- (Exam Topic 1)
A company runs a new application as a static website in Amazon S3. The company has deployed the application to a production AWS account and uses Amazon CloudFront to deliver the website. The website calls an Amazon API Gateway REST API. An AWS Lambda function backs each API method.
The company wants to create a CSV report every 2 weeks to show each API Lambda function’s recommended configured memory, recommended cost, and the price difference between current configurations and the recommendations. The company will store the reports in an S3 bucket.
Which solution will meet these requirements with the LEAST development time?

1. A. Create a Lambda function that extracts metrics data for each API Lambda function from Amazon CloudWatch Logs for the 2-week penod_ Collate the data into tabular forma
2. B. Store the data as a_csvfile in an S3 bucke
3. C. Create an Amazon Eventaridge rule to schedule the Lambda function to run every 2 weeks.
4. D. Opt in to AWS Compute Optimize
5. E. Create a Lambda function that calls the ExportLambdaFunctionRecommendatlons operatio
6. F. Export the _csv file to an S3 bucke
7. G. Create an Amazon Eventaridge rule to schedule the Lambda function to run every 2 weeks.
8. H. Opt in to AWS Compute Optimize
9. I. Set up enhanced infrastructure metric
10. J. Within the Compute Optimizer console, schedule a job to export the Lambda recommendations to a _csvfile_ Store the file in an S3 bucket every 2 weeks.
11. K. Purchase the AWS Business Support plan for the production accoun
12. L. Opt in to AWS Compute Optimizer for AWS Trusted Advisor check
13. M. In the Trusted Advisor console, schedule a job to export the cost optimization checks to a _csvfile_ Store the file in an S3 bucket every 2 weeks.

Correct Answer: B
https://docs.aws.amazon.com/compute-optimizer/latest/APIReference/API_ExportLambdaFunctionRecommend

- (Exam Topic 3)
A company is running an application on premises. The application uses a set of web servers that host a static React-based single-page application (SPA), a Node.js API, and a MYSQL database server. The database is read intensive. The company will need to expand the database's storage at an unpredictable rate.
The company must migrate the application to AWS. The company also must modernize the architecture to reduce infrastructure management and increase scalability.
Which solution will meet these requirements with the LEAST operational overhead?

1. A. Use AWS Database Migration Service (AWS DMS) to migrate the database to Amazon RDS for MySQ
2. B. Use AWS Application Migration Service to migrate the web application to a fleet of Amazon EC2 instances behind an Elastic Load Balancing (ELB) load balance
3. C. Use a Spot Fleet with a request type of request to host the API.
4. D. Use AWS Database Migration Service (AWS DMS) to migrate the database to Amazon Aurora MySQ
5. E. Copy the web files to an Amazon S3 bucket and set up web hostin
6. F. Copy the API code to AWS Lambda function
7. G. Configure Amazon API Gateway to point to the Lambda functions.
8. H. Use AWS Database Migration Service (AWS DMS) to migrate the database to a MySQL database that runs on Amazon EC2 instance
9. I. Use AWS DataSync to migrate the web files and API files to an Amazon FSx for Windows File Server file syste
10. J. Set up a fleet of EC2 instances in an Auto Scaling group as web server
11. K. Mount the FSx for Windows File Server file system.
12. L. Use AWS Application Migration Service to migrate the database to Amazon EC2 instance
13. M. Copy the web files to containers that run on Amazon Elastic Kubernetes Service (Amazon EKS). Set up an Elastic Load Balancing (ELB) load balancer for the EC2 instances and EKS container
14. N. Copy the API code to AWS Lambda function
15. O. Configure Amazon API Gateway to point to the Lambda functions.

Correct Answer: B

- (Exam Topic 1)
A company is running applications on AWS in a multi-account environment. The company's sales team and marketing team use separate AWS accounts in AWS Organizations.
The sales team stores petabytes of data in an Amazon S3 bucket. The marketing team uses Amazon QuickSight for data visualizations. The marketing team needs access to data that the sates team stores in the S3 bucket. The company has encrypted the S3 bucket with an AWS Key Management Service (AWS KMS) key. The marketing team has already created the IAM service role for QuickSight to provide QuickSight access in the marketing AWS account. The company needs a solution that will provide secure access to the data in the S3 bucket across AWS accounts.
Which solution will meet these requirements with the LEAST operational overhead?

1. A. Create a new S3 bucket in the marketing accoun
2. B. Create an S3 replication rule in the sales account to copy the objects to the new S3 bucket in the marketing accoun
3. C. Update the QuickSight permissions in the marketing account to grant access to the new S3 bucket.
4. D. Create an SCP to grant access to the S3 bucket to the marketing accoun
5. E. Use AWS Resource Access Manager (AWS RAM) to share the KMS key from the sates account with the marketing accoun
6. F. Update the QuickSight permissions in the marketing account to grant access to the S3 bucket.
7. G. Update the S3 bucket policy in the marketing account to grant access to the QuickSight rol
8. H. Create a KMS grant for the encryption key that is used in the S3 bucke
9. I. Grant decrypt access to the QuickSight rol
10. J. Update the QuickSight permissions in the marketing account to grant access to the S3 bucket.
11. K. Create an IAM role in the sales account and grant access to the S3 bucke
12. L. From the marketing account, assume the IAM role in the sales account to access the S3 bucke
13. M. Update the QuickSight rote, to create a trust relationship with the new IAM role in the sales account.

Correct Answer: D
Create an IAM role in the sales account and grant access to the S3 bucket. From the marketing account, assume the IAM role in the sales account to access the S3 bucket. Update the QuickSight role, to create a trust relationship with the new IAM role in the sales account.
This approach is the most secure way to grant cross-account access to the data in the S3 bucket while minimizing operational overhead. By creating an IAM role in the sales account, the marketing team can assume the role in their own account, and have access to the S3 bucket. And updating the QuickSight role, to create a trust relationship with the new IAM role in the sales account will grant the marketing team to access the data in the S3 bucket and use it for data visualization using QuickSight.
AWS Resource Access Manager (AWS RAM) also allows sharing of resources between accounts, but it would require additional management and configuration to set up the sharing, which would increase operational overhead.
Using S3 replication would also replicate the data to the marketing account, but it would not provide the marketing team access to the original data, and also it would increase operational overhead with managing the replication process.
IAM roles and policies, KMS grants and trust relationships are a powerful combination for managing
cross-account access in a secure and efficient manner. References:
AWS IAM Roles
AWS KMS - Key Grants
AWS RAM

- (Exam Topic 2)
A company is running a compute workload by using Amazon EC2 Spot Instances that are in an Auto Scaling group. The launch template uses two placement groups and a single instance type.
Recently, a monitoring system reported Auto Scaling instance launch failures that correlated with longer wait times for system users. The company needs to improve the overall reliability of the workload.
Which solution will meet this requirement?

1. A. Replace the launch template with a launch configuration to use an Auto Scaling group that uses attribute-based instance type selection.
2. B. Create a new launch template version that uses attribute-based instance type selectio
3. C. Configure the Auto Scaling group to use the new launch template version.
4. D. Update the launch template Auto Scaling group to increase the number of placement groups.
5. E. Update the launch template to use a larger instance type.

Correct Answer: B
https://docs.aws.amazon.com/autoscaling/ec2/userguide/create-asg-instance-type-requirements.html#use-attribut

- (Exam Topic 1)
A company wants to change its internal cloud billing strategy for each of its business units. Currently, the cloud governance team shares reports for overall cloud spending with the head of each business unit. The company uses AWS Organizations lo manage the separate AWS accounts for each business unit. The existing tagging standard in Organizations includes the application, environment, and owner. The cloud governance team wants a centralized solution so each business unit receives monthly reports on its cloud spending. The solution should also send notifications for any cloud spending that exceeds a set threshold.
Which solution is the MOST cost-effective way to meet these requirements?

1. A. Configure AWS Budgets in each account and configure budget alerts that are grouped by application, environment, and owne
2. B. Add each business unit to an Amazon SNS topic for each aler
3. C. Use Cost Explorer in each account to create monthly reports for each business unit.
4. D. Configure AWS Budgets in the organization's master account and configure budget alerts that are grouped by application, environment, and owne
5. E. Add each business unit to an Amazon SNS topic for each aler
6. F. Use Cost Explorer in the organization's master account to create monthly reports for each business unit.
7. G. Configure AWS Budgets in each account and configure budget alerts lhat are grouped by application, environment, and owne
8. H. Add each business unit to an Amazon SNS topic for each aler
9. I. Use the AWS Billing and Cost Management dashboard in each account to create monthly reports for each businessunit.
10. J. Enable AWS Cost and Usage Reports in the organization's master account and configure reports grouped by application, environment, and owne
11. K. Create an AWS Lambda function that processes AWS Cost and Usage Reports, sends budget alerts, and sends monthly reports to each business unit's email list.

Correct Answer: B
Configure AWS Budgets in the organization€™s master account and configure budget alerts that are grouped by application, environment, and owner. Add each business unit to an Amazon SNS topic for each alert. Use Cost Explorer in the organization€™s master account to create monthly reports for each business unit.
https://aws.amazon.com/about-aws/whats-new/2019/07/introducing-aws-budgets-reports/#:~:text=AWS%20Bud