Download Amazon.SAP-C02.CertDumps.2024-07-31.442q.tqb

Download Exam

File Info

Exam AWS Certified Solutions Architect - Professional
Number SAP-C02
File Name Amazon.SAP-C02.CertDumps.2024-07-31.442q.tqb
Size 4 MB
Posted Jul 31, 2024
Download Amazon.SAP-C02.CertDumps.2024-07-31.442q.tqb


How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Purchase

Coupon: MASTEREXAM
With discount: 20%






Demo Questions

Question 1

A company needs to architect a hybrid DNS solution. This solution will use an Amazon Route 53 private hosted zone for the domain cloud.example.com for the resources stored within VPCs.  
The company has the following DNS resolution requirements:  
  •   On-premises systems should be able to resolve and connect to cloud.example.com. 
  •   All VPCs should be able to resolve cloud.example.com.  
There is already an AWS Direct Connect connection between the on-premises corporate network and AWS Transit Gateway.  
Which architecture should the company use to meet these requirements with the HIGHEST performance? 
 


  1. Associate the private hosted zone to all the VPCs. Create a Route 53 inbound resolver in the shared services VPC. Attach all VPCs to the transit gateway and create forwarding rules in the on-premises DNS server for cloud.example.com that point to the inbound resolver. 
  2. Associate the private hosted zone to all the VPCs. Deploy an Amazon EC2 conditional forwarder in the shared services VPC. Attach all VPCs to the transit gateway and create forwarding rules in the on-premises DNS server for cloud.example.com that point to the conditional forwarder. 
  3. Associate the private hosted zone to the shared services VPC. Create a Route 53 outbound resolver in the shared services VPC. Attach all VPCs to the transit gateway and create forwarding rules in the on-premises DNS server for cloud.example.com that point to the outbound resolver. 
  4. Associate the private hosted zone to the shared services VPC. Create a Route 53 inbound resolver in the shared services VPC. Attach the shared services VPC to the transit gateway and create forwarding rules in the on-premises DNS server for cloud.example.com that point to the inbound resolver.  
Correct answer: A



Question 2

A company is providing weather data over a REST-based API to several customers. The API is hosted by Amazon API Gateway and is integrated with different AWS Lambda functions for each API operation. The company uses Amazon Route 53 for DNS and has created a resource record of weather.example.com. The company stores data for the API in Amazon DynamoDB tables. The company needs a solution that will give the API the ability to fail over to a different AWS Region.  
Which solution will meet these requirements? 
 


  1. Deploy a new set of Lambda functions in a new Region. Update the API Gateway API to use an edge-optimized API endpoint with Lambda functions from both Regions as targets. Convert the DynamoDB tables to global tables. 
  2. Deploy a new API Gateway API and Lambda functions in another Region. Change the Route 53 DNS record to a multivalue answer. Add both API Gateway APIs to the answer. Enable target health monitoring. Convert the DynamoDB tables to global tables. 
  3. Deploy a new API Gateway API and Lambda functions in another Region. Change the Route 53 DNS record to a failover record. Enable target health monitoring. Convert the DynamoDB tables to global tables. 
  4. Deploy a new API Gateway API in a new Region. Change the Lambda functions to global functions. Change the Route 53 DNS record to a multivalue answer. Add both API Gateway APIs to the answer. Enable target health monitoring. Convert the DynamoDB tables to global tables. 
Correct answer: C



Question 3

A company uses AWS Organizations with a single OU named Production to manage multiple accounts. All accounts are members of the Production OU. Administrators use deny list SCPs in the root of the organization to manage access to restricted services.  
The company recently acquired a new business unit and invited the new units existing AWS account to the organization. Once onboarded, the administrators of the new business unit discovered that they are not able to update existing AWS Config rules to meet the companys policies.  
Which option will allow administrators to make changes and continue to enforce the current policies without introducing additional long-term maintenance? 
 


  1. Remove the organizations root SCPs that limit access to AWS Config. Create AWS Service Catalog products for the companys standard AWS Config rules and deploy them throughout the organization, including the new account. 
  2. Create a temporary OU named Onboarding for the new account. Apply an SCP to the Onboarding OU to allow AWS Config actions. Move the new account to the Production OU when adjustments to AWS Config are complete. 
  3. Convert the organizations root SCPs from deny list SCPs to allow list SCPs to allow the required services only. Temporarily apply an SCP to the organizations root that allows AWS Config actions for principals only in the new account. 
  4. Create a temporary OU named Onboarding for the new account. Apply an SCP to the Onboarding OU to allow AWS Config actions. Move the organizations root SCP to the Production OU. Move the new account to the Production OU when adjustments to AWS Config are complete.  
Correct answer: D









PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount!



HOW TO OPEN VCEX FILES

Use ProfExam Simulator to open VCEX files