AWS-Solution-Architect-Associate Free Practice Test

- (Topic 4)
A company's application runs on Amazon EC2 instances that are in multiple Availability Zones. The application needs to ingest real-time data from third-party applications.
The company needs a data ingestion solution that places the ingested raw data in an Amazon S3 bucket.
Which solution will meet these requirements?

1. A. Create Amazon Kinesis data streams for data ingestio
2. B. Create Amazon Kinesis Data Firehose delivery streams to consume the Kinesis data stream
3. C. Specify the S3 bucket as the destination of the delivery streams.
4. D. Create database migration tasks in AWS Database Migration Service (AWS DMS). Specify replication instances of the EC2 instances as the source endpoint
5. E. Specify the S3 bucket as the target endpoin
6. F. Set the migration type to migrate existing data and replicate ongoing changes.
7. G. Create and configure AWS DataSync agents on the EC2 instance
8. H. Configure DataSynctasks to transfer data from the EC2 instances to the S3 bucket.
9. I. Create an AWS Direct Connect connection to the application for data ingestio
10. J. Create Amazon Kinesis Data Firehose delivery streams to consume direct PUT operations from the applicatio
11. K. Specify the S3 bucket as the destination of the delivery streams.

Correct Answer: A
The solution that will meet the requirements is to create Amazon Kinesis data streams for data ingestion, create Amazon Kinesis Data Firehose delivery streams to consume the Kinesis data streams, and specify the S3 bucket as the destination of the delivery streams. This solution will allow the company’s application to ingest real-time data from third-party applications and place the ingested raw data in an S3 bucket. Amazon Kinesis data streams are scalable and durable streams that can capture and store data from hundreds of thousands of sources. Amazon Kinesis Data Firehose is a fully managed service that can deliver streaming data to destinations such as S3, Amazon Redshift, Amazon OpenSearch Service, and Splunk. Amazon Kinesis Data Firehose can also transform and compress the data before delivering it to S3.
The other solutions are not as effective as the first one because they either do not support real-time data ingestion, do not work with third-party applications, or do not use S3 as the destination. Creating database migration tasks in AWS Database Migration Service (AWS DMS) will not support real-time data ingestion, as AWS DMS is mainly designed for migrating relational databases, not streaming data. AWS DMS also requires replication instances, source endpoints, and target endpoints to be compatible with specific database engines and versions. Creating and configuring AWS DataSync agents on the EC2 instances will not work with third-party applications, as AWS DataSync is a service that transfers data between on-premises storage systems and AWS storage services, not between applications. AWS DataSync also requires installing agents on the source or destination servers. Creating an AWS Direct Connect connection to the application for data ingestion will not use S3 as the destination, as AWS Direct Connect is a service that establishes a dedicated network connection between on-premises and AWS, not between applications and storage services. AWS Direct Connect also requires a physical connection to an AWS Direct Connect location.
References:
✑ Amazon Kinesis
✑ Amazon Kinesis Data Firehose
✑ AWS Database Migration Service
✑ AWS DataSync
✑ AWS Direct Connect

- (Topic 4)
A company runs an application on Amazon EC2 instances. The company needs to implement a disaster recovery (DR) solution for the application. The DR solution needs to have a recovery time objective (RTO) of less than 4 hours. The DR solution also needs to use the fewest possible AWS resources during normal operations.
Which solution will meet these requirements in the MOST operationally efficient way?

1. A. Create Amazon Machine Images (AMIs) to back up the EC2 instance
2. B. Copy the AMIs to a secondary AWS Regio
3. C. Automate infrastructure deployment in the secondary Region by using AWS Lambda and custom scripts.
4. D. Create Amazon Machine Images (AMIs) to back up the EC2 instance
5. E. Copy the AMIs to a secondary AWS Regio
6. F. Automate infrastructure deployment in the secondary Region by using AWS CloudFormation.
7. G. Launch EC2 instances in a secondary AWS Regio
8. H. Keep the EC2 instances in the secondary Region active at all times.
9. I. Launch EC2 instances in a secondary Availability Zon
10. J. Keep the EC2 instances in the secondary Availability Zone active at all times.

Correct Answer: B
it allows the company to implement a disaster recovery (DR) solution for the application that has a recovery time objective (RTO) of less than 4 hours and uses the fewest possible AWS resources during normal operations. By creating Amazon Machine Images (AMIs) to back up the EC2 instances and copying the AMIs to a secondary AWS Region, the company can create point-in-time snapshots of the application and store them in a different geographical location. By automating infrastructure deployment in the secondary Region by using AWS CloudFormation, the company can quickly launch a stack of resources from a template in case of a disaster. This is a cost-effective and operationally efficient way to implement a DR solution for EC2 instances. References:
✑ Amazon Machine Images (AMI)
✑ Copying an AMI
✑ AWS CloudFormation
✑ Working with Stacks

- (Topic 4)
A company uses Amazon S3 as its data lake. The company has a new partner that must use SFTP to upload data files A solutions architect needs to implement a highly available SFTP solution that minimizes operational overhead.
Which solution will meet these requirements?

1. A. Use AWS Transfer Family to configure an SFTP-enabled server with a publicly accessible endpoint Choose the S3 data lake as the destination
2. B. Use Amazon S3 File Gateway as an SFTP server Expose the S3 File Gateway endpoint URL to the new partner Share the S3 File Gateway endpoint with the newpartner
3. C. Launch an Amazon EC2 instance in a private subnet in a VP
4. D. Instruct the new partner to upload files to the EC2 instance by using a VP
5. E. Run a cron job script on the EC2 instance to upload files to the S3 data lake
6. F. Launch Amazon EC2 instances in a private subnet in a VP
7. G. Place a Network Load Balancer (NLB) in front of the EC2 instance
8. H. Create an SFTP listener port for the NLBShare the NLB hostname with the new partner Run a cron job script on the EC2 instances to upload files to the S3 data lake.

Correct Answer: A
This option is the most cost-effective and simple way to enable SFTP access to the S3 data lake. AWS Transfer Family is a fully managed service that supports secure file transfers over SFTP, FTPS, and FTP protocols. You can create an SFTP-enabled server with a public endpoint and associate it with your S3 bucket. You can also use AWS Identity and Access Management (IAM) roles and policies to control access to your S3 data lake. The service scales automatically to handle any volume of file transfers and provides high availability and durability. You do not need to provision, manage, or patch any servers or load balancers.
Option B is not correct because Amazon S3 File Gateway is not an SFTP server. It is a hybrid cloud storage service that provides a local file system interface to S3. You can use it to store and retrieve files as objects in S3 using standard file protocols such as NFS and SMB. However, it does not support SFTP protocol, and it requires deploying a file gateway appliance on-premises or on EC2.
Option C is not cost-effective or scalable because it requires launching and managing an EC2 instance in a private subnet and setting up a VPN connection for the new partner. This would incur additional costs for the EC2 instance, the VPN connection, and the data transfer. It would also introduce complexity and security risks to the solution. Moreover, it would require running a cron job script on the EC2 instance to upload files to the S3 data lake, which is not efficient or reliable.
Option D is not cost-effective or scalable because it requires launching and managing multiple EC2 instances in a private subnet and placing a NLB in front of them. This would incur additional costs for the EC2 instances, the NLB, and the data transfer. It would also introduce complexity and security risks to the solution. Moreover, it would require running a cron job script on the EC2 instances to upload files to the S3 data lake, which is not efficient or reliable. References:
✑ What Is AWS Transfer Family?
✑ What Is Amazon S3 File Gateway?
✑ What Is Amazon EC2?
✑ [What Is Amazon Virtual Private Cloud?]
✑ [What Is a Network Load Balancer?]

- (Topic 2)
A solutions architect needs to implement a solution to reduce a company's storage costs. All the company's data is in the Amazon S3 Standard storage class. The company must keep all data for at least 25 years. Data from the most recent 2 years must be highly available and immediately retrievable.
Which solution will meet these requirements?

1. A. Set up an S3 Lifecycle policy to transition objects to S3 Glacier Deep Archive immediately.
2. B. Set up an S3 Lifecycle policy to transition objects to S3 Glacier Deep Archive after 2 years.
3. C. Use S3 Intelligent-Tierin
4. D. Activate the archiving option to ensure that data is archived in S3 Glacier Deep Archive.
5. E. Set up an S3 Lifecycle policy to transition objects to S3 One Zone-Infrequent Access (S3 One Zone-IA) immediately and to S3 Glacier Deep Archive after 2 years.

Correct Answer: B
https://aws.amazon.com/about-aws/whats-new/2018/04/announcing-s3-one-zone-infrequent-access-a-new-amazon-s3-storage-class/?nc1=h_ls

- (Topic 4)
A company is deploying a new application to Amazon Elastic Kubernetes Service (Amazon EKS) with an AWS Fargate cluster. The application needs a storage solution for data persistence. The solution must be highly available and fault tolerant. The solution also must be shared between multiple application containers.
Which solution will meet these requirements with the LEAST operational overhead?

1. A. Create Amazon Elastic Block Store (Amazon EBS) volumes in the same Availability Zones where EKS worker nodes are place
2. B. Register the volumes in a StorageClass object on an EKS cluste
3. C. Use EBS Multi-Attach to share the data between containers.
4. D. Create an Amazon Elastic File System (Amazon EFS) file syste
5. E. Register the file system in a StorageClass object on an EKS cluste
6. F. Use the same file system for all containers.
7. G. Create an Amazon Elastic Block Store (Amazon EBS) volum
8. H. Register the volume in a StorageClass object on an EKS cluste
9. I. Use the same volume for all containers.
10. J. Create Amazon Elastic File System (Amazon EFS) file systems in the same Availability Zones where EKS worker nodes are place
11. K. Register the file systems in a StorageClass object on an EKS cluste
12. L. Create an AWS Lambda function to synchronize the data between file systems.

Correct Answer: B
Amazon EFS is a fully managed, elastic, and scalable file system that can be shared between multiple containers. It provides high availability and fault tolerance by
replicating data across multiple Availability Zones. Amazon EFS is compatible with Amazon EKS and AWS Fargate, and can be registered in a StorageClass object on an EKS cluster. Amazon EBS volumes are not supported by AWS Fargate, and cannot be shared between multiple containers without using EBS Multi-Attach, which has limitations and performance implications. EBS Multi-Attach also requires the volumes to be in the same Availability Zone as the worker nodes, which reduces availability and fault tolerance. Synchronizing data between multiple EFS file systems using AWS Lambda is unnecessary, complex, and prone to errors. References:
✑ Amazon EFS Storage Classes
✑ Amazon EKS Storage Classes
✑ Amazon EBS Multi-Attach