1. A local bank wants to grant a contractor access to a specific S3 bucket for data migration purposes. Which AWS Identity and Access Management (IAM) identity type should be used in this scenario? Answer:- IAM role 2. A large organization uses AWS to host their web applications. They want to define fine- grained access control for their applications, ensuring that developers only have access to specific resources within their respective projects. Which permission mechanism best fits this use case? Answer:- Identity Policy 3. A developer wants to grant secure long-term access to an S3 bucket across several AWS accounts. Which option can they use to grant secure long-term access to this S3 bucket? Answer:- Bucket Policy 4. An architect needs an EC2 instance that runs for at least 1 year. In that year, the needs of the workload might change to require that the instance be moved to a new Region. They must keep costs low and guarantee that the computing cost will remain the same if the Region changes. Which pricing option should they choose? Answer:- Compute Savings Plans 5. A company is running a multi-tier application. Amazon EC2 instances run the web tier, and Amazon RDS for Microsoft SQL Server is used for the database tier. The database is experiencing very high load when running weekly reports. How can the company improve database performance in both regions with the LEAST administrative effort? Answer:- Create read replicas and configure the reports to use these new endpoints. 6. An application running on EC2 instances processes sensitive information that's stored on Amazon S3. The information is accessed over the internet. The security team is concerned that the internet connectivity to Amazon S3 is a security risk. Which solution will resolve the security concern? Answer:- Access the data through a virtual private cloud (VPC) endpoint for Amazon S3. 7. A car dealership has 20 branches all over the United States. Each dealership is represented by a virtual private cloud (VPC) in the architecture. All the VPCs need to be peered together. They need a solution that offers low maintenance and supports growth as more dealerships are added. Which is the best solution to meet these needs? Answer:- AWS Transit Gateway 8. An architecture spans across two Regions and has multiple virtual private clouds (VPCs) in each Region. The architect sets up an AWS Transit Gateway hub in each Region to peer the VPCs. They need to connect the Transit Gateway hubs in each Region together so that traffic can flow between Regions. Which solution should they use to connect the Transit Gateway hubs? Answer:- Transit gateway peering attachments 9. A public web application lets users create accounts. The application relies on federating non-AWS user access to websites. Which AWS service can provide this functionality? Answer:- Amazon Cognito 10. A company needs to store massive amounts of PDF files in the cloud. There is a requirement that the data is secured using server-side encryption and that the MOST cost effective storage for the files is used. Which combination of services should the company use? (Select TWO.) Answer:- a) Use Amazon S3 to store the data. b) Use AWS Key Management Service (AWS KMS) for sever-side encryption. 11. A company recently recovered from a security incident that involved a network exposure on its EC2 instances. They want a solution that can protect against network exposures in the future and offer remediation guidance for any vulnerabilities that might be found. Which AWS service can do this? Answer:- Amazon Inspector 12. A solutions architect is architecting an application that will receive a high volume of traffic. User traffic should be directed to specific AWS Lambda functions based on the application API call route. Which load balancer is appropriate to be part of the design? Answer:- Application Load Balancer 13. An internal facing web application is used intermittently and should be extremely cost efficient. The relational database should require minimal human administration and automatically scale horizontally using configured limits. Over weekends, the database should be stopped. Which Amazon database would satisfy these requirements? Answer:- Amazon Aurora Serverless 14. A solutions architect is designing an application using AWS CloudFormation. The application requires code that integrates AWS services that the architect is less familiar with. Which services can offer real-time code suggestions to help the solutions architect to successfully code for these requirements? Answer:- Amazon CodeWhisperer 15. An S3 bucket regularly receives uploaded videos from a web application. Users in the United States can access the videos with very low latency. Users in Europe and other Regions are complaining of slow downloads. Which solution can maintain a good user experience regardless of which Region users connect from? Answer:- Configure Amazon CloudFront and connect to the S3 bucket as a source. 16. A delivery company wants to provide real-time updates when packages are dispatched for delivery. Their current process involves manually updating their database and relying on customers to log into their system to check the status of their deliveries. Which service should be used to accomplish real-time notification? Answer:- Use Amazon Simple Notification Service (Amazon SNS). 17. A solutions architect is tasked to build a production scale application using containers as the compute solution. They decide to use Amazon Elastic Container Service (Amazon ECS). After setting up their Amazon ECS cluster, which steps should they follow to build a production environment? Answer:- Create and run a task definition to deploy containers on Amazon EC2 instance nodes. Set up an Application Load Balancer to route traffic to the containers. 18. A stock brokerage company wants to provide a secure, scalable API solution for their AWS resources. Customers can sign up for the free service, which limits API requests per day, or the paid service for unlimited API usage. Which API type would satisfy these requirements? Answer:- Amazon API Gateway REST API 19. A solutions architect is designing a work flow that needs real-time data ingestion. They are considering either Amazon Kinesis Data Firehose or Amazon Kinesis Data Streams for this solution. Which service should the solutions architect choose to meet the requirement of data delivery of less than 10 seconds? Answer:- Amazon Kinesis Data Streams because it has lower latency when compared to Amazon Kinesis Data Firehose, which has a minimum buffer of 60 seconds. 20. A consultant needs to recommend a disaster recovery solution for a company with a 7 TB Amazon Redshift cluster. The company requires a backup in another Region from the primary Region. Which is the most cost-effective solution? Answer:- Enable cross-Region snapshots to a different region. 21. In an application, Amazon S3 sends a message to an Amazon Simple Queue Service (Amazon SQS) queue whenever there is an image upload event. A single EC2 instance reads the message from the queue, then loads the image from S3 and processes it. Image meta data is stored in an on-demand Amazon DynamoDB table. If predicted traffic increases by ten times, which component will need reconfiguration to scale? Answer:- EC2 instance 22. A developer was just hired by a large organization that uses many different AWS services in their environment. They were instructed to configure a web application using stateless web servers. Which services can they use to handle session state data? (Select TWO.) Answer:- a) Amazon ElastiCache b) Amazon DynamoDB 23. An e-commerce platform currently uses dependent Amazon EC2 instances for operations. During high-traffic periods like sales events, increased load on one service disrupts all the interconnected services, affecting the overall performance. Which Amazon service should be added to solve this problem? Answer:- Amazon Simple Queue Service (Amazon SQS) 24. A company is launching a Linux instance that will be used to host a high-performing Redis database. They want to select an instance type that is best suited for the workload. Which instance type should they choose when they launch the instance? Answer:- Memory optimized instance type 25. A company need to launch a Linux instance that will host a database. The instance needs to stop on occasion to perform maintenance tasks. Which storage solution should they choose for the data? Answer:- Amazon Elastic Block Store (Amazon EBS) 26. A cloud architect has a development PostgreSQL database running on Amazon RDS. It was being used to test a production database with a heavy read-write workload. Testing is complete, and they want to delete the database. Company policy requires storage of development database backups for 6 months after deletion. How can you accomplish this? Answer:- Take a snapshot, and store it for 6 months. 27. A manager needs to implement a disaster recovery strategy for an architecture that is hosted on AWS. She knows that the workload is not critical to the business, so keeping costs low is more important than the speed of recovery. Which disaster recover strategy should she implement? Answer:- Back-up and restore
1. A local bank wants to grant a contractor access to a specific S3 bucket for data migration purposes. Which AWS Identity and Access Management (IAM) identity type should be used in this scenario?
Answer:- IAM role
2. A large organization uses AWS to host their web applications. They want to define fine- grained access control for their applications, ensuring that developers only have access to specific resources within their respective projects. Which permission mechanism best fits this use case?
Answer:- Identity Policy
3. A developer wants to grant secure long-term access to an S3 bucket across several AWS accounts. Which option can they use to grant secure long-term access to this S3 bucket?
Answer:- Bucket Policy
4. An architect needs an EC2 instance that runs for at least 1 year. In that year, the needs of the workload might change to require that the instance be moved to a new Region. They must keep costs low and guarantee that the computing cost will remain the same if the Region changes. Which pricing option should they choose?
Answer:- Compute Savings Plans
5. A company is running a multi-tier application. Amazon EC2 instances run the web tier, and Amazon RDS for Microsoft SQL Server is used for the database tier. The database is experiencing very high load when running weekly reports. How can the company improve database performance in both regions with the LEAST administrative effort?
Answer:- Create read replicas and configure the reports to use these new endpoints.
6. An application running on EC2 instances processes sensitive information that's stored on Amazon S3. The information is accessed over the internet. The security team is concerned that the internet connectivity to Amazon S3 is a security risk. Which solution will resolve the security concern?
Answer:- Access the data through a virtual private cloud (VPC) endpoint for Amazon S3.
7. A car dealership has 20 branches all over the United States. Each dealership is represented by a virtual private cloud (VPC) in the architecture. All the VPCs need to be peered together. They need a solution that offers low maintenance and supports growth as more dealerships are added. Which is the best solution to meet these needs?
Answer:- AWS Transit Gateway
8. An architecture spans across two Regions and has multiple virtual private clouds (VPCs) in each Region. The architect sets up an AWS Transit Gateway hub in each Region to peer the VPCs. They need to connect the Transit Gateway hubs in each Region together so that traffic can flow between Regions. Which solution should they use to connect the Transit Gateway hubs?
Answer:- Transit gateway peering attachments
9. A public web application lets users create accounts. The application relies on federating non-AWS user access to websites. Which AWS service can provide this functionality?
Answer:- Amazon Cognito
10. A company needs to store massive amounts of PDF files in the cloud. There is a requirement that the data is secured using server-side encryption and that the MOST cost effective storage for the files is used. Which combination of services should the company use? (Select TWO.)
Answer:- a) Use Amazon S3 to store the data.
b) Use AWS Key Management Service (AWS KMS) for sever-side encryption.
11. A company recently recovered from a security incident that involved a network exposure on its EC2 instances. They want a solution that can protect against network exposures in the future and offer remediation guidance for any vulnerabilities that might be found. Which AWS service can do this?
Answer:- Amazon Inspector
12. A solutions architect is architecting an application that will receive a high volume of traffic. User traffic should be directed to specific AWS Lambda functions based on the application API call route. Which load balancer is appropriate to be part of the design?
Answer:- Application Load Balancer
13. An internal facing web application is used intermittently and should be extremely cost efficient. The relational database should require minimal human administration and automatically scale horizontally using configured limits. Over weekends, the database should be stopped. Which Amazon database would satisfy these requirements?
Answer:- Amazon Aurora Serverless
14. A solutions architect is designing an application using AWS CloudFormation. The application requires code that integrates AWS services that the architect is less familiar with. Which services can offer real-time code suggestions to help the solutions architect to successfully code for these requirements?
Answer:- Amazon CodeWhisperer
15. An S3 bucket regularly receives uploaded videos from a web application. Users in the United States can access the videos with very low latency. Users in Europe and other Regions are complaining of slow downloads. Which solution can maintain a good user experience regardless of which Region users connect from?
Answer:- Configure Amazon CloudFront and connect to the S3 bucket as a source.
16. A delivery company wants to provide real-time updates when packages are dispatched for delivery. Their current process involves manually updating their database and relying on customers to log into their system to check the status of their deliveries. Which service should be used to accomplish real-time notification?
Answer:- Use Amazon Simple Notification Service (Amazon SNS).
17. A solutions architect is tasked to build a production scale application using containers as the compute solution. They decide to use Amazon Elastic Container Service (Amazon ECS). After setting up their Amazon ECS cluster, which steps should they follow to build a production environment?
Answer:- Create and run a task definition to deploy containers on Amazon EC2 instance nodes. Set up an Application Load Balancer to route traffic to the containers.
18. A stock brokerage company wants to provide a secure, scalable API solution for their AWS resources. Customers can sign up for the free service, which limits API requests per day, or the paid service for unlimited API usage. Which API type would satisfy these requirements?
Answer:- Amazon API Gateway REST API
19. A solutions architect is designing a work flow that needs real-time data ingestion. They are considering either Amazon Kinesis Data Firehose or Amazon Kinesis Data Streams for this solution. Which service should the solutions architect choose to meet the requirement of data delivery of less than 10 seconds?
Answer:- Amazon Kinesis Data Streams because it has lower latency when compared to Amazon Kinesis Data Firehose, which has a minimum buffer of 60 seconds.
20. A consultant needs to recommend a disaster recovery solution for a company with a 7 TB Amazon Redshift cluster. The company requires a backup in another Region from the primary Region. Which is the most cost-effective solution?
Answer:- Enable cross-Region snapshots to a different region.
21. In an application, Amazon S3 sends a message to an Amazon Simple Queue Service (Amazon SQS) queue whenever there is an image upload event. A single EC2 instance reads the message from the queue, then loads the image from S3 and processes it. Image meta data is stored in an on-demand Amazon DynamoDB table. If predicted traffic increases by ten times, which component will need reconfiguration to scale?
Answer:- EC2 instance
22. A developer was just hired by a large organization that uses many different AWS services in their environment. They were instructed to configure a web application using stateless web servers. Which services can they use to handle session state data? (Select TWO.)
Answer:- a) Amazon ElastiCache
b) Amazon DynamoDB
23. An e-commerce platform currently uses dependent Amazon EC2 instances for operations. During high-traffic periods like sales events, increased load on one service disrupts all the interconnected services, affecting the overall performance. Which Amazon service should be added to solve this problem?
Answer:- Amazon Simple Queue Service (Amazon SQS)
24. A company is launching a Linux instance that will be used to host a high-performing Redis database. They want to select an instance type that is best suited for the workload. Which instance type should they choose when they launch the instance?
Answer:- Memory optimized instance type
25. A company need to launch a Linux instance that will host a database. The instance needs to stop on occasion to perform maintenance tasks. Which storage solution should they choose for the data?
Answer:- Amazon Elastic Block Store (Amazon EBS)
26. A cloud architect has a development PostgreSQL database running on Amazon RDS. It was being used to test a production database with a heavy read-write workload. Testing is complete, and they want to delete the database. Company policy requires storage of development database backups for 6 months after deletion. How can you accomplish this?
Answer:- Take a snapshot, and store it for 6 months.
27. A manager needs to implement a disaster recovery strategy for an architecture that is hosted on AWS. She knows that the workload is not critical to the business, so keeping costs low is more important than the speed of recovery. Which disaster recover strategy should she implement?
Answer:- Back-up and restore
thank you for all the guides!!! when will you post the latest capstone project for AWS Academy Cloud Architecting 3? badly need one! Thank You😁