Free Preparation Discussions
MENU
Amazon SAP-C02 Exam Questions
- Amazon Professional Certifications
- Amazon AWS Certified Solutions Architect Professional Certifications
- Topic 1: Design Solutions for Organizational Complexity: In this topic, AWS solutions architects learn to architect network connectivity strategies tailored to complex organizational needs. Moreover, the topic emphasizes prescribing security controls and crafting reliable and resilient architectures. Additionally, the topic covers designing multi-account AWS environments and determining cost optimization and visibility strategies to balance functionality and efficiency within a large-scale organizational framework.
- Topic 2: Design for New Solutions: This topic equips AWS solutions architects to design deployment strategies that align with business goals while ensuring continuity through robust planning. It addresses determining security controls based on varying requirements.
- Topic 3: Continuous Improvement for Existing Solutions: Through this topic, AWS solutions architects gain insights into strategies for enhancing operational excellence across deployed solutions. It emphasizes improving security, performance, and reliability through iterative refinement.
- Topic 4: Accelerate Workload Migration and Modernization: This topic focuses on enabling AWS solutions architects to identify workloads and processes suitable for migration. It includes determining optimal migration approaches, redefining architectures for existing workloads, and discovering opportunities for modernization and enhancements.
Free Amazon SAP-C02 Exam Actual Questions
Note: Premium Questions for SAP-C02 were last updated On Jan. 22, 2025 (see below)
A company needs to modernize a legacy .NET Framework application. The application uses an application server and a Microsoft SQL Server database.
The company also needs to perform the following tasks:
Containerize the application into microservices.
* Keep control of the operating system patches and storage for the application layer.
* Add load balancing for the web servers.
* Make the application highly available.
Which solution will meet these requirements?
A company has an application that uses AWS Key Management Service (AWS KMS) to encrypt and decrypt dat
a. The application stores data in an Amazon S3 bucket in an AWS Region. Company security policies require the data to be encrypted before the data is placed into the S3 bucket. The application must decrypt the data when the application reads files from the S3 bucket.
The company replicates the S3 bucket to other Regions. A solutions architect must design a solution so that the application can encrypt and decrypt data across Regions. The application must use the same key to decrypt the data in each Region.
Which solution will meet these requirements?
A company hosts an application that uses several Amazon EC2 instances in an Auto Scaling group behind an Application Load Balancer (ALB). During the initial startup of the EC2 instances, the EC2 instances run user data scripts to download critical content for the application from an Amazon S3 bucket.
The EC2 instances are launching correctly. However, after a period of time, the EC2 instances are terminated with the following error message: "An instance was taken out of service in response to an ELB system health check failure." EC2 instances continue to launch and be terminated because of Auto Scaling events in an endless loop.
The only recent change to the deployment is that the company added a large amount of critical content to the S3 bucket. The company does not want to alter the user data scripts in production.
What should a solutions architect do so that the production environment can deploy successfully?
A company needs to improve the security of its web-based application on AWS. The application uses Amazon CloudFront with two custom origins. The first custom origin routes requests to an Amazon API Gateway HTTP API. The second custom origin routes traffic to an Application Load Balancer (ALB) The application integrates with an OpenlD Connect (OIDC) identity provider (IdP) for user management.
A security audit shows that a JSON Web Token (JWT) authorizer provides access to the API The security audit also shows that the ALB accepts requests from unauthenticated users
A solutions architect must design a solution to ensure that all backend services respond to only authenticated users
Which solution will meet this requirement?
Integrate ALB with OIDC IdP:
In the AWS Management Console, navigate to the Application Load Balancer (ALB) settings.
Configure the ALB to use the OpenID Connect (OIDC) IdP for authentication. This ensures that all requests routed through the ALB are authenticated using the IdP.
Set Up Authentication Rules:
Create a listener rule on the ALB that requires authentication. This rule will forward requests to the IdP for user authentication before allowing access to the backend services.
Restrict Unauthenticated Access:
Ensure the ALB only forwards requests to backend services if the user is authenticated. Unauthenticated requests should be blocked or redirected to the IdP for authentication.
Update CloudFront Configuration:
Modify the CloudFront distribution to forward authenticated requests to the ALB. Ensure that the ALB and API Gateway accept only requests coming through the CloudFront distribution to enforce consistent authentication and security.
By enforcing authentication at the ALB level, you ensure that all backend services are accessed only by authenticated users, enhancing the overall security of the web application
A company is running a large containerized workload in the AWS Cloud. The workload consists of approximately 100 different services. The company uses Amazon Elastic Container Service (Amazon ECS) to orchestrate the workload.
Recently, the company's development team started using AWS Fargate instead of Amazon EC2 instances in the ECS cluster. In the past, the workload has come close to running the maximum number of EC2 instances that are available in the account.
The company is worried that the workload could reach the maximum number of ECS tasks that are allowed. A solutions architect must implement a solution that will notify the development team when Fargate reaches 80% of the maximum number of tasks.
What should the solutions architect do to meet this requirement?
- Select Question Types you want
- Set your Desired Pass Percentage
- Allocate Time (Hours : Minutes)
- Create Multiple Practice tests with Limited Questions
- Customer Support
Giuseppe
4 days agoTu
14 days agoEdelmira
19 days agoGilma
28 days agoOlive
29 days agoGianna
1 months agoKris
1 months agoCyril
2 months agoRima
2 months agoCyril
2 months agoMarylou
2 months agoJoye
3 months agoMaryann
3 months agoNelida
3 months agoMargarett
3 months agoAvery
3 months agoVi
4 months agoLashawn
4 months agoBette
4 months agoTammi
4 months agoTonette
4 months agoReuben
5 months agoNorah
5 months agoBrinda
5 months agoJesus
6 months agoLizbeth
6 months agoKassandra
7 months agoDella
7 months agoCarli
7 months agoAleta
7 months agoLeonora
8 months agoMelynda
8 months ago