Free Amazon SAP-C02 Exam Questions

Question 1

A company has built a high performance computing (HPC) cluster in AWS for a tightly coupled workload that

generates a large number of shared files stored in Amazon EFS. The cluster was performing well when the

number of Amazon EC2 instances in the cluster was 100. However, when the company increased the cluster

size to 1,000 EC2 instances, overall performance was well below expectations

Which collection of design choices should a solutions architect make to achieve the maximum performance

from the HPC cluster? (Select THREE.)

A : Ensure the HPC cluster is launched within a single Availability Zone.

B : Launch the EC2 instances and attach elastic network interfaces in multiples of four.

C : Select EC2 instance types with an Elastic Fabric Adapter (EFA) enabled

D : ure the cluster is launched across multiple Availability Zones.

E : place Amazon EFS with multiple Amazon EBS volumes in a RAID array.

F : place Amazon EFS with Amazon FSx for Lustre.

Answer: A,C

Question 2

A company is running a web application with On-Demand Amazon EC2 instances in Auto Scaling groups that

scale dynamically based on custom metrics After extensive testing, the company determines that the

m5.2xlarge instance size is optimal for the workload Application data is stored in db.r4.4xlarge Amazon RDS

instances that are confirmed to be optimal. The traffic to the web application spikes randomly during the day.

What other cost-optimization methods should the company implement to further reduce costs without

impacting the reliability of the application?

A : uble the instance count in the Auto Scaling groups and reduce the instance size to m5.large

B : Reserve capacity for the RDS database and the minimum number of EC2 instances that are constantlyrunning.

C : Reduce the RDS instance size to db.r4.xlarge and add five equivalent^ sized read replicas to providereliability.

D : erve capacity for all EC2 instances and leverage Spot Instance pricing for the RDS database.

Answer: B

Question 3

A company has an application that runs on Amazon EC2 instances. A solutions architect is designing VPC infrastructure in an AWS Region where the application needs to access an Amazon Aurora DB cluster. The EC2 instances are all associated with the same security group. The DB cluster is associated with its own security group. The solutions architect needs to add rules to the security groups to provide the application with least privilege access to the DB cluster. Which combination of steps will meet these requirements? (Select TWO.)

A : an inbound rule to the EC2 instances' security group. Specify the DB cluster's security group as the source over the default Aurora port.

B : an outbound rule to the EC2 instances' security group. Specify the DB cluster's security group as the destination over the default Aurora port.

C : an inbound rule to the DB cluster's security group. Specify the EC2 instances' security group as the source over the default Aurora port.

D : an outbound rule to the DB cluster's security group. Specify the EC2 instances' security group as the destination over the default Aurora port.

E : an outbound rule to the DB cluster's security group. Specify the EC2 instances' security group as the destination over the ephemeral ports.

Answer: A,B

Question 4

A company is running a serverless application that consists of several AWS Lambda functions and Amazon

DynamoDB tables. The company has created new functionality that requires the Lambda functions to access

an Amazon Neptune DB cluster The Neptune DB cluster is located in three subnets in a VPC.

Which of the possible solutions will allow the Lambda functions to access the Neptune DB cluster and

DynamoDB tables? (Select TWO )

A : Create three public subnets in the Neptune VPC and route traffic through an interne: gateway Host theLambda functions m the three new public subnets

B : Create three private subnets in the Neptune VPC and route internet traffic through a NAT gateway Hostthe Lambda functions In the three new private subnets.

C : Host the Lambda functions outside the VPC. Update the Neptune security group to allow access fromthe IP ranges of the Lambda functions.

D : Host the Lambda functions outside the VPC. Create a VPC endpoint for the Neptune database, and havethe Lambda functions access Neptune over the VPC endpoint

E : Create three private subnets in the Neptune VPC. Host the Lambda functions m the three new isolatedsubnets. Create a VPC endpoint for DynamoDB. and route DynamoDB traffic to the VPC endpoint

Answer: A,C

Question 5

A company has a serverless application comprised of Amazon CloudFront, Amazon API Gateway, and AWS

Lambda functions. The current deployment process of the application code is to create a new version number

of the Lambda function and run an AWS CLI script to update. If the new function version has errors, another

CLI script reverts by deploying the previous working version of the function. The company would like to

decrease the time to deploy new versions of the application logic provided by the Lambda functions, and also

reduce the time to detect and revert when errors are identified.

How can this be accomplished?

A : Create and deploy nested AWS CloudFormation stacks with the parent stack consisting of the AWSCloudFront distribution and API Gateway, and the child stack containing the Lambda function. Forchanges to Lambda, create an AWS CloudFormation change set and deploy; if errors are triggered,revert the AWS CloudFormation change set to the previous version.

B : Use AWS SAM and built-in AWS CodeDeploy to deploy the new Lambda version, gradually shifttraffic to the new version, and use pre-traffic and post-traffic test functions to verify code. Rollback ifAmazon CloudWatch alarms are triggered.

C : Refactor the AWS CLI scripts into a single script that deploys the new Lambda version. Whendeployment is completed, the script tests execute. If errors are detected, revert to the previous Lambdaversion.

D : Create and deploy an AWS CloudFormation stack that consists of a new API Gateway endpoint thatreferences the new Lambda version. Change the CloudFront origin to the new API Gateway endpoint,monitor errors and if detected, change the AWS CloudFront origin to the previous API Gatewayendpoint.

Answer: B