Home/Directory/solutions architect professional

solutions architect professional Practice Questions

Page 3 of 3 (240 total questions)

You need to route traffic to Amazon EC2 instances based on URL paths (e.g., '/api' vs '/static'). Which load balancer type should you use?
View Question & Answer ➔
Scenario: To secure an Amazon EKS cluster for a PCI-DSS compliant workload, an architect wants to ensure that every administrative action (e.g., creating a pod) is logged and stored. Which tool is essential?
View Question & Answer ➔
You are designing a high-scale data ingestion system using AWS Lambda. You want to ensure that if a function fails, the message is not lost and can be retried later. Which pattern should you use?
View Question & Answer ➔
Scenario: You are deploying a mission-critical application and want to minimize the risk of a single human making a catastrophic change. Solution?
View Question & Answer ➔
Scenario: To lower the cost of a high-end AI training workload in AWS, you want to use instances that can be reclaimed by AWS with a 2-minute notice. What should you use?
View Question & Answer ➔
Scenario: To lower the cost of a data processing workload that runs for 4 hours every night, you want to use EC2 instances that provide a fixed discount in exchange for a 1-year commitment. You expect the instance types to change as the software evolves. Solution ?
View Question & Answer ➔
Scenario: You are designing a data lake and want to move objects from a standard S3 bucket to S3 Glacier Deep Archive after 180 days of no access to save costs. Solution ?
View Question & Answer ➔
Scenario: To minimize the blast radius of a potential insider threat, you want to ensure that no single IAM user can delete a critical production database without a multi-step approval process involving another team. Solution ?
View Question & Answer ➔
An enterprise is using a complex serverless architecture with hundreds of Lambda functions. They want a way to share common code and libraries (like business logic or security frameworks) across all these functions without duplicating the code in every deployment package. What is the AWS-recommended solution?
View Question & Answer ➔
Scenario: To lower the RTO of your disaster recovery plan, you want a 'Pilot Light' environment where your database is always running and in-sync, but your application servers (EC2) only launch when a disaster occurs. Solution ?
View Question & Answer ➔
Your high-traffic application requires ultra-low latency and needs to handle millions of requests per second at the network level. Which load balancer is best?
View Question & Answer ➔
An organization wants to run a serverless data processing pipeline that triggers a Lambda function every time a new row is added to a DynamoDB table. They want to ensure that the messages are processed in the exact order they were received and that no messages are lost if the Lambda function fails. Which feature should they use?
View Question & Answer ➔
Scenario: To minimize the latency for users in Europe accessing an application hosted in us-east-1, you decide to deploy a second set of resources in eu-central-1. What is the most architectural way to route users to the closest healthy region?
View Question & Answer ➔
An organization wants to run a serverless workflow that process images. Every time an image is uploaded to S3, they want to resize it, check for NSFW content using AI, and then store the metadata in DynamoDB. Which service should coordinate these independent steps?
View Question & Answer ➔
Scenario: You are designing a high-scale data analytics platform. You need to ingest millions of events from user devices and want to ensure that the data is automatically partitioned by 'event_type' as it is being stored in S3 for optimal querying in Athena. Which service is best?
View Question & Answer ➔
An organization wants to implement 'Infrastructure as Code' (IaC) to manage their complex AWS environments. They want to use a tool that is cloud-neutral and allows them to version control their infrastructure alongside their application code. Which tool is industry-standard for this?
View Question & Answer ➔
Scenario: You want to ensure that if a developer launches an EC2 instance without an encrypted EBS volume, the instance is automatically terminated and the developer is notified. Solution ?
View Question & Answer ➔
You are hosting a globally distributed application that requires a single static anycast IP address to route users to the closest healthy region. The application uses UDP for high-performance data transfer. Solution ?
View Question & Answer ➔
Scenario: You are designing a data lake and want to ensure that all data is automatically encrypted with AWS KMS keys, and you want an audit log that shows every time an analyst decrypts a specific file. Solution ?
View Question & Answer ➔
Which AWS service provides a way to 'Replay' archived events from your Amazon EventBridge bus to test how a new application would have behaved using real past data?
View Question & Answer ➔
To protect against an entire regional outage, an architect decides to maintain a 'Multi-Region Active-Active' architecture for their web application. Which service is essential for globally distributing and load-balancing traffic across regions?
View Question & Answer ➔
Scenario: To minimize the latency of a critical database for users globally, you want to use a NoSQL database that automatically replicates data across multiple regions with a 'Multi-Region Write' capability. Solution ?
View Question & Answer ➔
You are migrating a monolithic application to microservices and want to use a tool that allows you to route traffic to the new microservices incrementally while the rest of the monolith remains on-premises or in EC2. Which AWS service simplifies this 'Strangler Fig' pattern?
View Question & Answer ➔
Scenario: You are designing a data lake and want to ensure that if sensitive PII data (like Social Security numbers) is discovered in an S3 bucket, it is automatically 'masked' or redacted before it's processed. Solution ?
View Question & Answer ➔
Scenario: You are designing a data lake and want to move objects from a standard S3 bucket to S3 Glacier Deep Archive after 1 year of no access. Solution ?
View Question & Answer ➔
Your organization is hosting a globally available application. You want to route users to the closest healthy endpoint while automatically failing over to a secondary region if the primary region's health check fails. Which Route 53 routing policy and configuration should you use?
View Question & Answer ➔
Scenario: To minimize the latency for users worldwide, you decide to use a database that provides 'Single-digit millisecond' performance for both reads and writes with global replication. Solution ?
View Question & Answer ➔
Scenario: You are designing a globally distributed application and want to ensure that traffic is routed only to healthy regions. If a region's health check fails, users should be automatically redirected. Solution ?
View Question & Answer ➔
Your organization is migrating a high-performance database cluster that requires extremely low-latency network communication and high throughput (up to 100 Gbps) between nodes. Which EC2 instance feature and VPC configuration should you use?
View Question & Answer ➔
An enterprise wants to ensure that all their AWS CloudTrail logs are protected from being tampered with or deleted, even if their administrative accounts are compromised. Which feature provides the strongest protection for log integrity?
View Question & Answer ➔
To improve the security of a multi-account AWS environment, an architect wants to ensure that users can ONLY perform 'Delete' operations on production resources during a pre-authorized maintenance window. Which combination of services enables this time-based access control?
View Question & Answer ➔
An organization wants to analyze the cost and usage of their AWS environment for the last 12 months with the ability to forecast future spending for the next 12 months. Which tool should they use?
View Question & Answer ➔
An organization following the 'Zero Trust' model wants to ensure that access to their internal web apps is granted only if the user is authenticated via their enterprise IdP AND their device is company-managed. Which AWS service provides this integrated evaluation?
View Question & Answer ➔
Which AWS service allows you to centrally manage and enforce security best practices across all your AWS accounts by providing a set of 'Service Control Policies' (SCPs) that act as 'Guardrails'?
View Question & Answer ➔
You are designing a disaster recovery solution for a global application that requires an RTO of less than 1 hour and an RPO of less than 1 minute. The database is Amazon Aurora. Which architecture is most appropriate?
View Question & Answer ➔
Which AWS networking service allows you to create a high-performance, private backbone to connect multiple on-premises sites and VPCs, effectively replacing a traditional MPLS network?
View Question & Answer ➔
Your High Performance Computing (HPC) workload requires low network latency between Amazon EC2 instances. What feature should you use?
View Question & Answer ➔
To protect against L7 DDoS attacks that target your Application Load Balancer by sending requests that mimic legitimate browser traffic, which WAF feature is most effective?
View Question & Answer ➔
An organization is migrating their legacy on-premises Windows workload to AWS and needs a managed file storage service that supports the NTFS protocol and integrates with their AWS Managed Microsoft AD. Which service should they choose?
View Question & Answer ➔
Which AWS machine learning service allows you to automatically identify and redact sensitive information (PII) from text data without buildling custom models?
View Question & Answer ➔

← PreviousPage 3 of 3

solutions architect professional Practice Questions

You need to route traffic to Amazon EC2 instances based on URL paths (e.g., '/api' vs '/static'). Which load balancer type should you use?

Scenario: To secure an Amazon EKS cluster for a PCI-DSS compliant workload, an architect wants to ensure that every administrative action (e.g., creating a pod) is logged and stored. Which tool is essential?

You are designing a high-scale data ingestion system using AWS Lambda. You want to ensure that if a function fails, the message is not lost and can be retried later. Which pattern should you use?

Scenario: You are deploying a mission-critical application and want to minimize the risk of a single human making a catastrophic change. Solution?

Scenario: To lower the cost of a high-end AI training workload in AWS, you want to use instances that can be reclaimed by AWS with a 2-minute notice. What should you use?

Scenario: To lower the cost of a data processing workload that runs for 4 hours every night, you want to use EC2 instances that provide a fixed discount in exchange for a 1-year commitment. You expect the instance types to change as the software evolves. Solution ?

Scenario: You are designing a data lake and want to move objects from a standard S3 bucket to S3 Glacier Deep Archive after 180 days of no access to save costs. Solution ?

Scenario: To minimize the blast radius of a potential insider threat, you want to ensure that no single IAM user can delete a critical production database without a multi-step approval process involving another team. Solution ?

Scenario: To lower the RTO of your disaster recovery plan, you want a 'Pilot Light' environment where your database is always running and in-sync, but your application servers (EC2) only launch when a disaster occurs. Solution ?

Your high-traffic application requires ultra-low latency and needs to handle millions of requests per second at the network level. Which load balancer is best?

Scenario: To minimize the latency for users in Europe accessing an application hosted in us-east-1, you decide to deploy a second set of resources in eu-central-1. What is the most architectural way to route users to the closest healthy region?

An organization wants to run a serverless workflow that process images. Every time an image is uploaded to S3, they want to resize it, check for NSFW content using AI, and then store the metadata in DynamoDB. Which service should coordinate these independent steps?

Scenario: You are designing a high-scale data analytics platform. You need to ingest millions of events from user devices and want to ensure that the data is automatically partitioned by 'event_type' as it is being stored in S3 for optimal querying in Athena. Which service is best?

An organization wants to implement 'Infrastructure as Code' (IaC) to manage their complex AWS environments. They want to use a tool that is cloud-neutral and allows them to version control their infrastructure alongside their application code. Which tool is industry-standard for this?

Scenario: You want to ensure that if a developer launches an EC2 instance without an encrypted EBS volume, the instance is automatically terminated and the developer is notified. Solution ?

You are hosting a globally distributed application that requires a single static anycast IP address to route users to the closest healthy region. The application uses UDP for high-performance data transfer. Solution ?

Scenario: You are designing a data lake and want to ensure that all data is automatically encrypted with AWS KMS keys, and you want an audit log that shows every time an analyst decrypts a specific file. Solution ?

Which AWS service provides a way to 'Replay' archived events from your Amazon EventBridge bus to test how a new application would have behaved using real past data?

To protect against an entire regional outage, an architect decides to maintain a 'Multi-Region Active-Active' architecture for their web application. Which service is essential for globally distributing and load-balancing traffic across regions?

Scenario: To minimize the latency of a critical database for users globally, you want to use a NoSQL database that automatically replicates data across multiple regions with a 'Multi-Region Write' capability. Solution ?

You are migrating a monolithic application to microservices and want to use a tool that allows you to route traffic to the new microservices incrementally while the rest of the monolith remains on-premises or in EC2. Which AWS service simplifies this 'Strangler Fig' pattern?

Scenario: You are designing a data lake and want to ensure that if sensitive PII data (like Social Security numbers) is discovered in an S3 bucket, it is automatically 'masked' or redacted before it's processed. Solution ?

Scenario: You are designing a data lake and want to move objects from a standard S3 bucket to S3 Glacier Deep Archive after 1 year of no access. Solution ?

Your organization is hosting a globally available application. You want to route users to the closest healthy endpoint while automatically failing over to a secondary region if the primary region's health check fails. Which Route 53 routing policy and configuration should you use?

Scenario: To minimize the latency for users worldwide, you decide to use a database that provides 'Single-digit millisecond' performance for both reads and writes with global replication. Solution ?

Scenario: You are designing a globally distributed application and want to ensure that traffic is routed only to healthy regions. If a region's health check fails, users should be automatically redirected. Solution ?

Your organization is migrating a high-performance database cluster that requires extremely low-latency network communication and high throughput (up to 100 Gbps) between nodes. Which EC2 instance feature and VPC configuration should you use?

An enterprise wants to ensure that all their AWS CloudTrail logs are protected from being tampered with or deleted, even if their administrative accounts are compromised. Which feature provides the strongest protection for log integrity?

To improve the security of a multi-account AWS environment, an architect wants to ensure that users can ONLY perform 'Delete' operations on production resources during a pre-authorized maintenance window. Which combination of services enables this time-based access control?

An organization wants to analyze the cost and usage of their AWS environment for the last 12 months with the ability to forecast future spending for the next 12 months. Which tool should they use?

An organization following the 'Zero Trust' model wants to ensure that access to their internal web apps is granted only if the user is authenticated via their enterprise IdP AND their device is company-managed. Which AWS service provides this integrated evaluation?

Which AWS service allows you to centrally manage and enforce security best practices across all your AWS accounts by providing a set of 'Service Control Policies' (SCPs) that act as 'Guardrails'?

You are designing a disaster recovery solution for a global application that requires an RTO of less than 1 hour and an RPO of less than 1 minute. The database is Amazon Aurora. Which architecture is most appropriate?

Which AWS networking service allows you to create a high-performance, private backbone to connect multiple on-premises sites and VPCs, effectively replacing a traditional MPLS network?

Your High Performance Computing (HPC) workload requires low network latency between Amazon EC2 instances. What feature should you use?

To protect against L7 DDoS attacks that target your Application Load Balancer by sending requests that mimic legitimate browser traffic, which WAF feature is most effective?

An organization is migrating their legacy on-premises Windows workload to AWS and needs a managed file storage service that supports the NTFS protocol and integrates with their AWS Managed Microsoft AD. Which service should they choose?

Which AWS machine learning service allows you to automatically identify and redact sensitive information (PII) from text data without buildling custom models?