Home Amazon Web Services AWS Certified Solutions Architect Professional – Free Practice Tests

AWS Certified Solutions Architect Professional – Free Practice Tests

3186

This AWS practice test helps you to pass the following AWS exams and can also helps you to revise the AWS concepts if you are preparing for AWS interviews.

AWS Certified Solutions Architect Professional
AWS Certified Solutions Architect Associate
AWS Certified Cloud Practitioner

Below AWS practice tests has two different Modes

Learning Mode: 25 questions per test with answers and explanation, no time limit, repeat tests
Exam Mode: 75 questions per test (similar to real AWS exam), 180 minutes, repeat tests

BackNext

1. AWS Certified Solutions Architect Professional – Learning Mode

/25

0 votes, 0 avg

AWS Certified Solutions Architect Professional - Learning Mode

1 / 25

A legacy application in your company has been deployed in a single availability zone. It is used only sporadically but must be available nevertheless. Due to your heavy administrative workload, you wish to automate a process that will rebuild the application automatically if it fails. What action should you take?

Perform snapshots of EBS volumes on a set schedule.

Monitor the server availability using Cloud Watch metrics to receive alerts of health check failures.

Configure the server in an auto scaling group with a minimum and maximum size of one

Add an additional availability zone and a load balancer.

Explanation

Auto scaling provides redundancy for a single server with the option of launching a configuration using the attributes from a running instance. When you use this option, auto scaling copies the attributes from the specified instance into a template from which you can launch one or more auto scaling groups.

Note that if the specified instance has properties that are not currently supported by auto scaling, instances launched by auto scaling using the launch configuration created from the identified instance might not be identical to the identified instance.

Explanation

2 / 25

You are responsible for a web application where the web server instances are hosted in auto-scaling group. You discover the following after monitoring your application workload for the past year:

You need a minimum of nine EC2 instances to handle the lowest levels of activity during non-business hours.
During local business hours, you require between 12-16 instances.
Roughly 35 percent of non-business workload involves backend data processing and analysis.

With this information, what recommendations would you make to minimize operating costs while providing the required availability?

Purchase nine standard reserved instances to handle the minimum workload. Purchase three scheduled reserved instances to run during non-business hours. Purchase spot instances to handle additional capacity needs

Purchase 6 standard reserved instances to handle minimum workload. Purchase 6 convertible reserved instances to run during local business hours, and on-demand instances to handle additional capacity needs. Purchase scheduled reserved instances to handle the data processing workload

Purchase nine convertible reserved instances to handle the minimum workload. Purchase three scheduled reserved instances to run during local business hours. Purchase spot instances to handle additional capacity needs. Purchase scheduled reserved instances to handle the data processing workload

Purchase 6 standard reserved instances to handle minimum workload. Purchase 6 scheduled reserved instances to run during local business hours, and on-demand instances to handle additional capacity needs. Purchase spot instances to handle the data processing workload.

Explanation

The spot instances are ideal for the data processing workload during non-business hours, and deducting those instances from your minimum workload requirements leaves roughly six instances that are running all day. Purchase six standard reserved instances to meet this need with the greatest discount. You can then schedule reserved instances to run during business hours to meet the increase, and on-demand instances to scale as needed while providing necessary availability.

Explanation

3 / 25

A customer has a website which shows all the sales available in leading online and brick-and-mortar stores.

Currently, the website's web, application, and database tiers are hosted on five large, on-demand EC2 instances to manage day-to-day traffic. However, from late November through the end of December, the website traffic quadruples the normal rate for various periods, sometimes a few minutes, and sometimes a few hours. During the peaks in activity, the website requires up to 20 large instances.

The level of activity is not predictable. It is also prone to large, sudden spikes at random times based on when various temporary sales are available. The site's traffic can quadruple in a matter of minutes.

Which option is the most cost-effective and achieves better performance to handle these peaks in traffic reliably?

Purchase 5 Scheduled reserved instances immediately. Add 15 on-demand instances to run continuously from late November through the end of December.

Launch ten on-demand instances running continuously, and manually launch ten instances every day during office hours based on workload metrics as needed.

Purchase 5 Standard reserved instances immediately. Add five on-demand instances during the from late November through the end of December, and create an auto scaling group to scale out an additional ten instances based on the workload metrics as needed.

Purchase 5 Standard reserved instances immediately. Add ten on-demand instances to run continuously from late November through the end of December. Create an auto scaling group to scale out an additional five instances based on the workload metrics as needed.

Explanation

AWS provides an on-demand, scalable infrastructure. Amazon EC2 allows the user to launch On-Demand instances and the organization should create an AMI of the running instance. When the organization is experiencing varying loads and the time of the load is not known but it is higher than the routine traffic it is recommended that the organization launches a few instances beforehand and then setups AutoScaling with policies which scale up and down as per the EC2 metrics, such as Network I/O or CPU utilization.

If the organization keeps all ten additional instances as a part of the AutoScaling policy sometimes during a sudden higher load, it may take time to launch instances and may not give optimal performance. This is the reason it is recommended that the organization keeps an additional five instances running and the next five instances scheduled as per the AutoScaling policy for cost-effectiveness.

Additionally, the website has established a baseline of normal workload outside of the peak season, so they can invest in Standard reserved instances to manage this workload and save dramatically on compute resource costs.

Explanation

4 / 25

An international web journal hosted on AWS handles requests for technical publications. The front-end tier is hosted in a VPC with multiple availability zones, auto-scaling groups, and cross zone load-balancing. RDS hosts the application database responsible for indexing and searching the content, and technical journals are served from S3 buckets. At certain times, specific professional journals became quite popular, causing viewing delays. Which additional components could be utilized in your architecture to help improve performance? (Choose 2 answers)

Utilize ElasticCache with Lazy Loading to cache popular searches and indexes

Deploy CloudFront to help with content delivery to users in remote geographic locations

Utilize the SQS service to speed up response to requests

Add cross-region replication to S3 buckets hosting your journals

Explanation

Lazy loading keeps the cache up to date based only on requests, which avoids filling up the cache needlessly, but if data is only written to the cache when there is a cache miss, data in the cache can become stale since there are no updates to the cache when data is changed in the database. This issue is addressed by using lazy loading in conjunction with write through, which adds data or updates data in the cache whenever data is written to the database. You may also use CloudFront to optimize your caching. By default, CloudFront doesn't consider headers when caching your objects in edge locations. If your origin returns two objects and they differ only by the values in the request headers, CloudFront caches only one version of the object

Explanation

5 / 25

Your client has submitted a change request to improve security on their S3 buckets. You have decided to allow two administrators to manage the buckets, and are setting up an IAM role for the admins. Your client approves of the two admins having some access, but does not want them to be able to review potentially valuable business information stored within the files. Which operations would you allow this admin role to perform? (Choose 3 answers)

Create and delete a bucket

Delete an object

List keys in a bucket

Get an object

Explanation

The Amazon S3 API is intentionally simple with only a handful of common operations. They include: create/delete a bucket, write an object, read an object, delete an object, and list keys in a bucket.

Explanation

The Amazon S3 API is intentionally simple with only a handful of common operations. They include: create/delete a bucket, write an object, read an object, delete an object, and list keys in a bucket.

6 / 25

If you determine that the resources on a launched Amazon EC2 instance are insufficient to handle the workload of an application, you can resize the instance without performing any migration as long as your root device is a(n) ____________.

instance store

EBS volume

S3 bucket

EFS filesystem

Explanation

As your needs change, you might find that your instance is over-utilized (the instance type is too small) or under-utilized (the instance type is too large). If the root device for your instance is an Elastic Block Store (EBS) volume, you can change the size of the instance simply by changing its instance type, which is known as resizing it. If the root device for your instance is an instance store volume, you must migrate your application to a new instance with the instance type that you want

Explanation

7 / 25

You have created an S3 bucket where project managers can upload their projects' files. Project files change frequently, so retaining multiple copies of files when changes occur is essential. Each project is also considered confidential, each project file must be encrypted at rest when stored in S3.

How could you meet these requirements for your bucket and contents?

Delete all prior versions after a certain timestamp alert is met

Each PM should compress project files and assign a password for compressed files, and encryption needs to be enabled on the bucket

Enable versioning for the S3 bucket, and encrypt project files using client-side or server-side encryption

Server-side encryption should be enabled on the S3 bucket

Explanation

Versioning provides redundancy as it keeps multiple variants of an object in the same bucket. You can use versioning to preserve, retrieve, and restore every version of every object stored in your Amazon S3 bucket. With versioning, you can easily recover from both unintended user actions and application failures.

Explanation

8 / 25

You are configuring a new VPC for one of your clients for a cloud migration project, and only a public VPN will be in place. After you created your VPC, you created a new subnet, a new Internet gateway, and attached your internet gateway to your VPC. When you launched your first instance into your VPC, you realized that you aren't able to connect to the instance, even if it is configured with an elastic IP. What should be done to access the instance?

Attach another ENI to the instance and connect via new ENI.

A route should be created as 0.0.0.0/0 and your internet gateway as target.

A NAT instance should be created and all traffic should be forwarded to NAT instance

A NACL should be created that allows all outbound traffic

Explanation

All traffic should be routed via Internet Gateway. So, a route should be created with 0.0.0.0/0 as a source, and your Internet Gateway as your target.

Explanation

All traffic should be routed via Internet Gateway. So, a route should be created with 0.0.0.0/0 as a source, and your Internet Gateway as your target.

9 / 25

Your team has found that a client's load balancer needs to be configured with support for SSL offload using the default security policy. When negotiating the SSL connections between the client and the load balancer, you want the load balancer to determine which cipher is used for the SSL connection. Which actions perform this process on the load balancer? (Choose 3 answers)

Select a client configuration preference option

Choose the server order preference option

Enable SSL offload.

Select the default security policy.

Explanation

Elastic Load Balancing uses a Secure Socket Layer (SSL) negotiation configuration, known as a security policy, to negotiate SSL connections between a client and the load balancer. A security policy is a combination of SSL protocols, SSL ciphers, and the Server Order Preference option.

Explanation

10 / 25

You are an AWS Solutions Architect helping a client plan a migration to the AWS cloud. The client is very cost-conscious and needs to understand the budget implications of any design decisions prior to signing off. Now that you’ve identified the resources that must be created in the AWS environment to support the migration, what tool could you use to help project future costs given this information?

Simple Monthly Calculator

Cost Explorer

Detailed Billing Reports

TCO Calculator

Explanation

The Simple Monthly Calculator is used to calculate projected costs, assuming you know what AWS resources you’ll be consuming.

Explanation

The Simple Monthly Calculator is used to calculate projected costs, assuming you know what AWS resources you’ll be consuming.

11 / 25

You are setting up your first Amazon Virtual Private Cloud (Amazon VPC) so you decide to use the VPC wizard in the AWS console to help make it easier for you. Which of the following statements is correct regarding instances that you launch into a default subnet via the VPC wizard?

Instances that you launch into a default subnet receive both a public IP address and a private IP address.

Instances that you launch into a default subnet receive a public IP address and 10 private IP addresses.

Instances that you launch into a default subnet receive a public IP address and 5 private IP addresses.

Instances that you launch into a default subnet don't receive any ip addresses and you need to define them manually.

Explanation

Instances that you launch into a default subnet receive both a public IP address and a private IP address. Instances in a default subnet also receive both public and private DNS hostnames. Instances that you launch into a nondefault subnet in a default VPC don't receive a public IP address or a DNS hostname. You can change your subnet's default public IP addressing behavior

Explanation

12 / 25

You are migrating your Oracle database using the AWS Database Migration Service. Due to a large amount of data being replicated, you need the replication process to be continuous. What must be changed on your replication instance to use ongoing replication?

Disable Multi-AZ on the target instance

Increase the number of tables that are cached in RAM.

Enable the Multi-AZ option on the replication instance.

Disable backups on the target instance

Explanation

Enabling the Multi-AZ option provides high availability and failover support for the replication instance

Explanation

Enabling the Multi-AZ option provides high availability and failover support for the replication instance

13 / 25

Your company is planning to deploy a hybrid environment linking their on-premise database to an application hosted at AWS. When considering performance rather than security, what are key concerns when designing a network between AWS and the on-site database? (Choose 2 answers)

Control of data resources

Private network access

Network latency

Network bandwidth

Explanation

Since the database is not located in the same location as the application servers, network latency and bandwidth could potentially be an issue

Explanation

Since the database is not located in the same location as the application servers, network latency and bandwidth could potentially be an issue

14 / 25

You work for a company that automatically tags photographs using artificial neural networks (ANNs), which run on GPUs using C++. You receive millions of images in one batch, with an average of 3 batches per day. These images are loaded into an Amazon S3 bucket you control for you in a batch, and then the customer publishes a JSON-formatted manifest into another S3 bucket you control as well. Each image takes 10 milliseconds to process using a full GPU. Your neural network software requires 5 minutes to bootstrap. Image tags are JSON objects, and you must publish them to an S3 bucket.

Which of these is the best system architectures for this system?

Make an S3 notification configuration which publishes to AWS Lambda on the manifest bucket. Make the Lambda create a CloudFormation Stack which contains the logic to construct an autoscaling worker tier of EC2 G2 instances with the ANN code on each instance. Create an SQS queue of the images in the manifest. Tear the stack down when the queue is empty.

Deploy your ANN code to AWS Lambda as a bundled binary for the C++ extension. Make an S3 notification configuration on the manifest, which publishes to another AWS Lambda running controller code. This controller code publishes all the images in the manifest to AWS Kinesis. Your ANN code Lambda Function uses the Kinesis as an Event Source. The system automatically scales when the stream contains image events

Create an OpsWorks Stack with two Layers. The first contains lifecycle scripts for launching and bootstrapping an HTTP API on G2 instances for ANN image processing, and the second has an always-on instance which monitors the S3 manifest bucket for new files. When a new file is detected, request instances to boot on the ANN layer. When the instances are booted and the HTTP APIs are up, submit processing requests to individual instances

Create an Auto Scaling, Load Balanced Elastic Beanstalk worker tier Application, and Environment. Deploy the ANN code to G2 instances in this tier. Set the desired capacity to 1. Make the code periodically check S3 for new manifests. When a new manifest is detected, push all of the images in the manifest into the SQS queue associated with the Elastic Beanstalk worker tier.

Explanation

The Elastic Beanstalk option is incorrect because it requires a constantly-polling instance, which may break and costs money.

The Lambda fleet option is incorrect because AWS Lambda does not support GPU usage.

The OpsWorks stack option both requires a constantly-polling instance, and also requires complex timing and capacity planning logic.

The CloudFormation option requires no polling, has no always-on instances, and allows arbitrarily fast processing by simply setting the instance count as high as needed.

Explanation

The Elastic Beanstalk option is incorrect because it requires a constantly-polling instance, which may break and costs money.

The Lambda fleet option is incorrect because AWS Lambda does not support GPU usage.

The OpsWorks stack option both requires a constantly-polling instance, and also requires complex timing and capacity planning logic.

The CloudFormation option requires no polling, has no always-on instances, and allows arbitrarily fast processing by simply setting the instance count as high as needed.

15 / 25

Your team is setting up DynamoDB for a client. You need to explain to them how DynamoDB tables are partitioned. Which calculations are used to determine the number of partitions that will be created? (Choose 2 answers)

The total RCU divided by 3000 + total WCU divided by 1000

The total table size divided by 10 GB

The total RCU divided by 5000 + total WCU divided by 1000

The total table size divided by 40 GB

Explanation

DynamoDB tables are portioned based on the following: First, calculate total RCU/3000 + total WCU/1000. Then calculate the total size/10 GB. Then round up the higher of the two results.

Explanation

DynamoDB tables are portioned based on the following: First, calculate total RCU/3000 + total WCU/1000. Then calculate the total size/10 GB. Then round up the higher of the two results.

16 / 25

You are configuring Amazon Route 53 to route traffic destined for yourwebsite.com to an Application Load Balancer that is configured to distribute traffic in two availability zones in the same AWS region. Which record set should you edit to point traffic for yourwebsite.com to your Application Load Balancer? Select the answer that is the most cost-effective and scalable.

CNAME

Alias

Explanation

yourwebsite.com is a zone apex. Alias record sets can be used to set a zone apex, but CNAME records cannot. Additionally, queries to Alias records that are mapped to an ELB are free. A records are used to map IPv4 addresses to FQDNs, the IP address of the ELB may change. MX records are used for email servers.

Explanation

17 / 25

Your company is migrating into Amazon Web Services and has selected the US East region in which to operate. The majority of your work involves interfacing with government departments in the United States and Germany. Your company expects the deployment into the cloud to be up and running in a minimum of time. Before deploying any resources in the European region, what should be your first consideration?

Industry rules and standards

European privacy laws

The pre-warming storage and load balancers

The number of web servers to deploy

Explanation

Privacy laws in foreign countries will dictate compliance rules and regulations. AWS customers remain responsible for complying with applicable compliance laws and regulations.

Explanation

Privacy laws in foreign countries will dictate compliance rules and regulations. AWS customers remain responsible for complying with applicable compliance laws and regulations.

18 / 25

You are looking for a simple way to configure high availability for your EC2 instances. You need to create a plan for replacing unhealthy or failed instances. It is acceptable to have a short amount of downtime to keep costs down. Which process is appropriate for achieving this?

Create a custom AMI of your EC2 instance, and configure a CloudWatch alarm based on StatusCheckFailed_Instance with an EC2 action of “Recover this instance.”

Create a custom AMI and use it to create an Auto Scaling Launch Configuration; then create a “Steady State” auto scaling policy using a minimum of 2 instances and a maximum of 2 instances.

Create a custom AMI of your EC2 instance, and configure a CloudWatch alarm based on StatusCheckFailed_Instance with an EC2 action of “Reboot this instance.”

Create a custom AMI of your EC2 instances. Use the custom AMI to create a new EC2 instance if there are issues with a current EC2 instance, and move the EIP to the new instance.

Explanation

Creating a custom AMI of the instance for which you are trying to provide HA allows you to bring the instance online quickly with no build time. Moving the EIP from the instance, you are replacing to the new instance will send all traffic to the new instance without any change to DNS, which would take time to propagate. Using the AutoRecover option will not replace the unhealthy or failing instance. It will only try to restart it on another host. Creating a “Steady State” Auto Scaling Group would also be a good solution, although using two as a minimum would have a higher cost.

Explanation

19 / 25

While monitoring your application servers hosted behind an elastic load balancer, you discover that the servers always operate at between 75 and 80% of their capacity after five minutes of operation. Also, there is a constant number of servers being marked as unhealthy very early in their initial lifecycle. Upon further analysis, you also discover that your servers are taking between three and four minutes to become operational after launch. What two tasks should you complete as soon as possible? (Choose 2 answers)

Decrease the length of your scaling cool down period

Increase the size of instances in your launch configuration.

Increase the maximum number of instances in your auto-scaling group

Increase the length of your scaling cool down period

Explanation

A prolonged grace period and a larger number of instances will solve these issues. You can use scaling policies to increase or decrease the number of running EC2 instances in your group automatically to meet changing conditions. When the scaling policy is in effect, the Auto Scaling group adjusts the desired capacity of the group and launches or terminates the instances as needed. If you manually scale or scale on a schedule, you must adjust the desired capacity of the group for the changes to take effect.

Explanation

20 / 25

After reviewing the reports from AWS Trusted Advisor, your company has decided to enable multi-factor authentication for IAM users and the root account. Which of the following MFA options can be used for both account types? (Choose 2 answers)

Hardware MFA Device

SNS Notification Service

AWS Security Token Service

A software-based Virtual MFA device

Explanation

For increased security, AWS recommends that you configure multi-factor authentication (MFA) to help protect your AWS resources. MFA adds extra security because it requires users to enter a unique authentication code from an approved authentication device or SMS text message when they access AWS websites or services. This type of MFA requires you to assign an MFA device (hardware or virtual) to the IAM user or the AWS root account.

Explanation

21 / 25

You are configuring a new nondefault VPC for a client's cloud migration project with the following components:

one public subnet
a default network access control list with no custom rules
an internet gateway
a main route table with a local route for your VPC

You then launch an instance to support the client's migration which includes the following:

an AWS assigned DNS hostname
an AWS assigned private IP address
an AWS assigned public IP address
associated with a default security group with no custom rules.

You want to connect to the public internet through your instance, but cannot. What could you do to resolve this?

Create a NAT instance, and forward all traffic to the NAT instance

You should modify your NACL to allow all inbound and outbound traffic

Attach a secondary ENI to the instance and connect via the ENI.

Add a route with 0.0.0.0/0 as the destination and the internet gateway as the target.

Explanation

Default security groups and NACLs allow inbound and outbound traffic. All traffic should be routed via internet gateway, so a route should be created with 0.0.0.0/0 as a source, and with your Internet Gateway as the target.

Explanation

22 / 25

You are an engineer at a large bank, responsible for managing your firm’s AWS infrastructure. The finance team has approached you, indicating their concern over the growing AWS budget, and has asked you to investigate ways to lower it. Since your firm has enterprise-level support, you decide to use the AWS Trusted Advisor tool for this effort. What are some of the cost optimization checks that Trusted Advisor will perform? (Choose 3 answers)

Underutilized Amazon Redshift Clusters

Idle Load Balancers

EC2 Spot Instance Optimization

Underutilized Amazon EBS Volumes

Explanation

Trusted Advisor checks for Amazon EC2 reserved instances optimization, low utilization of Amazon EC2 instances, idle Load Balancers, underutilized Amazon EBS Volumes, unassociated Elastic IP Addresses, Amazon RDS idle DB instances, Amazon Route 53 Latency Resource Record Sets, Amazon EC2 reserved instance lease expiration and underutilized Amazon Redshift Clusters

Explanation

23 / 25

After monitoring your online sales application for the last two weeks of holiday sales, it is apparent that your database tier’s current architectural design is not sufficient. Your database is currently managed within Amazon RDS. The decision is made to scale your instance to a greater size based on database recommendations from the vendor. Your current database storage type is magnetic, and storage usage is currently at 70%.

Which modifications could potentially improve the performance of your database? (Choose 2 answers)

Increase the number of read replicas.

Decrease the currently allocated storage space

Increase the currently allocated storage space

Change the storage type to general-purpose SSD.

Explanation

When scaling a database, you can increase the storage capacity of a DB Instance up to a maximum of 64 terabytes (TiB). Please note that scaling the storage allocation with Amazon RDS does not incur a database outage. The performance will be increased as well.

Explanation

24 / 25

You have been assigned to a client who has an existing AWS cloud environment. They are already using CloudFormation to deploy web dev, test, and production environments. You immediately recognize that they are using the same CloudFormation template for dev and production. The Project Plan calls for major performance testing at the end of the project and the client wants to cut cost wherever possible. You recommend using smaller EC2 instances for the Developers dev environments. What section of a CloudFormation template can you use to deploy variable sized instances depending on the environment?

Mappings

Metadata

Conditions

Transform

Explanation

The conditions section of a CloudFormation template defines conditions that control whether certain resources are created or whether certain resource properties are assigned a value during stack creation or update. For example, you could conditionally create a resource that depends on whether the stack is for a production or test environment

Explanation

25 / 25

Your client has contacted you about an existing AWS cloud environment that they have. They have a large number of T2 large instances in a VPC but have statistics indicating they may need larger instances soon. Another consideration is the company's limited budget to add new instances and/or upgrade its current instances. However, they need to do something and are relying on you to provide a solution. This company has used its existing instances for over 3 years and expects a similar lifespan for any new solution.

What changes would best address the issues with their compute resources? (Choose 2 answers)

Replace T2 large instances with large general purpose instances.

Upgrade to Enhanced Networking instances.

Use spot instances to supplement the existing instances.

Upgrade to standard reserved instances

Explanation

T2 instances are Burstable Performance Instances that provide a baseline level of CPU performance with the ability to burst above the baseline. The baseline performance and ability to burst are governed by CPU Credits. M4 instances are the latest generation of General Purpose Instances. This family provides a balance of compute, memory, and network resources, and it is a good choice for many applications. In this instance, the only option which provides for growth while keeping costs in check is to upgrade to reserved M4 instances on a long term 3 year contract.

Explanation

Your score is

LinkedIn Facebook Twitter

Please rate your experience to help us improve !

BackNext

TAGS
AWS Certification
Cloud Certification
Professional

Facebook

Twitter

Digg

Previous articleAWS Certified Solutions Architect Associate (SAA02) – Free Practice Tests

Anil K Y Ommi

Cloud Solutions Architect with more than 10 years of experience in designing & deploying application in multiple cloud platforms. Owner of Mycloudwiki.com and tsmtutorials.com tech blogs. Email me if you are interested in writing tech articles.

AWS Certified Solutions Architect Associate (SAA02) – Free Practice Tests