AWS Certified Solutions Architect Professional - Practice Exam 1
This credential helps certified individuals showcase advanced knowledge and skills in providing complex solutions to complex problems, optimizing security, cost, and performance, and automating manual processes. This certification is a means for organizations to identify and develop talent with these critical skills for implementing cloud initiatives.
PDF Exam Questions
Cheat Sheet
Q1
A solution is required for updating user metadata and will be initiated by a fleet of front-end web servers. The solution must be capable of scaling rapidly from hundreds to tens of thousands of jobs in less than a minute. The solution must be asynchronous and minimize costs.
Which solution should a Solutions Architect use to meet these requirements?
Q2
A company provides a service that allows users in America to upload high-resolution images using their phones. The application is hosted in Amazon EC2 instances in the 'us-west-2' region and uses Amazon S3 in the same region. The company has now expanded to Asia, and users in Asian countries are experiencing significant delays when uploading images.
Which combination of changes can a Solutions Architect make to improve the upload times for the images? (Select TWO.)
Q3
A company recently noticed an increase in costs associated with Amazon EC2 instances and Amazon RDS databases. The company needs to be able to track the costs. The company uses AWS Organizations for all of its accounts. AWS CloudFormation is used to deploy infrastructure, and all resources are tagged.
The management team has requested that cost center numbers and project ID numbers are added to all future EC2 instances and RDS databases.
What is the MOST efficient strategy a Solutions Architect should follow to meet these requirements?
Q4
An online e-commerce business is running an application on AWS. The application consists of three tiers within a single Region. The application tiers use Amazon EC2 instances and are stateless. The data tier consists of a 30TB Amazon Aurora database.
A Solutions Architect is designing a disaster recovery strategy that includes an RTO of 30 minutes and an RPO of 5 minutes for the data tier.
Which combination of steps satisfies the RTO and RPO requirements while optimizing costs? (Select TWO.)
Q5
A company has deployed an application on Amazon EC2 instances behind an internet-facing Application Load Balancer (ALB), which is configured as the origin of an Amazon CloudFront distribution. The company requires that the solution is secured against web-based attacks. An AWS WAF web ACL has been created and associated with the CloudFront distribution. The company must prevent anyone from circumventing the CloudFront distribution and connecting directly to the ALB.
Which solution will meet these requirements with the LEAST operational overhead?
Q6
A Solutions Architect developed a web application that includes an Amazon API Gateway Regional endpoint and an AWS Lambda function that queries an Amazon Aurora MySQL database. The web app users are close to the AWS Region where the application is deployed. The database is configured with three read replicas.
During periods of high demand, the application does not meet performance requirements. Under high load, the application opens many database connections, causing a degradation in the application's performance.
Which actions should the solutions architect take to improve the performance? (Select TWO.)
Q7
A company runs a customer service center that accepts calls and automatically sends all customers a managed, interactive, two-way experience survey by text message. The applications that support the customer service center run on machines that the company hosts in an on-premises data center. The hardware that the company uses is old, and the company is experiencing downtime with the system. The company wants to migrate the system to AWS to improve reliability.
Which solution will meet these requirements with the LEAST ongoing operational overhead?
Q8
A company requires that only the master account in AWS Organizations can purchase Amazon EC2 Reserved Instances. Current and future member accounts should be blocked from purchasing Reserved Instances. Which solution will meet these requirements?
Which solution will meet these requirements?
Q9
An application stores data in multiple Amazon DynamoDB tables. A solutions architect must use a serverless architecture to make the data accessible publicly through a simple and cost-effective API over HTTPS. The solution must scale automatically in response to demand.
Which solutions meet these requirements?
Q10
An eCommerce company runs a web application on AWS. The web application delivers static content from an Amazon S3 bucket that is behind an Amazon CloudFront distribution. Additionally, the application also serves dynamic content by using an Application Load Balancer (ALB) that distributes requests to a fleet of Amazon EC2 instances in Auto Scaling groups. The application uses a domain name setup in Amazon Route 53.
Some users reported occasional issues when accessing the website during peak hours, and the ALB sometimes returned HTTP 503 Service Unavailable errors. The company wants to display a custom error message page when these errors occur, and it should be displayed immediately.
Which solution will meet these requirements with the LEAST operational overhead?
Q11
A marketing company expects a large volume of user sign-ups on a web page that collects user metadata and preferences. The website runs on Amazon EC2 instances and uses an Amazon RDS for PostgreSQL DB instance. The volume of traffic is expected to be high and may be unpredictable, with several spikes in activity. The traffic will result in a large number of database writes.
A Solutions Architect needs to build a solution that does not change the underlying data model and ensures that submissions are not dropped before they are committed to the database. Which solution meets these requirements?
Q12
A company has deployed a new application into an Amazon VPC without Internet access. The company has connected an AWS Direct Connection (DX) private VIF to the VPC, and all communications will be over the DX connection. A new requirement states that all data in transit must be encrypted between users and the VPC.
Which strategy should a Solutions Architect use to maintain consistent network performance while meeting this new requirement?
Q13
A company is migrating an order processing application to the AWS Cloud. The usage patterns vary significantly, but the application must always be available. Orders must be processed immediately and in the order that they are received.
Which actions should a Solutions Architect take to meet these requirements?
Q14
A manufacturing company is building an inspection solution for its factory. The company has IP cameras at the end of each assembly line. The company has used Amazon SageMaker to train a machine learning (ML) model to identify common defects from still images.
The company wants to provide local feedback to factory workers when a defect is detected. The company must be able to provide this feedback even if the factory’s internet connectivity is down. The company has a local Linux server that hosts an API that provides local feedback to the workers.
How should the company deploy the ML model to meet these requirements?
Q15
A company has established a 1 Gbps AWS Direct Connect (DX) connection to a single VPC in an AWS Region. A single private VIF has been created for the existing DX connection. The company needs to connect to an additional VPC in a second Region to provide more redundancy for the existing DX connection. Which solution meets these requirements?
Q16
A digital company manages a fleet of Amazon EC2 instances running in public and private subnets. The instances are connected to the Internet, and there is no connection to the corporate network.
To establish a connection with the instances, the security team has created a security group that allows the company to use the Windows remote desktop protocol (RDP) over the Internet.
After some time, the security team noticed malicious attempts to access the resources from unknown sources. The company wants to implement a more secure solution to access the EC2 instances.
Which strategy should a Solutions Architect recommend?
Q17
A company is deploying a web service that will provide read and write access to structured data. The company expects there to be variable usage patterns with some short but significant spikes. The service must dynamically scale and be fault-tolerant across multiple AWS Regions.
Which actions should a Solutions Architect take to meet these requirements?
Q18
A TV company wants to move to the AWS Cloud. As part of this digital transformation, the company wants to archive about 9.5 PB of data in its on-premises data center for durable long-term storage.
As a Solutions Architect Professional, which of the following solutions would you recommend to migrate and store this data in the quickest and MOST cost-optimal way?
Q19
A company runs applications on Microsoft Windows servers in an on-premises data center. The servers access a file system shared from one of the Windows servers. The company produces 7 GB of new data daily. The company is migrating to the cloud and requires the data to be accessible on a file system in the AWS cloud. The company has already established an AWS Direct Connect connection between its on-premises network and AWS.
Which data migration strategy should the company use?
Q20
A company composed of thousands of AWS accounts uses AWS Organizations to manage them. In order to build a new application, the company pushes Docker images to Amazon Elastic Container Registry (Amazon ECR). The company requires only accounts within the organization to have access to the images.
Additionally, the company frequently runs a CI/CD process and wants to retain all the tagged images but only the seven most recent untagged images.
Which solution will meet these requirements with the LEAST operational overhead?
Q21
A company uses AWS Lambda to extract metadata from a large collection of files stored in Amazon S3 according to various processing rules for different categories. The output is then stored in Amazon RDS. The extraction process is performed whenever customer requests are submitted and can take up to 45 minutes to complete.
To reduce the time it takes to extract the metadata, a Solutions Architect has split the single Lambda function into a Lambda function for each category.
Which additional steps should the Solutions Architect take to meet the requirements?
Q22
A company uses AWS Organizations. The company recently acquired a new business unit and invited the new unit's existing AWS account to the organization. The organization uses a deny list SCP in its root, and all accounts are members of a single OU named Operational.
The new business unit's administrators discovered they could not access Amazon S3 to add compliance files to a bucket.
Which option will temporarily allow administrators to access Amazon S3 and complete this task?
Q23
A company has created an OU in AWS Organizations for each of its teams. Each OU has hundreds of AWS accounts. The CEO of the company requires a solution so that each OU can view a breakdown of usage costs across its AWS accounts.
Which solution should a Solutions Architect implement to meet these requirements?
Q24
A company is designing an application that requires cross-region disaster recovery with an RTO of less than 5 minutes and an RPO of less than 1 minute. The application-tier DR solution has already been designed, and a Solutions Architect must design the data recovery solution for the MySQL database tier.
How should the database tier be configured to meet the data recovery requirements?
Q25
A company is updating its operating system patching processes. Currently, the company uses a variety of tools to patch on-premises servers and Amazon EC2 instances. A Solutions Architect is asking to use a single tool for all servers and instances to deploy patches and report patch status.
Which set of actions should the solutions architect take to meet these requirements?
Q26
An application collects usage statistics data from sensors every 3 minutes. The data is sent to Amazon API Gateway, processed by an AWS Lambda function, and stored in an Amazon DynamoDB table.
After adding more sensors and more metrics for collection, the Lambda function execution time has increased from a few seconds to over three minutes. The Lambda is also generating too many TooManyRequestsException errors.
Which combination of changes will resolve these issues? (Select TWO.)
Q27
A company requires the storage of documents that will be accessed by a business-critical application. The documents will be accessed frequently for the first 5 months and rarely after that. They must be retained for 10 years.
What is the MOST cost-effective solution to meet these requirements?
Q28
A company is currently optimizing an I/O-intensive workload with frequent read/write/update operations. This workload consists of a single-tier with 15 r6g.large instances, each with a 3 TB gp2 volume. The number of processing jobs has increased recently, resulting in an increase in latency as well. The team has concluded that they need to increase the IOPS by 3,000 for each of the instances for the application to perform efficiently.
Which solution would you recommend to achieve the performance goal in the MOST cost-efficient manner?
Q29
A company is migrating its on-premises data center to AWS. The data center was set up a decade ago, and the documentation of these systems is outdated. The data center consists of a combination of Windows and Linux virtual machines.
As a Solutions Architect, how do you plan to gather the necessary data from existing machines to migrate the existing machines to the cloud?
Q30
A company requires multi-Region availability for an application that runs on Amazon EC2 instances with an Amazon RDS for MySQL database. The solution must offer high availability.
Which solution should a Solutions Architect recommend?
Q31
A company runs multiple gaming platforms that need to store game state, player data, session history, and leaderboards. The company is looking to move to AWS Cloud to fulfill the following requirements:
- Scale reliably to millions of concurrent users and requests
- Ensure consistently low latency measured in single-digit milliseconds.
- Provide high availability, low latency, and real-time processing to deliver customizable user data for the community of its users
The engineering team at the company is evaluating multiple in-memory data stores with the ability to power its on-demand, live leaderboard.
Which of the following solutions would you recommend? (Select two)
Q32
A company wants to migrate its on-premises data center to AWS. The data center includes hundreds of applications across several data centers and office locations. The applications contain Windows and Linux operating systems, Java and PHP applications, physical installations, virtualized servers, and MySQL and Oracle databases. There is no central configuration management database (CMDB). Besides, the existing documentation is incomplete and outdated. A Solutions Architect needs to understand the current environment and estimate the cloud resource costs after the migration.
Which tools or services should the Solutions Architect use to plan the cloud migration (Select THREE.)
Q33
A Solutions Architect must migrate its on-premises data processing application to the AWS Cloud. Currently, users upload input files through a web portal, which stores them on an NFS-based storage system. They then message the processing server over a message queue, which can take up to 45 minutes to complete. Processing times vary significantly and can be much higher during business hours.
What is the MOST cost-effective migration recommendation?
Q34
A company runs 150 Proof-of-Concept (PoC) applications on virtual machines in an on-premises data center. Most of the applications are simple PHP, Java, or Ruby web applications that are no longer actively developed and serve little traffic.
Which approach should be used to migrate these applications to AWS with the LOWEST infrastructure costs and least development effort?
Q35
A company has a web application that uses Amazon API Gateway, AWS Lambda, and Amazon DynamoDB. An increase in demand has resulted in many requests having significantly longer response times than before.
A Solutions Architect enabled Amazon CloudWatch Logs for API Gateway and noticed that errors occur on 20% of the requests. In CloudWatch, the Lambda function Throttles metric represents 1% of the requests, and the Errors metric represents 10% of the requests. Application logs indicate that when errors occur, there is a call to DynamoDB.
What change should the solutions architect make to improve the current response times as the web application becomes more popular?
Q36
A new AWS Lambda is triggered when an object creation event occurs in the main S3 bucket. The Lambda function is used to replicate objects to several other S3 buckets in various AWS accounts. A Solutions Architect is concerned that the function may impact other critical functions due to Lambda's regional concurrency limit.
How can the solutions architect ensure the new Lambda function will not impact other critical Lambda functions?
Q37
A company uses multiple AWS accounts for development, staging, and production environments. Some new requirements have been issued to control costs better and enhance governance across these accounts. The company needs to track costs for each project and environment. Commonly deployed IT services must be centrally managed, and business units should be restricted from deploying pre-approved IT services.
Which two actions should the company take to meet these requirements? (Select TWO.)
Q38
A marketing company's website uses Amazon RDS for MySQL DB instance with General-Purpose SSD storage.
The database ran smoothly for several weeks until a new campaign was launched, and customers experienced slow performance and timeouts. Amazon CloudWatch metrics indicate that reads and writes to the DB instance were experiencing long response times. Metrics show CPU utilization is between 45% and 50%, with plenty of available memory and sufficient free storage space. The application server logs show no evidence of database connectivity issues.
What could be the root cause of database performance issues with the new campaign?
Q39
A company offers an API to the customers leveraging Amazon API Gateway and Lambda functions. The company also has a legacy API hosted on a single standalone Amazon EC2 instance that is used internally.
The security team wants to build a solution to secure both APIs from vulnerabilities, DDoS attacks, and malicious exploits.
Which of the following options would you use to address the company's security requirements?
Q40
A company hosts its AWS CloudFormation templates for infrastructure in its private GitHub repository. The company has encountered several issues with template updates, causing errors when executing the updates or creating the environment.
A Solutions Architect must resolve these issues and implement automated testing of the CloudFormation template updates.
What should the Solution Architect do to meet these requirements?
Q41
A company has multiple AWS accounts and manages these accounts using AWS Organizations. A developer is attempting to access an Amazon S3 bucket in a member account of this organization. However, the developer received an access denied error when accessing the S3 buckets from the console. The developer should have read-only access to all Amazon S3 buckets in the account.
The developer's IAM user has read-only access to all S3 buckets in the account.
A Solutions Architect has reviewed the permissions and found that the developer's IAM user has been granted read-only access to all S3 buckets in the account. Which additional steps should the Solutions Architect take to troubleshoot the issue? (Select TWO.)
Q42
A company has a VPC with two domain controllers running Active Directory in the default configuration. The VPC DHCP options set has been configured to assign the IP addresses of the Domain Controllers as DNS servers. A VPC interface endpoint has been created, but EC2 instances within the VPC are unable to resolve the private endpoint addresses.
Which strategies could a Solutions Architect use to resolve the issue? (Select TWO.)
Q43
A global enterprise company uses AWS Control Tower to create a multi-account structure on AWS. The company also uses AWS Organizations, AWS Config, and AWS Trusted Advisor. The company has a specific OU for development accounts and thousands of developers, each with an individual development account. The company has the following requirements:
- The company wants to optimize costs in these development accounts.
- Amazon EC2 instances and Amazon RDS instances must be burstable.
- The company wants to disallow the use of other services that are not relevant.
What should a Solutions Architect recommend to meet these requirements?
Q44
A company has implemented a SAML 2.0 federated identity solution with its on-premises identity provider (IdP) to authenticate users' access to AWS.
A Solutions Architect executed authentication tests through the federated identity web portal, and access to the AWS environment was granted. However, when users attempt to authenticate through the federated identity web portal, they cannot access the AWS environment.
Which items should the solutions architect check to ensure identity federation is properly configured? (Select THREE.)
Q45
A company that uses Amazon RedShift wants to improve cost awareness. Several teams deploy and manage their own RedShift clusters. The management team has set budgets and needs to send a notification to a distribution list for managers once the budgetary threshold is reached. Teams should be able to view their RedShift cluster's expenses to date.
A Solutions Architect needs to create a solution that ensures the policy is proactively and centrally enforced in a multi-account environment.
Which combination of steps should the solutions architect take to meet these requirements? (Select TWO.)
Q46
A company includes several business units, each using a separate AWS account and a parent company AWS account. The company requires a single AWS bill across all AWS accounts, with costs broken out for each business unit. The company also requires that services and features be restricted in the business unit accounts, which must be governed centrally.
Which combination of steps should a Solutions Architect take to meet these requirements? (Select TWO.)
Q47
An application with three tiers, the web tier, application tier, and NoSQL data tier, requires high availability within and across AWS Regions. A Solutions Architect must design a solution that supports failover to a secondary Region within 1 minute and minimize the impact on the user experience.
Which combination of steps will meet these requirements? (Select THREE.)
Q48
A tech company runs a custom Python web application on-premises and plans to migrate it to AWS. The application uses a MySQL database, and servers maintain users' sessions locally.
Which combination of architecture changes will be required to create a highly available solution on AWS? (Select THREE.)
Q49
A company has created a service that they would like an AWS partner to access. The service runs in the company's AWS account, and the AWS partner has a separate AWS account. The company would like to enable the customer to establish least privilege security access using an API or command line tool to the customer account.
What is the MOST secure way to enable the AWS partner to access the service?
Q50
A company plans to build a gaming application in the AWS Cloud that will be used by Internet-based users. The application will run on a single instance, and users will connect over the UDP protocol. The company has requested that the service is implemented with a high level of security. A Solutions Architect has been asked to design a solution for the application on AWS.
Which combination of steps should the Solutions Architect take to meet these requirements? (Select THREE.)
Q51
An AWS ECS Fargate task runs in a private subnet and does not have direct connectivity to the internet. When the Fargate task is launched, the task fails with the following error:
CannotPullContainerError: API error (500): Get https://111122223333.dkr.ecr.us-east-1.amazonaws.com/v2/: net/http: request canceled while waiting for connectionWhat should the Solutions Architect do to correct the error?
Q52
A Solution Architect used the AWS Application Discovery Service to gather information about some on-premises database servers. The tool discovered an Oracle data warehouse and several MySQL databases. The company plans to migrate to AWS, and the Solutions Architect must determine the best migration pattern for each database.
Which combination of migration patterns will reduce licensing costs and operational overhead? (Select TWO.)
Q53
A company has several accounts in an AWS Organization. The company has defined a fixed budget for each account. The company also wants to ensure that developers are not launching expensive services or running services unnecessarily.
Which combination of steps will meet these requirements? (Select THREE.)
Q54
A Solutions Architect at a marketing company has configured a private hosted zone using Amazon Route 53. The architect needs to configure health checks for record sets within the private hosted zone associated with Amazon EC2 instances.
How can the architect meet the requirements?
Q55
A company's infrastructure contains hundreds of Amazon VPCs within an AWS Region. The company must implement a highly available and horizontally scalable solution with centralized and controlled egress-only internet access.
Which network design pattern will meet the previous requirements?
Q56
A Solutions Architect has deployed an application on Amazon EC2 instances in a private subnet behind a Network Load Balancer (NLB) in a public subnet. Customers have attempted to connect from their office location and are unable to access the application. The targets were registered by instance-id and are all healthy in the associated target group.
What steps should the Solutions Architect take to resolve the issue and enable customer access?
Q57
A retail company has deployed an application used by thousands of customers. The application runs on Amazon ECS tasks behind an Application Load Balancer (ALB), and data is stored in an Amazon DynamoDB table. The application recently experienced attacks that caused slowdowns and outages. The company must prevent attacks and ensure business continuity with minimal service interruptions.
Which combination of steps will meet these requirements MOST cost-effectively? (Select TWO.)
Q58
A financial services company receives a regular data feed from a credit card service provider consisting of approximately 3000 records sent in plaintext every 12 minutes over HTTPS directly into an Amazon S3 bucket with server-side encryption.
The data includes credit card data that must be automatically masked before being sent to another S3 bucket for additional internal processing. Specific fields must also be removed and merged, and the record must be transformed into JSON format.
Which solutions will meet these requirements?
Q59
A Solutions Architect needs to copy data from an Amazon S3 bucket in one AWS account (source account) to a new S3 bucket in a different AWS account (destination account). The solutions architect must implement a solution that uses the AWS CLI.
Which combination of steps will allow the Solutions Architect to successfully copy the data? (Choose three.)
Q60
A company plans to build a high-performance computing (HPC) solution in the AWS Cloud. The solution will include a 10-node cluster running Linux. High-speed and low-latency inter-instance connectivity are required.
Which combination of steps will meet these requirements? (Choose TWO.)