AWS-Solution-Architect-Associate Free Practice Test

- (Exam Topic 3)
A company is building a mobile app on AWS. The company wants to expand its reach to millions of users The company needs to build a platform so that authorized users can watch the company's content on their mobile devices
What should a solutions architect recommend to meet these requirements?

1. A. Publish content to a public Amazon S3 bucke
2. B. Use AWS Key Management Service (AWS KMS) keys to stream content.
3. C. Set up IPsec VPN between the mobile app and the AWS environment to stream content
4. D. Use Amazon CloudFront Provide signed URLs to stream content.
5. E. Set up AWS Client VPN between the mobile app and the AWS environment to stream content.

Correct Answer: A

- (Exam Topic 1)
A company has a data ingestion workflow that consists the following:
An Amazon Simple Notification Service (Amazon SNS) topic for notifications about new data deliveries
An AWS Lambda function to process the data and record metadata
The company observes that the ingestion workflow fails occasionally because of network connectivity issues. When such a failure occurs, the Lambda function does not ingest the corresponding data unless the company manually reruns the job.
Which combination of actions should a solutions architect take to ensure that the Lambda function ingests all data in the future? (Select TWO.)

1. A. Configure the Lambda function In multiple Availability Zones.
2. B. Create an Amazon Simple Queue Service (Amazon SQS) queue, and subscribe It to me SNS topic.
3. C. Increase the CPU and memory that are allocated to the Lambda function.
4. D. Increase provisioned throughput for the Lambda function.
5. E. Modify the Lambda function to read from an Amazon Simple Queue Service (Amazon SQS) queue

Correct Answer: BE

- (Exam Topic 2)
A gaming company hosts a browser-based application on AWS. The users of the application consume a large number of videos and images that are stored in Amazon S3. This content is the same for all users.
The application has increased in popularity, and millions of users worldwide are accessing these media files. The company wants to provide the files to the users while reducing the load on the origin.
Which solution meets these requirements MOST cost-effectively?

1. A. Deploy an AWS Global Accelerator accelerator in front of the web servers.
2. B. Deploy an Amazon CloudFront web distribution in front of the S3 bucket.
3. C. Deploy an Amazon ElastiCache for Redis instance in front of the web servers.
4. D. Deploy an Amazon ElastiCache for Memcached instance in front of the web servers.

Correct Answer: B

- (Exam Topic 3)
A company’s security team requests that network traffic be captured in VPC Flow Logs. The logs will be frequently accessed for 90 days and then accessed intermittently.
What should a solutions architect do to meet these requirements when configuring the logs?

1. A. Use Amazon CloudWatch as the targe
2. B. Set the CloudWatch log group with an expiration of 90 days
3. C. Use Amazon Kinesis as the targe
4. D. Configure the Kinesis stream to always retain the logs for 90 days.
5. E. Use AWS CloudTrail as the targe
6. F. Configure CloudTrail to save to an Amazon S3 bucket, and enable S3 Intelligent-Tiering.
7. G. Use Amazon S3 as the targe
8. H. Enable an S3 Lifecycle policy to transition the logs to S3 Standard-Infrequent Access (S3 Standard-IA) after 90 days.

Correct Answer: D
There's a table here that specifies that VPC Flow logs can go directly to S3. Does not need to go via CloudTrail and then to S3. Nor via CW.
https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html#AWS-logs-i

- (Exam Topic 1)
A company hosts an application on multiple Amazon EC2 instances The application processes messages from an Amazon SQS queue writes to an Amazon RDS table and deletes the message from the queue Occasional duplicate records are found in the RDS table. The SQS queue does not contain any duplicate messages.
What should a solutions architect do to ensure messages are being processed once only?

1. A. Use the CreateQueue API call to create a new queue
2. B. Use the Add Permission API call to add appropriate permissions
3. C. Use the ReceiveMessage API call to set an appropriate wail time
4. D. Use the ChangeMessageVisibility APi call to increase the visibility timeout

Correct Answer: D
The visibility timeout begins when Amazon SQS returns a message. During this time, the consumer processes and deletes the message. However, if the consumer fails before deleting the message and your system doesn't call the DeleteMessage action for that message before the visibility timeout expires, the message becomes visible to other consumers and the message is received again. If a message must be received only once, your consumer should delete it within the duration of the visibility timeout. https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-visibility-timeout.html
Keyword: SQS queue writes to an Amazon RDS From this, Option D best suite & other Options ruled out [Option A - You can't intruduce one more Queue in the existing one; Option B - only Permission & Option C - Only Retrieves Messages] FIF O queues are designed to never introduce duplicate messages. However, your message producer might introduce duplicates in certain scenarios: for example, if the producer sends a message, does not receive a response, and then resends the same message. Amazon SQS APIs provide deduplication functionality that prevents your message producer from sending duplicates. Any duplicates introduced by the message producer are removed within a 5-minute deduplication interval. For standard queues, you might occasionally receive a duplicate copy of a message (at-least- once delivery). If you use a standard queue, you must design your applications to be idempotent (that is, they must not be affected adversely when processing the same message more than once).