- (Exam Topic 1)
A company is serving files to Its customers through an SFTP server that is accessible over the internet The SFTP server is running on a single Amazon EC2 instance with an Elastic IP address attached Customers connect to the SFTP server through its Elastic IP address and use SSH (or authentication. The EC2 instance also has an attached security group that allows access from all customer IP addresses.
A solutions architect must implement a solution to improve availability, minimize the complexity of infrastructure management, and minimize the disruption to customers who access files The solution must not change the way customers connect.
Which solution will meet these requirements?

1. A. Disassociate the Elastic IP address from the EC2 instanc
2. B. Create an Amazon S3 bucket to be used for SFTP file hostin
3. C. Create an AWS Transfer Family server Configure the Transfer Family server with a publicly accessible endpoint Associate the SFTP Elastic IP address with the new endpoint Point the Transfer Family server to the S3 bucke
4. D. Sync all files from the SFTP server to the S3 bucket.
5. E. Disassociate the Elastic IP address from the EC2 instanc
6. F. Create an Amazon S3 bucket to be used for SFTP file hostin
7. G. Create an AWS Transfer Family serve
8. H. Configure the Transfer Family server with aVPC-hoste
9. I. internet-facing endpoin
10. J. Associate the SFTP Elastic IP address with the new endpoin
11. K. Attach the security group with customer IP addresses to the new endpoin
12. L. Point the Transfer Family server to the S3 bucket Sync all files from the SFTP server to the S3 bucket.
13. M. Disassociate the Elastic IP address from the EC2 instanc
14. N. Create a new Amazon Elastic File System{Amazon EFS) file system to be used for SFTP file hostin
15. O. Create an AWS Fargate task definition to run an SFTP serve
16. P. Specify the EFS file system as a mount in the task definitio
17. Q. Create a Fargate service by using the task definition, and place a Network Load Balancer (NLB) in front of the service When configuring the service, attach the security group with customer IP addresses to the tasks that run the SFTP serve
18. R. Associate the Elastic IP address with the NL
19. S. Sync all files from the SFTP server to the S3 bucket.
20. T. Disassociate the Elastic IP address from the EC2 instanc
21. . Create a multi-attach Amazon Elastic Block Store (Amazon EBS) volume to be used for SFTP file hostin
22. . Create a Network Load Balancer (NLB) with the Elastic IP address attache
23. . Create an Auto Scaling group with EC2 instances that run an SFTP server Define in the Auto Scaling group that instances that are launched should attach the newmulti-attach EBS volume Configure the Auto Scaling group to automatically add instances behind the NLB Configure the Auto Scaling group to use the security group that allows customer IP addresses for the EC2 instances that the Auto Scaling group launche
24. . Sync all files from the SFTP server to the new multi-attach EBS volume.

Correct Answer: B
https://docs.aws.amazon.com/transfer/latest/userguide/create-server-in-vpc.html https://aws.amazon.com/premiumsupport/knowledge-center/aws-sftp-endpoint-type/

- (Exam Topic 2)
A company is running a critical application that uses an Amazon RDS for MySQL database to store data. The RDS DB instance is deployed in Multi-AZ mode.
A recent RDS database failover test caused a 40-second outage to the application A solutions architect needs to design a solution to reduce the outage time to less than 20 seconds.
Which combination of steps should the solutions architect take to meet these requirements? (Select THREE.)

1. A. Use Amazon ElastiCache for Memcached in front of the database
2. B. Use Amazon ElastiCache for Redis in front of the database.
3. C. Use RDS Proxy in front of the database
4. D. Migrate the database to Amazon Aurora MySQL
5. E. Create an Amazon Aurora Replica
6. F. Create an RDS for MySQL read replica

Correct Answer: ABF

- (Exam Topic 2)
A company wants to use Amazon S3 to back up its on-premises file storage solution. The company s
on-premises file storage solution supports NFS and the company wants its new solution to support NFS The company wants to archive the backup Files after 5 days If the company needs archived files for disaster recovery, the company is willing to wait a few days for the retrieval of those Files.
Which solution meets these requirements MOST cost-effectively?

1. A. Deploy an AWS Storage Gateway file gateway that is associated with an S3 bucket Move the files from the on-premises file storage solution to the file gateway Create an S3 Lifecycle rule to move the files to S3 Standard-Infrequent Access (S3 Standard-IA) after 5 days
2. B. Deploy an AWS Storage Gateway volume gateway that is associated with an S3 bucket Move the files from the on-premises file storage solution to the volume gateway Create an S3 Lifecycle rule to move the files to S3 Glacier Deep Archive after 5 days
3. C. Deploy an AWS Storage Gateway tape gateway that is associated with an S3 bucket Move the files from the on-premises file storage solution to the tape gateway Create an S3 Lifecycle rule to move the files to S3 Standard-Infrequent Access (S3 Standard-IA) after 5 days
4. D. Deploy an AWS Storage Gateway file gateway that is associated with an S3 bucket Move the files from the on-premises file storage solution to the file gateway Create an S3 Lifecycle rule to move the files to S3 Glacier Deep Archive after 5 days

Correct Answer: D

- (Exam Topic 1)
A company has a new application that needs to run on five Amazon EC2 instances in a single AWS Region. The application requires high-throughput, low-latency network connections between all of the EC2 instances where the application will run. There is no requirement for the application to be fault tolerant.
Which solution will meet these requirements?

1. A. Launch five new EC2 instances into a cluster placement grou
2. B. Ensure that the EC2 instance type supports enhanced networking.
3. C. Launch five new EC2 instances into an Auto Scaling group in the same Availability Zon
4. D. Attach an extra elastic network interface to each EC2 instance.
5. E. Launch five new EC2 instances into a partition placement grou
6. F. Ensure that the EC2 instance type supports enhanced networking.
7. G. Launch five new EC2 instances into a spread placement grou
8. H. Attach an extra elastic network interface to each EC2 instance.

Correct Answer: A
When you launch EC2 instances in a cluster they benefit from performance and low latency. No redundancy though as per the question https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html.

- (Exam Topic 1)
An AWS customer has a web application that runs on premises. The web application fetches data from a third-party API that is behind a firewall. The third party accepts only one public CIDR block in each client's allow list.
The customer wants to migrate their web application to the AWS Cloud. The application will be hosted on a set of Amazon EC2 instances behind an Application Load Balancer (ALB) in a VPC. The ALB is located in public subnets. The EC2 instances are located in private subnets. NAT gateways provide internet access to the private subnets.
How should a solutions architect ensure that the web application can continue to call the third-parly API after the migration?

1. A. Associate a block of customer-owned public IP addresses to the VP
2. B. Enable public IP addressing for public subnets in the VPC.
3. C. Register a block of customer-owned public IP addresses in the AWS accoun
4. D. Create Elastic IP addresses from the address block and assign them lo the NAT gateways in the VPC.
5. E. Create Elastic IP addresses from the block of customer-owned IP addresse
6. F. Assign the static Elastic IP addresses to the ALB.
7. G. Register a block of customer-owned public IP addresses in the AWS accoun
8. H. Set up AWS Global Accelerator to use Elastic IP addresses from the address bloc
9. I. Set the ALB as the accelerator endpoint.

Correct Answer: B
When EC2 instances reach third-party API through internet, their privates IP addresses will be masked by NAT Gateway public IP address.
https://aws.amazon.com/blogs/networking-and-content-delivery/introducing-bring-your-own-ip-byoip-for-amaz