Which of the following approaches help improve the availability of an application on AWS?.
Choose 2 answer

• A.Using AutoScaling to replace lost capacity
• B.Using multiple Availability zones
• C.Using Amazon virtual private cloud
• D.Using the largest available instance type
• E.Using placement groups

Comment: *

Name: *

Email: *

Verification: *

A company has a large Microsoft SharePoint deployment running on-premises that requires Microsoft Windows shared file storage. The company wants to migrate this workload to the AWS Cloud and is considering various storage options. The storage solution must be highly available and integrated with Active Directory for access control.
Which solution will satisfy these requirements?

• A.Create an Amazon FSx for Windows File Server file system on AWS and set the Active Directory domain for authentication.
• B.Configure Amazon EFS storage and set the Active Directory domain for authentication.
• C.Create an SMB file share on an AWS Storage Gateway file gateway in two Availability Zones.
• D.Create an Amazon S3 bucket and configure Microsoft Windows Server to mount it as a volume.

Comment: *

Name: *

Email: *

Verification: *

A solution architect must design a solution that uses Amazon CloudFront with an Amazon S3 to store a static website. The company security policy requires that all websites traffic be inspected by AWS WAF.
How should the solution architect company with these requirements?

• A.Configure Amazon CloudFront and Amazon S3 to use an origin access identity (OAI) to restrict access to the S3 bucket. Enable AWS WAF on the distribution.
• B.Configure an S3 bucket policy to accept requests coming from the AWS WAF Amazon Resource Name (ARN) only
• C.Configure Amazon CloudFront to forward all incoming requests to AWS WAF before requesting content from the S3 origin,
• D.Configure a security group that allows Amazon CloudFront IP addresses to access Amazon S3 only Associate AWS WAF to CloudFront.

Comment: *

Name: *

Email: *

Verification: *

A user has launched one EC2 instance in the US East region and one in the US West region. The user has launched an RDS instance in the US East region. How can the user configure access from both the
EC2 instances to RDS?

• A.It is not possible to access RDS of the US East region from the US West region
• B.Configure the US West region's security group to allow a request from the US East region's instance and configure the RDS security group's ingress rule for the US East EC2 group
• C.Configure the security group of the US East region to allow traffic from the US West region's instance and configure the RDS security group's ingress rule for the US East EC2 group
• D.Configure the security group of both instances in the ingress rule of the RDS security group

Comment: *

Name: *

Email: *

Verification: *

A Solutions Architect is designing a new application that will be hosted on EC2 instances. This application has the following traffic requirements:
- Accept HTTP(80)/HTTPS(443) traffic from the Internet.
- Accept FTP(21) traffic from the finance team servers at 10.10.2.0/24.
Which of the following AWS CloudFormation snippets correctly declares inbound security group rules that meet the requirements and prevent unauthorized access to additional services on the instance?

• A.
• B.
• C.
• D.

Comment: *

Name: *

Email: *

Verification: *