- (Exam Topic 2)
A company has a new security policy. The policy requires the company to log any event that retrieves data from Amazon S3 buckets. The company must save these audit logs in a dedicated S3 bucket. The company created the audit logs S3 bucket in an AWS account that is designated for centralized logging. The S3 bucket has a bucket policy that allows write-only cross-account access A solutions architect must ensure that all S3 object-level access is being logged for current S3 buckets and future S3 buckets. Which solution will meet these requirements?

1. A. Enable server access logging for all current S3 bucket
2. B. Use the audit logs S3 bucket as a destination foraudit logs
3. C. Enable replication between all current S3 buckets and the audit logs S3 bucket Enable S3 Versioning in the audit logs S3 bucket
4. D. Configure S3 Event Notifications for all current S3 buckets to invoke an AWS Lambda function every time objects are accessed . Store Lambda logs in the audit logs S3 bucket.
5. E. Enable AWS CloudTrai
6. F. and use the audit logs S3 bucket to store logs Enable data event logging for S3 event sources, current S3 buckets, and future S3 buckets.

Correct Answer: D

- (Exam Topic 2)
A solutions architect needs to provide AWS Cost and Usage Report data from a company's AWS Organizations management account The company already has an Amazon S3 bucket to store the reports The reports must be automatically ingested into a database that can be visualized with other toots.
Which combination of steps should the solutions architect take to meet these requirements? (Select THREE )

1. A. Create an Amazon EventBridge (Amazon CloudWatch Events) rule that a new object creation in the S3 bucket will trigger
2. B. Create an AWS Cost and Usage Report configuration to deliver the data into the S3 bucket
3. C. Configure an AWS Glue crawler that a new object creation in the S3 bucket will trigger.
4. D. Create an AWS Lambda function that a new object creation in the S3 bucket will trigger
5. E. Create an AWS Glue crawler that me AWS Lambda function will trigger to crawl objects in me S3 bucket
6. F. Create an AWS Glue crawler that the Amazon EventBridge (Amazon CloudWatCh Events) rule will trigger to crawl objects m the S3 bucket

Correct Answer: BDF

- (Exam Topic 1)
A company wants to change its internal cloud billing strategy for each of its business units. Currently, the cloud governance team shares reports for overall cloud spending with the head of each business unit. The company uses AWS Organizations lo manage the separate AWS accounts for each business unit. The existing tagging standard in Organizations includes the application, environment, and owner. The cloud governance team wants a centralized solution so each business unit receives monthly reports on its cloud spending. The solution should also send notifications for any cloud spending that exceeds a set threshold.
Which solution is the MOST cost-effective way to meet these requirements?

1. A. Configure AWS Budgets in each account and configure budget alerts that are grouped by application, environment, and owne
2. B. Add each business unit to an Amazon SNS topic for each aler
3. C. Use Cost Explorer in each account to create monthly reports for each business unit.
4. D. Configure AWS Budgets in the organization's master account and configure budget alerts that are grouped by application, environment, and owne
5. E. Add each business unit to an Amazon SNS topic for each aler
6. F. Use Cost Explorer in the organization's master account to create monthly reports for each business unit.
7. G. Configure AWS Budgets in each account and configure budget alerts lhat are grouped by application, environment, and owne
8. H. Add each business unit to an Amazon SNS topic for each aler
9. I. Use the AWS Billing and Cost Management dashboard in each account to create monthly reports for each business unit.
10. J. Enable AWS Cost and Usage Reports in the organization's master account and configure reports grouped by application, environment, and owne
11. K. Create an AWS Lambda function that processes AWS Cost and Usage Reports, sends budget alerts, and sends monthly reports to each business unit's email list.

Correct Answer: B
Configure AWS Budgets in the organization€™s master account and configure budget alerts that are grouped by application, environment, and owner. Add each business unit to an Amazon SNS topic for each alert. Use Cost Explorer in the organization€™s master account to create monthly reports for each business unit.
https://aws.amazon.com/about-aws/whats-new/2019/07/introducing-aws-budgets-reports/#:~:text=AWS%20Bud

- (Exam Topic 1)
A company needs to architect a hybrid DNS solution. This solution will use an Amazon Route 53 private hosted zone for the domain cloud.example.com for the resources stored within VPCs.
The company has the following DNS resolution requirements:
• On-premises systems should be able to resolve and connect to cloud.example.com.
• All VPCs should be able to resolve cloud.example.com.
There is already an AWS Direct Connect connection between the on-premises corporate network and AWS Transit Gateway. Which architecture should the company use to meet these requirements with the HIGHEST performance?

1. A. Associate the private hosted zone to all the VPC
2. B. Create a Route 53 inbound resolver in the shared services VP
3. C. Attach all VPCs to the transit gateway and create forwarding rules in the on-premises DNS server for cloud.example.com that point to the inbound resolver.
4. D. Associate the private hosted zone to all the VPC
5. E. Deploy an Amazon EC2 conditional forwarder in the shared services VP
6. F. Attach all VPCs to the transit gateway and create forwarding rules in theon-premises DNS server for cloud.example.com that point to the conditional forwarder.
7. G. Associate the private hosted zone to the shared services VP
8. H. Create a Route 53 outbound resolver in the shared services VP
9. I. Attach all VPCs to the transit gateway and create forwarding rules in theon-premises DNS server for cloud.example.com that point to the outbound resolver.
10. J. Associate the private hosted zone to the shared services VP
11. K. Create a Route 53 inbound resolver in the shared services VP
12. L. Attach the shared services VPC to the transit gateway and create forwarding rules in the on-premises DNS server for cloud.example.com that point to the inbound resolver.

Correct Answer: D
https://aws.amazon.com/blogs/networking-and-content-delivery/centralized-dns-management-of-hybrid-cloud-w

- (Exam Topic 2)
A gaming company created a game leaderboard by using a Multi-AZ deployment of an Amazon RDS database. The number of users is growing, and the queries to get individual player rankings are getting slower over time. The company expects a surge in users for an upcoming version and wants to optimize the design for scalability and performance.
Which solution will meet these requirements?

1. A. Migrate the database to Amazon DynamoD
2. B. Store the leader different table
3. C. Use Apache HiveQL JOIN statements to build the leaderboard
4. D. Keep the leaderboard data in the RDS DB instanc
5. E. Provision a Multi-AZ deployment of an Amazon ElastiCache for Redis cluster.
6. F. Stream the leaderboard data by using Amazon Kinesis Data Firehose with an Amazon S3 bucket as the destinatio
7. G. Query the S3 bucket by using Amazon Athena for the leaderboard.
8. H. Add a read-only replica to the RDS DB instanc
9. I. Add an RDS Proxy database proxy.

Correct Answer: C