SAP-C02 Free Practice Test

- (Exam Topic 1)
A solutions architect is investigating an issue in which a company cannot establish new sessions in Amazon Workspaces. An initial analysis indicates that the issue involves user profiles. The Amazon Workspaces environment is configured to use Amazon FSx for Windows File Server as the profile share storage. The FSx for Windows File Server file system is configured with 10 TB of storage.
The solutions architect discovers that the file system has reached its maximum capacity. The solutions architect must ensure that users can regain access. The solution also must prevent the problem from occurring again.
Which solution will meet these requirements?

1. A. Remove old user profiles to create spac
2. B. Migrate the user profiles to an Amazon FSx for Lustre file system.
3. C. Increase capacity by using the update-file-system comman
4. D. Implement an Amazon CloudWatch metric that monitors free spac
5. E. Use Amazon EventBridge to invoke an AWS Lambda function to increase capacity as required.
6. F. Monitor the file system by using the FreeStorageCapacity metric in Amazon CloudWatc
7. G. Use AWS Step Functions to increase the capacity as required.
8. H. Remove old user profiles to create spac
9. I. Create an additional FSx for Windows File Server file system.Update the user profile redirection for 50% of the users to use the new file system.

Correct Answer: B
It can prevent the issue from happening again by monitoring the file system with the FreeStorageCapacity metric in Amazon CloudWatch and using Amazon EventBridge to invoke an AWS Lambda function to increase the capacity as required. This ensures that the file system always has enough free space to store user profiles and avoids reaching maximum capacity.

- (Exam Topic 1)
A company is processing videos in the AWS Cloud by using Amazon EC2 instances in an Auto Scaling group. It takes 30 minutes to process a video. Several EC2 instances scale in and out depending on the number of videos in an Amazon Simple Queue Service (Amazon SQS) queue.
The company has configured the SQS queue with a redrive policy that specifies a target dead-letter queue and a maxReceiveCount of 1. The company has set the visibility timeout for the SQS queue to 1 hour. The company has set up an Amazon CloudWatch alarm to notify the development team when there are messages in the dead-letter queue.
Several times during the day, the development team receives notification that messages are in the dead-letter queue and that videos have not been processed properly. An investigation finds no errors in the application logs.
How can the company solve this problem?

1. A. Turn on termination protection for the EC2 instances.
2. B. Update the visibility timeout for the SOS queue to 3 hours.
3. C. Configure scale-in protection for the instances during processing.
4. D. Update the redrive policy and set maxReceiveCount to 0.

Correct Answer: B
The best solution for this problem is to update the visibility timeout for the SQS queue to 3 hours. This is because when the visibility timeout is set to 1 hour, it means that if the EC2 instance doesn't process the message within an hour, it will be moved to the dead-letter queue. By increasing the visibility timeout to 3 hours, this should give the EC2 instance enough time to process the message before it gets moved to the dead-letter queue. Additionally, configuring scale-in protection for the EC2 instances during processing will help to ensure that the instances are not terminated while the messages are being processed.

- (Exam Topic 1)
A retail company has structured its AWS accounts to be part of an organization in AWS Organizations. The company has set up consolidated billing and has mapped its departments to the following OUs: Finance. Sales. Human Resources

1. A. In the AWS Billing and Cost Management console for the HR department's production account, turn off R1 sharing.
2. B. Remove the HR department's production AWS account from the organizatio
3. C. Add the account to the consolidating billing configuration only.
4. D. In the AWS Billing and Cost Management console, use the organization's management account to turn off R1 sharing for the HR department's production AWS account.
5. E. Create an SCP in the organization to restrict access to the RI
6. F. Apply the SCP to the OUs of the other departments.

Correct Answer: C
You can use the management account of the organization in AWS Billing and Cost Management console to turn off RI sharing for the HR department's production AWS account. This will prevent other departments from sharing the RI discounts and ensure that only the HR department can use the RIs purchased in their production account.

- (Exam Topic 3)
A solutions architect is determining the DNS strategy for an existing VPC. The VPC is provisioned to use the 10.24.34.0/24 CIDR block. The VPC also uses Amazon Route 53 Resolver for DNS. New requirements mandate that DNS queries must use private hosted zones. Additionally, instances that have public IP addresses must receive corresponding public hostnames.
Which solution will meet these requirements to ensure that the domain names are correctly resolved within the VPC?

1. A. Create a private hosted zon
2. B. Activate the enableDnsSupport attribute and the enableDnsHostnames attribute for the VP
3. C. Update the VPC DHCP options set to include domain-name-servers-10.24.34.2.
4. D. Create a private hosted zon
5. E. Associate the private hosted zone with the VP
6. F. Activate the enableDnsSupport attribute and the enableDnsHostnames attribute for the VP
7. G. Create a new VPC DHCP options set, and configure domain-name-servers=AmazonProvidedDN
8. H. Associate the new DHCP options set with the VPC.
9. I. Deactivate the enableDnsSupport attribute for the VP
10. J. Activate the enableDnsHostnames attribute for the VP
11. K. Create a new VPC DHCP options set, and configure domain-name-servers=10.24.34.2. Associate the new DHCP options set with the VPC.
12. L. Create a private hosted zon
13. M. Associate the private hosted zone with the VP
14. N. Activate the enableDnsSupport attribute for the VP
15. O. Deactivate the enableDnsHostnames attribute for the VP
16. P. Update the VPC DHCP options set to include domain-name-servers=AmazonProvidedDNS.

Correct Answer: B
This option allows the solutions architect to use a private hosted zone to host DNS records that are only accessible within the VPC1. By associating the private hosted zone with the VPC, the solutions architect can ensure that DNS queries from the VPC are routed to the private hosted zone2. By activating the enableDnsSupport attribute and the enableDnsHostnames attribute for the VPC, the solutions architect can enable DNS resolution and hostname assignment for instances in the VPC3. By creating a new VPC DHCP options set, and configuring domain-name-servers=AmazonProvidedDNS, the solutions architect can use Amazon-provided DNS servers to resolve DNS queries from instances in the VPC4. By associating the new DHCP options set with the VPC, the solutions architect can apply the DNS settings to all instances in the VPC5.
References:
What is Amazon Route 53 Resolver?
Associating a private hosted zone with your VPC
Using DNS with your VPC
DHCP options sets
Modifying your DHCP options

- (Exam Topic 2)
A global manufacturing company plans to migrate the majority of its applications to AWS. However, the company is concerned about applications that need to remain within a specific country or in the company's central on-premises data center because of data regulatory requirements or requirements for latency of single-digit milliseconds. The company also is concerned about the applications that it hosts in some of its factory sites, where limited network infrastructure exists.
The company wants a consistent developer experience so that its developers can build applications once and deploy on premises, in the cloud, or in a hybrid architecture.
The developers must be able to use the same tools, APIs, and services that are familiar to them. Which solution will provide a consistent hybrid experience to meet these requirements?

1. A. Migrate all applications to the closest AWS Region that is complian
2. B. Set up an AWS Direct Connect connection between the central on-premises data center and AW
3. C. Deploy a Direct Connect gateway.
4. D. Use AWS Snowball Edge Storage Optimized devices for the applications that have data regulatory requirements or requirements for latency of single-digit millisecond
5. E. Retain the devices on premise
6. F. Deploy AWS Wavelength to host the workloads in the factory sites.
7. G. Install AWS Outposts for the applications that have data regulatory requirements or requirements for latency of single-digit millisecond
8. H. Use AWS Snowball Edge Compute Optimized devices to host the workloads in the factory sites.
9. I. Migrate the applications that have data regulatory requirements or requirements for latency ofsingle-digit milliseconds to an AWS Local Zon
10. J. Deploy AWS Wavelength to host the workloads in the factory sites.

Correct Answer: C
Installing AWS Outposts for the applications that have data regulatory requirements or requirements for latency of single-digit milliseconds will provide a fully managed service that extends AWS infrastructure, services, APIs, and tools to customer premises1. AWS Outposts allows customers to run some AWS services locally and connect to a broad range of services available in the local AWS Region1. Using AWS Snowball Edge Compute Optimized devices to host the workloads in the factory sites will provide local compute and storage resources for locations with limited network infrastructure2. AWS Snowball Edge devices can run Amazon EC2 instances and AWS Lambda functions locally and sync data with AWS when network connectivity is available2.