- (Topic 1)
A company needs to store its accounting records in Amazon S3. The records must be immediately accessible for 1 year and then must be archived for an additional 9 years. No one at the company, including administrative users and root users, can be able to delete the records during the entire 10-year period. The records must be stored with maximum resiliency.
Which solution will meet these requirements?

1. A. Store the records in S3 Glacier for the entire 10-year perio
2. B. Use an access control policy to deny deletion of the records for a period of 10 years.
3. C. Store the records by using S3 Intelligent-Tierin
4. D. Use an IAM policy to deny deletion of the record
5. E. After 10 years, change the IAM policy to allow deletion.
6. F. Use an S3 Lifecycle policy to transition the records from S3 Standard to S3 Glacier Deep Archive after 1 yea
7. G. Use S3 Object Lock in compliance mode for a period of 10 years.
8. H. Use an S3 Lifecycle policy to transition the records from S3 Standard to S3 One Zone-Infrequent Access (S3 One Zone-IA) after 1 yea
9. I. Use S3 Object Lock in governance mode for a period of 10 years.

Correct Answer: C
To meet the requirements of immediately accessible records for 1 year and then archived for an additional 9 years with maximum resiliency, we can use S3 Lifecycle policy to transition records from S3 Standard to S3 Glacier Deep Archive after 1 year. And to ensure that the records cannot be deleted by anyone, including administrative and root users, we can use S3 Object Lock in compliance mode for a period of 10 years. Therefore, the correct answer is option C.
Reference: https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock.html

- (Topic 2)
An entertainment company is using Amazon DynamoDB to store media metadata. The application is read intensive and experiencing delays. The company does not have staff to handle additional operational overhead and needs to improve the performance efficiency of DynamoDB without reconfiguring the application.
What should a solutions architect recommend to meet this requirement?

1. A. Use Amazon ElastiCache for Redis.
2. B. Use Amazon DynamoDB Accelerator (DAX).
3. C. Replicate data by using DynamoDB global tables.
4. D. Use Amazon ElastiCache for Memcached with Auto Discovery enabled.

Correct Answer: B
https://aws.amazon.com/dynamodb/dax/

- (Topic 3)
A rapidly growing global ecommerce company is hosting its web application on AWS. The web application includes static content and dynamic content. The website stores online transaction processing (OLTP) data in an Amazon RDS database. The website’s users are experiencing slow page loads.
Which combination of actions should a solutions architect take to resolve this issue? (Select TWO.)

1. A. Configure an Amazon Redshift cluster.
2. B. Set up an Amazon CloudFront distribution
3. C. Host the dynamic web content in Amazon S3
4. D. Create a t wd replica tor the RDS DB instance.
5. E. Configure a Multi-AZ deployment for the RDS DB instance

Correct Answer: BD
To resolve the issue of slow page loads for a rapidly growing e-commerce website hosted on AWS, a solutions architect can take the following two actions:
* 1. Set up an Amazon CloudFront distribution
* 2. Create a read replica for the RDS DB instance
Configuring an Amazon Redshift cluster is not relevant to this issue since Redshift is a data warehousing service and is typically used for the analytical processing of large amounts of data.
Hosting the dynamic web content in Amazon S3 may not necessarily improve performance since S3 is an object storage service, not a web application server. While S3 can be used to host static web content, it may not be suitable for hosting dynamic web content since S3 doesn't support server-side scripting or processing.
Configuring a Multi-AZ deployment for the RDS DB instance will improve high availability but may not necessarily improve performance.

- (Topic 4)
A company has multiple Windows file servers on premises. The company wants to migrate and consolidate its files into an Amazon FSx for Windows File Server file system. File permissions must be preserved to ensure that access rights do not change.
Which solutions will meet these requirements? (Select TWO.)

1. A. Deploy AWS DataSync agents on premise
2. B. Schedule DataSync tasks to transfer the data to the FSx for Windows File Server file system.
3. C. Copy the shares on each file server into Amazon S3 buckets by using the AWS CLI Schedule AWS DataSync tasks to transfer the data to the FSx for Windows File Server file system.
4. D. Remove the drives from each file server Ship the drives to AWS for import into Amazon S3. Schedule AWS DataSync tasks to transfer the data to the FSx for Windows File Server file system
5. E. Order an AWS Snowcone devic
6. F. Connect the device to the on-premises networ
7. G. Launch AWS DataSync agents on the devic
8. H. Schedule DataSync tasks to transfer the data to the FSx for Windows File Server file system,
9. I. Order an AWS Snowball Edge Storage Optimized devic
10. J. Connect the device to the on- premises networ
11. K. Copy data to the device by using the AWS CL
12. L. Ship the device back to AWS for import into Amazon S3. Schedule AWS DataSync tasks to transfer the data to the FSx for Windows File Server file system.

Correct Answer: AD
A This option involves deploying DataSync agents on your on-premises file servers and using DataSync to transfer the data directly to the FSx for Windows File Server. DataSync ensures that file permissions are preserved during the migration process. D This option involves using an AWS Snowcone device, a portable data transfer device. You would connect the Snowcone device to your on-premises network, launch DataSync agents on the device, and schedule DataSync tasks to transfer the data to FSx for Windows File Server. DataSync handles the migration process while preserving file permissions.

- (Topic 4)
A company uses an organization in AWS Organizations to manage AWS accounts that contain applications. The company sets up a dedicated monitoring member account in the organization. The company wants to query and visualize observability data across the accounts by using Amazon CloudWatch.
Which solution will meet these requirements?

1. A. Enable CloudWatch cross-account observability for the monitoring accoun
2. B. Deploy an AWS CloudFormation template provided by the monitoring account in each AWS account to share the data with the monitoring account.
3. C. Set up service control policies (SCPs) to provide access to CloudWatch in the monitoring account under the Organizations root organizational unit (OU).
4. D. Configure a new IAM user in the monitoring accoun
5. E. In each AWS account, configure an 1AM policy to have access to query and visualize the CloudWatch data in the accoun
6. F. Attach the new 1AM policy to the new 1AM user.
7. G. Create a new IAM user in the monitoring accoun
8. H. Create cross-account 1AM policies in each AWS accoun
9. I. Attach the 1AM policies to the new IAM user.

Correct Answer: A
This solution meets the requirements because it allows the monitoring account to query and visualize observability data across the accounts by using CloudWatch. CloudWatch cross-account observability is a feature that enables a central monitoring account to view and interact with observability data shared by other accounts. To enable cross-account observability, the monitoring account needs to configure the types of data to be shared (metrics, logs, and traces) and the source accounts to be linked. The source accounts can be specified by account IDs, organization IDs, or organization paths. To share the data with the monitoring account, the source accounts need to deploy an AWS CloudFormation template provided by the monitoring account. This template creates an observability link resource that represents the link between the source account and the monitoring account. The template also creates a sink resource that represents an attachment point in the monitoring account. The source accounts can share their observability data with the sink in the monitoring account. The monitoring account can then use the CloudWatch console, API, or CLI to search, analyze, and correlate the
observability data across the accounts. References: CloudWatch cross-account observability, Setting up CloudWatch cross-account observability, [Observability Access Manager API Reference]