AWS SAP-C00 Certified Solution Architect Professional Exam Set 1

An organization is hosting a scalable web application using AWS. The organization has configured ELB and Auto Scaling to make the application scalable. Which of the below mentioned statements is not required to be followed for ELB when the application is planning to host a web application on VPC?


Options are :

  • The ELB and all the instances should be in the same subnet. (Correct)
  • The internet facing ELB should be only in a public subnet.
  • The internet facing ELB should have a route table associated with the internet gateway.
  • Configure the security group rules and network ACLs to allow traffic to be between the subnets in the VPC.

Answer : The ELB and all the instances should be in the same subnet.

The Statement element, of an AWS IAM policy, contains an array of individual statements. Each individual statement is a(n) block enclosed in braces{}.


Options are :

  • JavaScript
  • XML
  • AJAX
  • JSON (Correct)

Answer : JSON

An organization is creating a VPC for their application hosting. The organization has created two private subnets in the same AZ and created one subnet in a separate zone. The organization wants to make a HA system with the internal ELB. Which of these statements is true with respect to an internal ELB in this scenario?


Options are :

  • ELB does not allow subnet selection; instead it will automatically select all the available subnet of the VPC.
  • ELB can support only one subnet in each availability zone. (Correct)
  • ELB can support all the subnets irrespective of their zones.
  • If the user is creating an internal ELB, he should use only private subnets.

Answer : ELB can support only one subnet in each availability zone.

IAM Secure and Scalable is an organization which provides scalable and secure SAAS to its clients. They are planning to host a web server and app on AWS VPC as separate tiers. The organization wants to implement the scalability by configuring Auto Scaling and load balancer with their app servers (middle tier) too. Which of the below mentioned options suits their requirements?


Options are :

  • The user should make ELB with EC2 –CLASSIC and enable SSH with it for security.
  • Create an internet facing ELB with VPC and configure all the App servers with it.
  • Since ELB is internet facing , it is recommended to setup HA Proxy as the balancer with in the VPC.
  • Create an internal load balancer with VPC and register all the App sewers with it. (Correct)

Answer : Create an internal load balancer with VPC and register all the App sewers with it.

An organization (account ID 123412341234) has configured the IAM policy to allow the user to modify his credentials. What will the below mentioned statement allow the user to perform? { ?Version?:?2012-10-17?, ?Statement?:[{ ?Effect?:?Allow?, ?Action?:[ ?iam:AddUserToGroup?, ?iam:RemoveUserFromGroup?, ?iam:GetGroup?]! ?Resource?: ?arn:aws:iam::123412341234:group/Testing Group?}]


Options are :

  • The IAM policy will throw an error due to an invalid resource name
  • Allow the IAM user to delete the Testing Group
  • Allow the IAM user to update the membership of the group called Testing Group (Correct)
  • The IAM policy will allow the user to subscribe to any IAM group

Answer : Allow the IAM user to update the membership of the group called Testing Group

An IAM user is trying to perform an action on an object belonging to some other root accountis bucket.Which of the below mentioned options will AWS S3 not verify?


Options are :

  • Permission provided by the parent of the IAM user on the bucket. (Correct)
  • Permission provided by the bucket owner to the IAM user.
  • Permission provided by the parent of the IAM user.
  • The object owner has provided access to the IAM user.

Answer : Permission provided by the parent of the IAM user on the bucket.

When does an AWS Data Pipeline terminate the AWS Data Pipeline-managed compute resources?


Options are :

  • AWS Data Pipeline terminates AWS Data Pipeline-managed compute resources every 12 hours.
  • AWS Data Pipeline terminates AWS Data Pipeline-managed compute resources every 2 hours.
  • When the final activity that uses the resources is running.
  • When the final activity that uses the resources has completed successfully or failed. (Correct)

Answer : When the final activity that uses the resources has completed successfully or failed.

In the context of AWS IAM, identify a true statement about user passwords (login profiles).


Options are :

  • They must begin and end with a forward slash(/).
  • The must contain Unicode characters.
  • They can not contain Basic Latin (ASCII) characters
  • They can contain any Basic Latin (ASCII) characters. (Correct)

Answer : They can contain any Basic Latin (ASCII) characters.

An organization is planning to extend their data center by connecting their DC with the AWS VPC using the VPN gateway. The organization is setting up a dynamically routed VPN Connection. Which of the below mentioned answers is not required to setup this configuration?


Options are :

  • The type of customer gateway, such as Cisco ASA, Juniper J-Series, Juniper SSG, Yamaha.
  • Elastic IP ranges that the organization wants to advertise over the VPN connection to the VPC. (Correct)
  • Border Gateway Protocol (BGP) Autonomous System Number (ASN) of the customer gateway.
  • Internet-routable IP address (static) of the customer gateway‘s external interface.

Answer : Elastic IP ranges that the organization wants to advertise over the VPN connection to the VPC.

An organization is setting up an application on AWS to have both high availability (HA) and Disaster Recovery (DR). The organization wants to have both Recovery point objective(RPO) and Recovery time objective (RTO) of 10 minutes. Which of the below mentioned service configurations does not help the organization achieve the said RPO and RTO?


Options are :

  • Use an elastic IP to assign to a running instance and use Route 53 to amp the user‘s domain with that IP
  • Use an AMI copy to keep the AMI available in other regions.
  • Take a snapshot of the data every 10 minutes and copy it to the other region.
  • Create ELB with multi-region routing to allow automated fail over when required. (Correct)

Answer : Create ELB with multi-region routing to allow automated fail over when required.

Regarding Amazon SNS, you can send notification messages to mobile devices through any of the following supported push notification services, EXCEPT:


Options are :

  • Amazon Device Messaging (ADM)
  • Apple Push Notification Service (APNS)
  • Microsoft Window Mobile Messaging (MWMM) (Correct)
  • Google Cloud Messaging for Android (GCM)

Answer : Microsoft Window Mobile Messaging (MWMM)

By default, Amazon Cognito maintains the last-written version of the data. You can override this behavior and resolve data conflicts programmatically. In addition, push synchronization allows you to use Amazon Cognito to send a silent notification to all devices associated with an identity to notify them that new data is available.


Options are :

  • Pul
  • Get
  • Push (Correct)
  • Post

Answer : Push

True or False: In Amazon Elastic Cache replication groups of Red is, for performance tuning reasons, you can change the roles of the cache nodes with the replication group, with the primary and one of the replicas exchanging roles.


Options are :

  • True, however, you get lower performance.
  • TRUE (Correct)
  • FALSE
  • False, you must recreate the replication group to performance.

Answer : TRUE

True or False: Amazon Elastic Cache supports the Redis key-value store.


Options are :

  • False, Elastic Cache does not supports the Redis key-value store.
  • True, Elastic Cache supports the Redis key-value store. (Correct)
  • True, Elastic Cache supports the Redis key-value store, but with limited functionalities.
  • False, Elastic Cache supports the Redis key-value store only if you are in a VPC environment.

Answer : True, Elastic Cache supports the Redis key-value store.

In Amazon ElastiCache, the failure of a single cache node can have an impact on the availability of your application and the load on your back-end database while ElastiCache provisions a replacement for the failed cache node and it get repopulated. Which of the following is a solution to reduce this potential availability impact?


Options are :

  • Spread your memory and compute capacity over fewer number of cache nodes, each with smaller capacity.
  • Include fewer number of high capacity nodes.
  • Include alarger number of cache nodes, each with high capacity.
  • Spread your memory and compute capacity over a larger number of cache nodes, each with smaller capacity. (Correct)

Answer : Spread your memory and compute capacity over a larger number of cache nodes, each with smaller capacity.

Doug has created a VPC with CIDR 10.201.0.0/16 in this AWS account. In this VPC he g has created a public subnet with CIDR block 10.201.31.0/24. While launching a new EC2 from the console, he is not able to assign the private IP address 10.201.31.6 to this instance. Which is the most likely reason for this issue?


Options are :

  • Private address IP 10.201.31.6 is currently assigned to another interface. (Correct)
  • Private address IP 10.201.31.6 is blocked via ACL‘s in Amazon infrastructure as a part of platform security.
  • Private address IP 10.201.31.6 is reserved by Amazon for IP networking purposes.
  • Private address IP 10.201.31.6 is not part of the associated subnet‘s IP address

Answer : Private address IP 10.201.31.6 is currently assigned to another interface.

While implementing the policy keys in AWS Direct Connect, if you use and the request comes from an Amazon EC2 instance, the instance‘s public IP address is evaluated to determine if access is allowed.


Options are :

  • Aws: EpochIP
  • Aws: SourceIP (Correct)
  • Aws :Secure Transport
  • Aws: CurrentTime

Answer : Aws: SourceIP

A user has configured EBS volume with PIOPS. The user is not experiencing the optimal throughput. Which of the following could not be factor affecting I/O performance of that EBS volume?


Options are :

  • Instance type is not EBS optimized
  • EBS volume size (Correct)
  • EBS bandwidth of dedicated instance exceeding the PIOPS
  • EC2 bandwidth

Answer : EBS volume size

The My Secure Data company has five branches across the globe. They want to expand their data centers such that their web server will be in the AWS and each branch would have their own database in the local data center. Based on the user login, the company wants to connect to the data center. How can My Secure Data company implement this scenario with the AWS VPC?


Options are :

  • It is not possible to connect different data centers from a single VPC.
  • Use the AWS Cloud Gateway to communicate with multiple VPN connections
  • Create five VPCs with the public subnet for the app server and setup the VPN gateway for each VPN to connect them individually.
  • Use the AWS VPN Cloud Hub to communicate with multiple VPN connections. (Correct)

Answer : Use the AWS VPN Cloud Hub to communicate with multiple VPN connections.

By default, what is the maximum number of Cache Nodes you can run in Amazon ElastiCache?


Options are :

  • 20 (Correct)
  • 200
  • 100
  • 50

Answer : 20

How many g2.2xlarge on-demand instances can a user run in one region without taking any limit increase approval from AWS?


Options are :

  • 5 (Correct)
  • 10
  • 20
  • 2

Answer : 5

In which step of using AWS Direct Connect should the user determine the required port speed?


Options are :

  • Download Router Configuration
  • Complete the Cross Connect
  • Verify your virtual interface
  • Submit AWS Direct Connect Connection Request (Correct)

Answer : Submit AWS Direct Connect Connection Request

What bandwidths do AWS Direct Connect currently support?


Options are :

  • 10Mbps and 100Mbps
  • 10Gbps and 100Gbps
  • 1Gbps and 10Gbps (Correct)
  • 100Mbps and 1Gbps

Answer : 1Gbps and 10Gbps

One of your AWS Data Pipeline activities has failed consequently and has entered a hard failure stae after retrying thrice. You want to try it again. Is it possible to increase the number of automatic retries to more than thrice?


Options are :

  • Yes, you can increase the number of automatic retries to 10. (Correct)
  • Yes, you can increase the number of automatic retries to 6.
  • No, you can not increase the number of automatic retries.
  • Yes, you can increase the number of automatic retries to indefinite number.

Answer : Yes, you can increase the number of automatic retries to 10.

Which of the following components of AWS Data Pipeline specifies the business logic of your data management?


Options are :

  • Pipeline definition (Correct)
  • AWS Direct Connect
  • Amazon Simple Storage Service (Amazon S3)
  • Task Runner

Answer : Pipeline definition

Which of the following is NOT an advantage of using AWS Direct Connect?


Options are :

  • AWS Direct Connect reduces your network
  • AWS Direct Connect makes it easy to establish a dedicated network connection from your premises to AWS.
  • AWS Direct Connect provides a more consistent network experience than Internetbased connections.
  • AWS Direct Connect provides users access to public and private resources by using two different connections while maintaining network separation between the public the public and private environments. (Correct)

Answer : AWS Direct Connect provides users access to public and private resources by using two different connections while maintaining network separation between the public the public and private environments.

You want to use AWS Code Deploy to deploy an application to Amazon EC2 instances running with in an Amazon Virtual Private Cloud(VPC). What criterion must be met for this to be possible?


Options are :

  • It is not currently possible to use AWS Code Deploy to deploy an application to Amazon EC2 instances running with in running an Amazon Virtual Private Cloud (VPC.)
  • The AWS Code Deploy agent installed on the Amazon EC2 instances must be able to access only the public AWS Code Deploy endpoint.
  • The AWS Code Deploy agent installed on the Amazon EC2 instances must be able to access only the public Amazon S3 service endpoint.
  • The AWS Code Deploy agent installed on the Amazon EC2 instances must be able to access the public AWS Code Deploy and Amazon S3 service endpoints. (Correct)

Answer : The AWS Code Deploy agent installed on the Amazon EC2 instances must be able to access the public AWS Code Deploy and Amazon S3 service endpoints.

What is the default maximum number of VPCs allowed per region?


Options are :

  • 100
  • 15
  • 5 (Correct)
  • 10

Answer : 5

The two policies that you attach to an IAM role are the access policy and the trust policy. The trust policy identifies who can assume the role and grants the permission in the AWS Lambda account principal by adding the action.


Options are :

  • Sts: Invoke Async
  • Iambda: Invoke Async
  • Aws: Assume Admin
  • Sts: Assume Role (Correct)

Answer : Sts: Assume Role

How can multiple compute resource be used on the same pipeline in AWS data pipeline?


Options are :

  • You can not use multiple compute resource on the same pipeline.
  • You can use multiple compute resource on the same pipeline by defining multiple cluster definition files.
  • You can use multiple compute resources on the same pipeline by defining multiple cluster objects in your definition file and associating the cluster to use for each activity via its runs On field. (Correct)
  • You can use multiple compute resources on the same pipeline by defining multiple clusters for your actMty.

Answer : You can use multiple compute resources on the same pipeline by defining multiple cluster objects in your definition file and associating the cluster to use for each activity via its runs On field.

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions