Amazon Web Services passguide aws Certified Professional Sap-c02 Passing Score by Harmony q379 vce pdf

Page: 16 / 41

Exam Name:	AWS Certified Solutions Architect - Professional
Exam Code:	SAP-C02 Dumps
Vendor:	Amazon Web Services	Certification:	AWS Certified Professional
Questions:	562 Q&A's	Shared By:	harmony

Question 64

A company has a data lake in Amazon S3 that needs to be accessed by hundreds of applications across many AWS accounts. The company's information security policy states that the S3 bucket must not be accessed over the public internet and that each application should have the minimum permissions necessary to function.

To meet these requirements, a solutions architect plans to use an S3 access point that is restricted to specific VPCs for each application.

Which combination of steps should the solutions architect take to implement this solution? (Select TWO.)

Options:

Create an S3 access point for each application in the AWS account that owns the S3 bucket. Configure each access point to be accessible only from the application's VPC. Update the bucket policy to require access from an access point.

Create an interface endpoint for Amazon S3 in each application's VPC. Configure the endpoint policy to allow access to an S3 access point. Create a VPC gateway attachment for the S3 endpoint.

Create a gateway endpoint for Amazon S3 in each application's VPC. Configure the endpoint policy to allow access to an S3 access point. Specify the route table that is used to access the access point.

Create an S3 access point for each application in each AWS account and attach the access points to the S3 bucket. Configure each access point to be accessible only from the application's VPC. Update the bucket policy to require access from an access point.

Create a gateway endpoint for Amazon S3 in the data lake's VPC. Attach an endpoint policy to allow access to the S3 bucket. Specify the route table that is used to access the bucket.

Discussion

Question 65

A company wants to migrate its website from an on-premises data center onto AWS. At the same time, it wants to migrate the website to a containerized microservice-based architecture to improve the availability and cost efficiency. The company's security policy states that privileges and network permissions must be configured according to best practice, using least privilege.

A Solutions Architect must create a containerized architecture that meets the security requirements and has deployed the application to an Amazon ECS cluster.

What steps are required after the deployment to meet the requirements? (Choose two.)

Options:

Create tasks using the bridge network mode.

Create tasks using the awsvpc network mode.

Apply security groups to Amazon EC2 instances, and use IAM roles for EC2 instances to access other resources.

Apply security groups to the tasks, and pass IAM credentials into the container at launch time to access other resources.

Apply security groups to the tasks, and use IAM roles for tasks to access other resources.

Discussion

Stefan

Thank you so much Cramkey I passed my exam today due to your highly up to date dumps.

Ocean Jul 22, 2025

Agree….Cramkey Dumps are constantly updated based on changes in the exams. They also have a team of experts who regularly review the materials to ensure their accuracy and relevance. This way, you can be sure you're studying the most up-to-date information available.

Lois

I passed my exam with wonderful score. Their dumps are 100% valid and I felt confident during the exam.

Ernie Jul 16, 2025

Absolutely. The best part is, the answers in the dumps were correct. So, I felt confident and well-prepared for the exam.

Ayra

How these dumps are necessary for passing the certification exam?

Damian Jul 11, 2025

They give you a competitive edge and help you prepare better.

Ivan

I tried these dumps for my recent certification exam and I found it pretty helpful.

Elis Jul 4, 2025

Agree!!! The questions in the dumps were quite similar to what came up in the actual exam. It gave me a good idea of the types of questions to expect and helped me revise efficiently.

Erik

Hey, I have passed my exam using Cramkey Dumps?

Freyja Jul 6, 2025

Really, what are they? All come in your pool? Please give me more details, I am going to have access their subscription. Please brother, give me more details.

Question 66

A company is deploying a distributed in-memory database on a fleet of Amazon EC2 instances. The fleet consists of a primary node and eight worker nodes. The primary node is responsible for monitoring cluster health, accepting user requests, distributing user requests to worker nodes, and sending an aggregate response back to a client. Worker nodes communicate with each other to replicate data partitions.

The company requires the lowest possible networking latency to achieve maximum performance.

Which solution will meet these requirements?

Options:

Launch memory optimized EC2 instances in a partition placement group.

Launch compute optimized EC2 instances in a partition placement group.

Launch memory optimized EC2 instances in a cluster placement group

Launch compute optimized EC2 instances in a spread placement group.

Discussion

Question 67

A company hosts a VPN in an on-premises data center. Employees currently connect to the VPN to access files in their Windows home directories. Recently, there has been a large growth in the number of employees who work remotely. As a result, bandwidth usage for connections into the data center has begun to reach 100% during business hours.

The company must design a solution on AWS that will support the growth of the company's remote workforce, reduce the bandwidth usage for connections into the data center, and reduce operational overhead.

Which combination of steps will meet these requirements with the LEAST operational overhead? (Select TWO.)

Options:

Create an AWS Storage Gateway Volume Gateway. Mount a volume from the Volume Gateway to the on-premises file server.

Migrate the home directories to Amazon FSx for Windows File Server.

Migrate the home directories to Amazon FSx for Lustre.

Migrate remote users to AWS Client VPN

Create an AWS Direct Connect connection from the on-premises data center to AWS.

Discussion

Page: 16 / 41

Title

Questions

Posted