solution should a Solutions Architect recommend? A Solution Architect is designing an application that uses Amazon EBS volumes. The volumes must be backed up to a different region. How should the Architect meet this requirement? A company must collect temperature data from thousands of remote weather devices.The company must also store this data in a data warehouse to run aggregations and visualizations.Which services will meet these requirements ? (Choose two.) An application hosted on AWS uses object storage for storing internal reports that are accessed daily by the CFO.Currently, these reports are publicly available.How should a Solutions Architect re - design this architecture to prevent unauthorized access to these reports ? A media company must store 10 TB of audio recordings. Retrieval happens infrequently and requestors agree on an 8-hour turnaround time. What is the MOST cost-effective solution to store the files? A Solutions Architect is designing a new application that needs to access data in a different AWS account located within the same region. The data must not be accessed over the Internet. Which solution will meet these requirements with the LOWEST cost? A workload consists of downloading an image from an Amazon S3 bucket, processing the image, and moving it to another Amazon S3 bucket. An Amazon EC2 instance runs a scheduled task every hour to perform the operation.How should a Solutions Architect redesign the process so that it is highly available ? A company is launching a marketing campaign on their website tomorrow and expects a significant increase in traffic. The website is designed as a multi-tiered web architecture, and the increase in traffic could potentially overwhelm the current design. What should a Solutions Architect do to minimize the effects from a potential failure in one or more of the tiers? A Solutions Architect is designing a shared le system for a company. Multiple users will be accessing it at any given time. Different teams will have their own directories, and the company wants to secure files so that users can access only files owned by their team. How should the Solutions Architect design this? A client notices that their engineers often make mistakes when creating Amazon SQS queues for their backend system.Which action should a Solutions Architect recommend to improve this process ? A bank is writing new software that is heavily dependent upon the database transactions for write consistency. The application will also occasionally generate reports on data in the database, and will do joins across multiple tables. The database must automatically scale as the amount of data grows. Which AWS service should be used to run the database? A company needs to quickly ensure that all files created in an Amazon S3 bucket in us-east-1 are also available in another bucket in ap-southeast2. Which option represents the SIMPLIEST way to implement this design? A data analytics startup company asks a Solutions Architect to recommend an AWS data store options for indexed data. The data processing engine will generate and input more than 64 TB of processed data every day, with item sizes reaching up to 300 KB.The startup is flexible with data storage and is more interested in a database that requires minimal effort to scale with a growing dataset size. Which AWS data store service should the Architect recommend? A prediction process requires access to a trained model that is stored in an Amazon S3 bucket. The process takes a few seconds to process an image and make a prediction. The process is not overly resource-intensive, does not require any specialized hardware, and takes filess than 512 MB of memory to run. What would be the MOST effective compute solution for this use case? Which requirements must be met in order for a Solutions Architect to specify that an Amazon EC2 instance should stop rather than terminate when its Spot Instance is interrupted? (Choose two.) A company has an Amazon RDS database backing its production website.The Sales team needs to run queries against the database to track training program effectiveness.Queries against the production database cannot impact performance,and the solution must be easy to maintain.How can these requirements be met ? A Solutions Architect is designing a solution to store a large quantity of event data in Amazon S3. The Architect anticipates that the workload will consistently exceed 100 requests each second. What should the Architect do in Amazon S3 to optimize performance? A company expects its user base to increase ve times over one year. Its application is hosted in one region and uses an Amazon RDS MySQL database, an ELB Application Load Balancer, and Amazon ECS to host the website and its microservices. Which design changes should a Solutions Architect recommend to support the expected growth? (Choose two.) A Solutions Architect is designing an Amazon VPC. Applications in the VPC must have private connectivity to Amazon DynamoDB in the same AWS Region. The design should route DynamoDB traffic through: A Solutions Architect needs to design a solution that will enable a security team to detect,review,and perform root cause analysis of security incidents that occur in a cloud environment.The Architect must provide a centralized view of all API eventsfor current and future AWS regions.How should the Architect accomplish this task ? As part of a migration strategy, a Solutions Architect needs to analyze workloads that can be optimized for performance and cost. The Solutions Architect has identified a stateless application that serves static content as a potential candidate to move to the cloud. The Solutions Architect has the exibility to choose an identity solution between Facebook, Twitter, and Amazon. Which AWS solution offers exibility and ease of use, and the LEAST operational overhead for this migration? An application currently stores objects in Amazon S3-Standard. The application accesses new objects frequently for one week. After one week, they are accessed occasionally for analysis batch jobs. A Solutions Architect has been asked to reduce storage costs for the application while allowing immediate access for batch jobs. How can costs be reduced without reducing data durability? What conditions could cause a Multi-AZ Amazon RDS failover to occur? (Choose two.) A customer has a service based out of Oregon, U.S. and Paris, France. The application is storing data in an S3 bucket located in Oregon, and that data is updated frequently. The Paris o ce is experiencing slow response times when retrieving objects. What should a Solutions Architect do to resolve the slow response times for the Paris o ce? A Solution Architect is creating a serverless web application that must access mapping data in hundreds of data files, each containing approximately 30 KB of data. The storage required is expected to grow to hundreds of terabytes. Which storage solution is most cost-effective, yet still meets the requirements for this use case? A Solutions Architect is designing an application on AWS that uses persistent block storage. Data must be encrypted at rest. Which solution meets the requirement? A Solutions Architect is designing a web application that is running on an Amazon EC2 instance. The application stores data in DynamoDB. The Architect needs to secure access to the DynamoDB table. What combination of steps does AWS recommend to achieve secure authorization? (Select two.) A retail company has sensors placed in its physical retail stores. The sensors send messages over HTTP when customers interact with in-store product displays. 3, A Solutions Architect needs to implement a systemfor processing those sensor messages;the results must be availablefor the Data Analysis team.Which architecture should be used to meet these requirements ? How can a user track memory usage in an EC2 instance ? A solutions Architect is designing a new workload where an AWS Lambda function will access an Amazon DynamoDB table. What is the MOST secure means of granting the Lambda function access to the DynamoDB table? A Solutions Architect is designing an elastic application that will have between 10 and 50 Amazon EC2 concurrent instances running, dependent on load. Each instance must mount storage that will read and write to the same 50 GB folder. Which storage type meets the requirements? Which service should an organization use if it requires an easily managed and scalable platform to host its web application running on Nginx? A Solutions Architect is designing a web application. The web and application tiers need to access the Internet, but they cannot be accessed from the Internet. Which of the following steps is required? A Solutions Architect designed a system based on Amazon Kinesis Data Streams. After the work ow was put into production, the company noticed it performed slowly and identified Kinesis Data Streams as the problem. One of the streams has a total of 10 Mb/s throughput. What should the Solutions Architect recommend to improve performance? During a review of business applications, a Solutions Architect identi es a critical application with a relational database that was built by a business user and is running on the user's desktop. To reduce the risk of a business interruption, the Solutions Architect wants to migrate the application to a highly available, multi- tiered solution in AWS. What should the Solutions Architect do to accomplish this with the LEAST amount of disruption to the business? A Solutions Architect is designing a three-tier web application that includes an Auto Scaling group of Amazon EC2 instances running behind an ELB Classic Load Balancer. The security team requires that all web servers must be accessible only through the Load Balancer, and that none of the web servers are directly accessible from the Internet. How should the Architect meet these requirements? A Solutions Architect is designing the architecture for a new three-tier web-based e-commerce site that must be available 24/7. Requests are expected to range from 100 to 10,000 each minute. Usage can vary depending on time of day, holidays, and promotions. The design should be able to handle these volumes, with the ability to handle higher volumes if necessary. How should the Architect design the architecture to ensure the web tier is cost-optimized and can handle the expected traffic? (Select two.) During performance testing of an application, the Amazon RDS database caused a performance bottleneck. What steps can be taken to improve the database performance? (Choose two.) A Solutions Architect is designing a solution for a media company that will stream large amounts of data from an Amazon EC2 instance. The data streams are typically large and sequential, and must be able to support up to 500 MB/s. Which storage type will meet the performance requirements of this application? A company has a popular multi-player mobile game hosted in its on-premises datacenter. The current infrastructure can no longer keep up with demand and the company is considering a move to the cloud. Which solution should a Solutions Architect recommend as the MOST scalable and cost-effective solution to meet these needs? A company plans to deploy a new application in AWS that reads and writes information to a database. The company wants to deploy the application in two different AWS Regions in an active-active configuration. The databases need to replicate to keep information in sync. What should be used to meet these requirements? A company has instances in private subnets that require outbound access to the internet. This requires: An organization is deploying Amazon ElastiCache for Redis and requires password protection to improve their data security posture. Which solution should a Solutions Architect recommend? A Solutions Architect is concerned that the current security group rules for a database tier are too permissive and may permit requests that should be restricted. Below are the current security group permissions for the database tier: ✑ Protocol: TCP ✑ Port Range: 1433 (MS SQL) ✑ Source: ALL Currently, the only identified resource that needs to connect to the databases is the application tier consisting of an Auto Scaling group of EC2 instances. What changes can be made to this security group that would offer the users LEAST privilege? A Solutions Architect plans to migrate NAT instances to NAT gateway. The Architect has NAT instances with scripts to manage high availability. What is the MOST efficient method to achieve similar high availability with NAT gateway? A company hosts a website on premises. The website has a mix of static and dynamic content, but users experience latency when loading static files. Which AWS service can help reduce latency? A company's policy requires that all data stored in Amazon S3 is encrypted. The company wants to use the option with the least overhead and does not want to manage any encryption keys. Which of the following options will meet the company's requirements? A Solutions Architect needs to build a resilient data warehouse using Amazon Redshift. The Architect needs to rebuild the Redshift cluster in another region. Which approach can the Architect take to address this requirement? A company's website receives 50,000 requests each second, and the company wants to use multiple applications to analyze the navigation patterns of the users on their website so that the experience can be personalized. What can a Solutions Architect use to collect page clicks for the website and process them sequentially for each user? An application is scanning an Amazon DynamoDB table that was created with default settings. The application occasionally reads stale data when it queries the table. How can this issue be corrected? 7 As part of securing an API layer built on Amazon API gateway,a Solutions Architect has to authorize users who are currently authenticated by an existing identity provider.The users must be denied accessfor a period of one hour after three unsuccessful attempts.How can the Solutions Architect meet these requirements ? A company has an application that stores sensitive data. The company is required by government regulations to store multiple copies of its data. What would be the MOST resilient and cost-effective option to meet this requirement? A customer is running a critical payroll system in a production environment in one data center and a disaster recovery (DR) environment in another. The application includes load-balanced web servers and failover for the MySQL database. The customer's DR process is manual and error-phone For this reason management has asked IT to migrate the application to AWS and make it highly available so that IT no longer has to 7 error phone. For this reason, management has asked IT to migrate the application to AWS and make it highly available so that IT no longer has to manually fail over the environment. How should a Solutions Architect migrate the system to AWS? A company is developing a new stateless web service with low memory requirements. The service needs to scale based on demand. What is the MOST cost-effective solution? A Solutions Architect is working on a PCI-compliant architecture that needs to call an external service provider's API. The external provider requires IP whitelisting to verify the calling party. How should the Solutions Architect provide the external party with the IP addresses for whitelisting? A manufacturing company captures data from machines running at customer sites. Currently, thousands of machines send data every 5 minutes, and this is expected to grow to hundreds of thousands of machines in the near future. The data is logged with the intent to be analyzed in the future as needed. What is the SIMPLEST method to store this streaming data at scale? A company is setting up a new website for online sales. The company will have a web tier and a database tier. The web tier consists of loadbalanced, auto-scaled Amazon EC2 instances in multiple Availability Zones (AZs). The database tier is an Amazon RDS Multi-AZ deployment. The EC2 instances must connect securely to the database. How should the resources be launched? A Solutions Architect is designing a three-tier web application that will allow customers to upload pictures from a mobile application. The application will then generate a thumbnail of the picture and return a message to the user con rming that the image was successfully uploaded. Generation of the thumbnail may take up to 5 seconds. To provide a sub second response time to the customers uploading the images, the Solutions Architect wants to separate the web tier from the application tier. Which service would allow the presentation tier to asynchronously dispatch the request to the application tier? A workload in an Amazon VPC consists of a single web server launched from a custom AMI. Session state is stored in a database. How should the Solutions Architect modify this workload to be both highly available and scalable? A company has a legal requirement to store point - in -time copies of its Amazon RDS PostGreSQL database instance in facilities that are at least 200 miles apart.Use of which of the following provides the easiest way to comply with this requirement ? A company has an application that accesses a MySQL database installed on a single EC2 instance. The instance recently experienced a fault and brought down the entire application for several hours. The company wants to address the issue but is concerned about spending too much time modifying application code or managing the legacy application. What should the Solutions Architect recommend to remove this single point of failure with the FEWEST changes to the application code and the LEAST amount of administrative effort?
Enable cross-region replication in the Amazon S3 bucket. Default Amazon CloudWatch metrics. Configure active - active failover using Route 53 latency DNS records. Configure the CloudWatch Alarm to send the noti cation to an Amazon SNS topic whenever there is an alarm. One public subnet for the load balancer tier,one public subnet for the front - end tier,and one private subnet for the backend tier. Scale out the EC2 instances to ensure that the environment scales up and down based on the highest load. Create a wildcard certificate and upload it to the Application Load Balancer Generate an access key ID and a secret key, and assign an IAM role with least privilege. Amazon S3 Amazon S3 Standard An Amazon EC2 instance store local SSD volume. Use AWS STS to process the messages On-Demand Instances Assign Elastic IP addresses to the database instances. The application is reading parts of objects from Amazon S3 using a range header. Create a Lambda function to move files older than 30 days to Amazon EBS and move files older than 60 days to Amazon Glacier. Amazon EFS Set up Amazon CloudWatch monitors on services they own Create an Amazon EFS le system and run a shell script to copy the data Associate AWS KMS metrics with Amazon CloudWatch. Store the application data in Amazon S3 Use Amazon S3 for current invoices. Set up lifecycle rules to migrate invoices to the GLACIER storage class after 30 days. Set up a streaming data ingestion application on Amazon EC2 and connect it to a Hadoop cluster for data processing. Send the output to Amazon S3 and use Amazon Athena to analyze the data. Create a bastion host in a public subnet, and use the bastion host to connect to the database. Amazon EC2 instance storage Amazon Redshift Configure a Network Load Balancer. Amazon EC2 instance with Amazon EBS Amazon CloudFront with geolocation routing Store the data in Amazon S3 Standard storage with a lifecycle rule to transition the data to Amazon S3 Standard-Infrequent Access (S3 Standard-IA) after 7 days, then transition to the GLACIER storage class after 30 days Amazon API Gateway and AWS Lambda Amazon EC2 Amazon EC2 Spot Instances Enable detailed monitoring on the Amazon EC2 instances. Security groups Amazon ECS for the web application, and an Amazon RDS for MySQL for the database. Use Amazon Cognito Identity with SMS-based MFA. Configure the database security group to allow database traffic from the application server IP addresses. Change the Auto Scaling group 's scale out event to scale based on network utilization. Amazon S3 Amazon SQS Use Amazon Kinesis with AWS CloudTrail for auditing the specific times when profile photos are uploaded. The instance with the oldest launch configuration. Convert the code to a Lambda function triggered by scheduled Amazon CloudWatch Events. Use VPC peering to enforce network consistency Ensure that CloudTrail is enabled. Amazon EBS Cold HDD (sc1) Transition objects from Amazon S3 Standard to Amazon S3 Standard-Infrequent Access (S3 Standard-IA) Migrate the data on the Amazon EBS volume to an SSD-backed volume. Amazon SQS Use a custom Amazon S3 bucket policy to allow access only to users inside the organization's country Use an internet gateway. Create network ACL rules for the private subnet to allow incoming traffic on ports 32768 through 61000 from the IP address of the ALB only. Allow all inbound traffic, with explicit denies on non-HTTP and non-HTTPS ports. Use HTTPS for traffic over VPC peering between the VPC and the on-premises datacenter. Create a read replica of the database. Use S3 server-side encryption with an Amazon EC2 key pair. Amazon Kinesis Data Stream Replicate relevant data between Amazon Redshift and Amazon DynamoDB. Data scientists use Redshift. Dashboards use DynamoDB. Subscribe an Amazon SQS queue to the Amazon SNS topic and trigger the Lambda function from the queue. Use asynchronous replication for standby to maximize throughput during peak demand. Deploy an AWS CloudFormation template that de nes components of the VPC. Enable Termination Protection on the Amazon EC2 instances. Use an Amazon CloudWatch alarm on the EC2 CPU to scale the Auto Scaling group up and down. EBS Provisioned IOPS SSD (io1) Create a Network Load Balancer with an interface in each subnet, and assign a static IP address to each subnet. Provisioned IOPS SSD Amazon EC2 Amazon RDS Create a similar RDS PostgreSQL instance and direct all traffic to it. Add a Step Scaling policy. Lambda@Edge Create an EBS volume and mount it to all the servers. Store the archive in Amazon S3 Reduced Redundancy Storage. An inbound rule allowing traffic from the security group attached to the ALB Use an Amazon CloudFront distribution with an origin access identity (OAI). Configure the distribution with an Amazon S3 origin to provide access to the le through signed URLs. Design a Lambda function to remove data that is older than 14 days. Amazon S3, AWS Lambda, Amazon API Gateway, and Amazon DynamoDB Use an Amazon Route 53 latency routing policy to route traffic to an Amazon EC2 instance with the least lag time. Amazon S3 Amazon Redshift EC2 Reserved Instances Use AWS Key Management Service and move the encrypted data to Amazon S3.2 Purchase Reserved Instances to run all containers. Use Auto Scaling groups to schedule jobs. Create a NAT gateway for Amazon S3 access Set up an Application Load Balancer to distribute traffic to multiple EC2 instances an egress-only internet gateway Set up a weighted routing policy, distributing the workload between the load balancer and the on-premises environment. An Amazon EBS Provisioned IOPS volume AWS Auto Scaling with a Classic Load Balancer, and AWS CloudTrail Change the RDS instance type to get more RAM. Create an Amazon S3 bucket and store all of the documents in this bucket. Create lifecycle policies that move the objects to Amazon Glacier and delete them after 30 days. AWS Application Load Balancer Network Load Balancer/Amazon EC2 Host the website on an Amazon EC2 instance with ELB and Auto Scaling, and map a Route 53 alias record to the ELB endpoint. Amazon S3 Use a NAT Gateway as the front end for the application tier and to enable the private resources to have Internet access. Amazon Elasticsearch Service Configure CloudFront to use signed-URLs to access Amazon S3. Amazon DynamoDB Amazon EFS Use AWS CloudFormation to deploy the cluster in a second region. Configure the inbound network ACLs on the database subnet to accept traffic from the IP addresses of the EC2 instances only. Add an IAM policy for IAM database access to the Lambda execution role. Move some Amazon EC2 instances to a subnet in a different way. Import the logs into an RDS MySQL instance. Amazon EC2 and Amazon EBS Configure a NAT gateway in a public subnet and route all traffic to Amazon Kinesis through the NAT gateway. Amazon SNS Configure a network ACL on DynamoDB to limit traffic to the private subnet Amazon RDS for Oracle How frequently the Auto Scaling group scales up or down. Perform a cache refresh on the CloudFront distribution that is serving the content. Use a NAT gateway and deny public access using security groups Use time-based scaling to scale the number of instances based on periods of high load. AWS CloudTrail logs an external service to ping the VPN endpoint from outside the VPC. Auto Scaling Change the Amazon EC2 instant types. Bucket policy Amazon DynamoDB Multi-AZ feature on the RDS MySQL Database Auto Scaling Use Amazon SQS. Place the Amazon EC2 instances in the public subnet, with no EIPs; route outgoing traffic through the internet gateway. Place an elastic load balancer in front of the Amazon S3 bucket to distribute the load during peak hours. Enable server-side encryption on the Amazon S3 bucket. Launch an unencrypted Amazon Redshift cluster. Copy the data into the Amazon Redshift cluster. Create an IAM access and secret key,and store it in the Lambda function. Replace the Amazon EC2 reverse proxy with an ELB internal Classic Load Balancer. Use Amazon S3 VPC endpoints Create a VPC endpoint service and grant permissions to speci c service consumers to create a connection. Configure the AWS Trusted Advisor service utilization compliance report. Subscribe to Amazon SNS noti cations from Trusted Advisor. Create a custom AWS Lambda function that can automatically remediate the use of unauthorized services. Create a bastion host that authenticates users against the corporate directory. Use Amazon CloudWatch to monitor utilization. Create VPC flow logs on the subnet. Use Amazon ECS and Service Auto Scaling. Amazon SNS Amazon DynamoDB Enable EBS optimization on the instance and keep the temporary files on the existing volume. Amazon Aurora Create EBS snapshots directly from one region to another. Amazon Kinesis Data Firehouse Encrypt the files on the client side and store the files on Amazon Glacier,then decrypt the reports on the client side. Amazon S3 Standard / Ifrequent Access (Standard IA) Add rules to the security groups in each account. Change the Amazon EC2 instance to compute optimized. Migrate the database to Amazon RDS. Use Amazon EFS and control permissions by using le-level permissions. Use the AWS CLI to create queues using AWS IAM Access Keys. Amazon S3 Add an S3 lifecycle rule to move any files from the bucket in us-east-1 to the bucket in ap-southeast-2. Amazon RDS Amazon ECS The Spot Instance request type must be one-time. Use an Amazon Redshift database.Copy the product database into Redshift and allow the team to query it. Randomize a key name prefix. Move static files from ECS to Amazon S3 VPC peering connection. Enable AWS CloudTrail logging in each individual region.Repeat thisfor all future regions. Use AWS Identity and Access Management (IAM) for managing identities, and migrate the application to run on Amazon S3, Amazon API Gateway, and AWS Lambda. Create a lifecycle policy that moves Amazon S3 data to Amazon S3 One Zone-Infrequent Access storage after 7 days. After 30 days, move the data to Amazon Glacier. The RDS instance is stopped manually Set up an S3 bucket based in Paris, and enable cross-region replication from the Oregon bucket to the Paris bucket. Amazon EFS Enable SSL on Amazon EC2 instances. Store an access key on the Amazon EC2 instance with rights to the Dynamo DB table. Implement an Amazon API Gateway to server as the HTTP endpoint.Have the API Gateway trigger an AWS Lambdafunction to process the messages,and save the results to an Amazon DynamoDB table. Call Amazon CloudWatch to retrieve the memory usage metric data that exists for the EC2 instance. Create an identity and access management (IAM) role with the necessary permissions to access the DynamoDB table, and assign the role to the Lambda function. Amazon S3 AWS Lambda Attach an Elastic IP address to each Amazon EC2 instance and add a route from the private subnet to the public subnet. Use AWS Lambda to preprocess the data and transform the records into a simpler format, such as CSV. Create an import package of the application code for upload to AWS Lambda, and include a function to create another Lambda function to migrate data into an Amazon RDS database Use a Load Balancer installed on an Amazon EC2 instance. Launch Amazon EC2 instances in an Auto Scaling group behind an ELB. Change the RDS database instance to multiple Availability Zones. EBS Provisioned IOPS SSD Amazon EC2 and an Application Load Balancer Amazon Athena with Amazon S3 cross-region replication Assigning a public IP address to the instance. Redis Auth Change the source to -1 to remove source IP addresses previously unseen. Remove source/destination check on NAT instances. Amazon CloudFront with on-premises servers as the origin AWS CloudHSM Modify the Redshift cluster and Configure cross-region snapshots to the other region. Amazon Kinesis Stream Increase the provisioned read capacity of the table. Use AWS IAM authorization and add least-privileged permissions to each respective IAM role. Amazon EFS Migrate the production and DR environments to different Availability Zones within the same region. Let AWS manage failover between the environments. Deploy the application onto AWS Elastic Beanstalk Use an API Gateway in proxy mode, and provide the API Gateway's IP address to the external service provider. Create an Amazon Kinesis Firehouse delivery stream to store the data in Amazon S3. EC2 instances: public subnet RDS database instances: public subnet Load balancer: public subnet AWS Step Functions Create a launch Configuration with a desired capacity of two web servers across multiple Availability Zones. Create an Auto Scaling group with the AMI ID of the web server image. Use Amazon Route 53 latency-based routing to balance traffic across the Auto Scaling group. Cross - region read replica Implement a caching layer by using Amazon ElastiCache to store query results of frequently accessed information.