New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

SAP-C02 Amazon Web Services Exam Lab Questions

Previous
Page: 18 / 35
Next
Question 72

A company is developing a web application that runs on Amazon EC2 instances in an Auto Scaling group behind a public-facing Application Load Balancer (ALB). Only users from a specific country are allowed to access the application. The company needs the ability to log the access requests that have been blocked. The solution should require the least possible maintenance.

Which solution meets these requirements?

Options:

A.

Create an IPSet containing a list of IP ranges that belong to the specified country. Create an AWS WAF web ACL. Configure a rule to block any requests that do not originate from an IP range in the IPSet. Associate the rule with the web ACL. Associate the web ACL with the ALB.

B.

Create an AWS WAF web ACL. Configure a rule to block any requests that do not originate from the specified country. Associate the rule with the web ACL. Associate the web ACL with the ALB.

C.

Configure AWS Shield to block any requests that do not originate from the specified country. Associate AWS Shield with the ALB.

D.

Create a security group rule that allows ports 80 and 443 from IP ranges that belong to the specified country. Associate the security group with the ALB.

Question 73

A scientific company needs to process text and image data from an Amazon S3 bucket. The data is collected from several radar stations during a live, time-critical phase of a deep space mission. The radar stations upload the data to the source S3 bucket. The data is prefixed by radar station identification number.

The company created a destination S3 bucket in a second account. Data must be copied from the source S3 bucket to the destination S3 bucket to meet a compliance objective. The replication occurs through the use of an S3 replication rule to cover all objects in the source S3 bucket.

One specific radar station is identified as having the most accurate data. Data replication at this radar station must be monitored for completion within 30 minutes after the radar station uploads the objects to the source S3 bucket.

What should a solutions architect do to meet these requirements?

Options:

A.

Set up an AWS DataSync agent to replicate the prefixed data from the source S3 bucket to the destination S3 bucket. Select to use all available bandwidth on the task, and monitor the task to ensure that it is in the TRANSFERRING status. Create an Amazon EventBridge (Amazon CloudWatch Events) rule to trigger an alert if this status changes.

B.

In the second account, create another S3 bucket to receive data from the radar station with the most accurate data. Set up a new replication rule for this new S3 bucket to separate the replication from the other radar stations. Monitor the maximum replication time to the destination. Create an Amazon EventBridge (Amazon CloudWatch Events) rule to trigger an alert when the time exceeds the desired threshold.

C.

Enable Amazon S3 Transfer Acceleration on the source S3 bucket, and configure the radar station with the most accurate data to use the new endpoint. Monitor the S3 destination bucket's TotalRequestLatency metric. Create an Amazon EventBridge (Amazon CloudWatch Events) rule to trigger an alert if this status changes.

D.

Create a new S3 replication rule on the source S3 bucket that filters for the keys that use the prefix of the radar station with the most accurate data. Enable S3 Replication Time Control (S3 RTC). Monitor the maximum replication time to the destination. Create an Amazon EventBridge (Amazon CloudWatch Events) rule to trigger an alert when the time exceeds the desired threshold.

Question 74

A company is developing an application that will display financial reports. The company needs a solution that can store financial Information that comes from multiple systems. The solution must provide the reports through a web interface and must serve the data will less man 500 milliseconds or latency to end users. The solution also must be highly available and must have an RTO or 30 seconds.

Which solution will meet these requirements?

Options:

A.

Use an Amazon Redshift cluster to store the data. Use a state website that is hosted on Amazon S3 with backend APIs that ate served by an Amazon Elastic Cubemates Service (Amazon EKS) cluster to provide the reports to the application.

B.

Use Amazon S3 to store the data Use Amazon Athena to provide the reports to the application. Use AWS App Runner to serve the application to view the reports.

C.

Use Amazon DynamoDB to store the data, use an embedded Amazon QuickStight dashboard with direct Query datasets to provide the reports to the application.

D.

Use Amazon Keyspaces (for Apache Cassandra) to store the data, use AWS Elastic Beanstalk to provide the reports to the application.

Question 75

A solutions architect has implemented a SAML 2 0 federated identity solution with their company's on-premises identity provider (IdP) to authenticate users' access to the AWS environment. When the solutions architect tests authentication through the federated identity web portal, access to the AWS environment is granted However when test users attempt to authenticate through the federated identity web portal, they are not able to access the AWS environment

Which items should the solutions architect check to ensure identity federation is properly configured? (Select THREE)

Options:

A.

The 1AM user's permissions policy has allowed the use of SAML federation for that user

B.

The 1AM roles created for the federated users' or federated groups' trust policy have set the SAML provider as the principal

C.

Test users are not in the AWSFederatedUsers group in the company's IdP

D.

The web portal calls the AWS STS AssumeRoleWithSAML API with the ARN of the SAML provider, the ARN of the 1AM role, and the SAML assertion from IdP

E.

The on-premises IdP's DNS hostname is reachable from the AWS environment VPCs

F.

The company's IdP defines SAML assertions that properly map users or groups in the company to 1AM roles with appropriate permissions

Previous
Page: 18 / 35
Next
AWS Certified Professional SAP-C02 Dumps PDF, Ace Your SAP-C02 AWS Certified Professional Exam, Passed Exam Today SAP-C02, Free SAP-C02 Questions Attempt, AWS Certified Professional SAP-C02 Exam Questions and Answers PDF, Amazon Web Services SAP-C02 Questions Answers, All SAP-C02 Test Inside Amazon Web Services Questions, SAP-C02 Leak Questions, Pass SAP-C02 Exam Guide, Vce SAP-C02 Questions Latest, Legit SAP-C02 Exam Download, AWS Certified Professional Changed SAP-C02 Questions, Amazon Web Services SAP-C02 Actual Questions, Full Access Amazon Web Services SAP-C02 Tutorials, Online SAP-C02 Questions Video, Pearson SAP-C02 New Attempt, SAP-C02 Amazon Web Services Exam Lab Questions, SAP-C02 VCE Exam Download, Amazon Web Services SAP-C02 Based on Real Exam Environment, Free SAP-C02 Amazon Web Services Updates, SAP-C02 Questions Bank, Download Latest SAP-C02 Questions, SAP-C02 Premium Exam Questions, SAP-C02 Reviews Questions, Sure Pass Exam SAP-C02 PDF, AWS Certified Professional SAP-C02 Full Course Free, AWS Certified Professional SAP-C02 Amazon Web Services Study Notes, SAP-C02 Exam Results, Download Full Version SAP-C02 Amazon Web Services Exam, AWS Certified Professional SAP-C02 Book, AWS Certified Professional SAP-C02 Passing Score, Exactprep SAP-C02 Questions, Amazon Web Services SAP-C02 Online Access, Selected SAP-C02 AWS Certified Professional Questions Answers,
Exam Code: SAP-C02
Exam Name: AWS Certified Solutions Architect - Professional
Last Update: Dec 22, 2024
Questions: 483
SAP-C02 pdf

SAP-C02 PDF

$25.5  $84.99
 Add to Cart
SAP-C02 Engine

SAP-C02 Testing Engine

$28.5  $94.99
 Add to Cart
SAP-C02 PDF + Engine

SAP-C02 PDF + Testing Engine

$40.5  $134.99
 Add to Cart