Amazon Web Services transcender aws Certified Professional Sap-c02 Exam Questions And Answers Pdf by Mathias q295 vce pdf

Page: 9 / 50

Exam Name:	AWS Certified Solutions Architect - Professional
Exam Code:	SAP-C02 Dumps
Vendor:	Amazon Web Services	Certification:	AWS Certified Professional
Questions:	674 Q&A's	Shared By:	mathias

Question 36

A company is developing a gene reporting device that will collect genomic information to assist researchers with collecting large samples of data from a diverse population. The device will push 8 KB of genomic data every second to a data platform that will need to process and analyze the data and provide information back to researchers. The data platform must meet the following requirements:

•Provide near-real-time analytics of the inbound genomic data

•Ensure the data is flexible, parallel, and durable

•Deliver results of processing to a data warehouse

Which strategy should a solutions architect use to meet these requirements?

Options:

Use Amazon Kinesis Data Firehose to collect the inbound sensor data, analyze the data with Kinesis clients, and save the results to an Amazon RDS instance.

Use Amazon Kinesis Data Streams to collect the inbound sensor data, analyze the data with Kinesis clients, and save the results to an Amazon Redshift cluster using Amazon EMR.

Use Amazon S3 to collect the inbound device data, analyze the data from Amazon SOS with Kinesis, and save the results to an Amazon Redshift cluster.

Use an Amazon API Gateway to put requests into an Amazon SQS queue, analyze the data with an AWS Lambda function, and save the results to an Amazon Redshift cluster using Amazon EMR.

Discussion

Georgina

I used Cramkey Dumps to prepare for my recent exam and I have to say, they were a huge help.

Corey May 19, 2026

Really? How did they help you? I know these are the same questions appears in exam. I will give my try. But tell me if they also help in some training?

Joey

I highly recommend Cramkey Dumps to anyone preparing for the certification exam. They have all the key information you need and the questions are very similar to what you'll see on the actual exam.

Dexter May 22, 2026

Agreed. It's definitely worth checking out if you're looking for a comprehensive and reliable study resource.

Walter

Yayyy!!! I passed my exam with the help of Cramkey Dumps. Highly appreciated!!!!

Angus May 23, 2026

YES….. I saw the same questions in the exam.

Melody

My experience with Cramkey was great! I was surprised to see that many of the questions in my exam appeared in the Cramkey dumps.

Colby May 7, 2026

Yes, In fact, I got a score of above 85%. And I attribute a lot of my success to Cramkey's dumps.

Hendrix

Great website with Great Exam Dumps. Just passed my exam today.

Luka May 1, 2026

Absolutely. Cramkey Dumps only provides the latest and most updated exam questions and answers.

Question 37

A company hosts an application on AWS. The application uses AWS Lambda functions that are invoked by an Amazon API Gateway API. The company has an Amazon CloudFront distribution that uses the API Gateway API as its origin. The CloudFront distribution serves web requests to customers worldwide.

During testing, users experienced slow responses from the application APIs. The company discovered that requests from different AWS Regions contained inconsistent query parameters with mixed-case letters, which caused increased cache misses and more requests to reach the Lambda functions.

The company wants to ensure that the API consistently provides responses with minimal latency.

Which solution will meet these requirements?

Options:

Create a new Lambda function to sort incoming request query parameters alphabetically and convert the parameters to lowercase. Configure the CloudFront distribution to use the Lambda@Edge function type. Configure the Lambda function to invoke on origin request.

Create a CloudFront function to sort incoming request query parameters alphabetically and convert the parameters to lowercase. Configure the CloudFront distribution to use the CloudFront Functions function type. Configure the CloudFront function to invoke on viewer request.

Configure the API Gateway API to use mapping templates to sort incoming request query parameters alphabetically and convert the parameters to lowercase before Lambda processes the request.

Configure the API Gateway API to use a Lambda authorizer to sort incoming request query parameters alphabetically and convert the parameters to lowercase before Lambda processes the request.

Discussion

Answer:

Explanation:

B is correct because the problem is caused by inconsistent query-string casing leading to CloudFront cache misses, and the best place to normalize the request is at the CloudFront edge before cache-key evaluation. CloudFront Functions run at the edge with very low latency and are intended for lightweight request manipulations (for example, normalizing URLs, headers, and query strings) on viewer request events. By sorting query parameters and converting them to lowercase on the viewer request, CloudFront will treat semantically equivalent requests as the same cache key, increasing cache hit ratio and reducing the number of origin calls to API Gateway and downstream Lambda invocations. This directly reduces latency for global users.

Why the other options are less suitable:

A (Lambda@Edge on origin request): Lambda@Edge can also modify requests, but it is heavier-weight than CloudFront Functions for simple normalization logic. Also, doing this on origin request occurs after CloudFront has already decided whether there is a cache hit. If the cache key is still based on the original mixed-case query string at the viewer side, you won’t consistently prevent cache misses. Normalization must happen before cache lookup to maximize cache hits.

C (API Gateway mapping templates): This normalizes the request only after it has already missed in CloudFront and reached the origin. It does not fix CloudFront cache fragmentation, so it does not meet the “minimal latency” goal as effectively.

D (Lambda authorizer): Lambda authorizers are for authorization/authentication decisions. Using an authorizer for query normalization adds unnecessary overhead and still happens at API Gateway (origin), not at CloudFront before cache evaluation.

[References:, Amazon CloudFront Documentation: cache behavior and cache keys; viewer request/origin request event flow, CloudFront Functions Documentation: designed for lightweight, high-scale, low-latency request/response manipulation at the edge; viewer request execution, AWS Lambda@Edge Documentation: edge compute for more complex logic; event timing differences (viewer vs origin), Amazon API Gateway Documentation: mapping templates and Lambda authorizers and their intended use cases, , , , ]

Question 38

A company hosts a read-heavy web application on Amazon EKS and Amazon DynamoDB. The company uses Amazon Route 53 as its DNS solution. The application serves hundreds of users during peak usage periods. Most users are in the United States, but the application is experiencing growing usage in Europe and the Middle East. The company needs to reduce application latency for all global users.

Which solution will meet this requirement?

Options:

Deploy the application to multiple AWS Regions. Create a global secondary index (GSI) in the primary Region. Increase provisioned throughput for DynamoDB read capacity units (RCUs). Update the application to use the GSI. Create a Route 53 failover record set with the us-east-1 Region as the primary Region. Set the eu-central-1 Region and the me-central-1 Region as secondary Regions. Configure Route 53 health checks and enable Evaluate Targe

Use a DynamoDB Accelerator (DAX) cluster with memory-optimized instances. Deploy the application to three Availability Zones. Update the application to use the DAX endpoints. Update the Route 53 record set to use the new deployment endpoints.

Increase the compute resources for the application. Create an Amazon CloudFront distribution and set the application endpoint as the origin. Create DynamoDB read replicas in the primary AWS Region. Update the application to use the DynamoDB replica endpoints.

Deploy the application to multiple AWS Regions. Convert the DynamoDB table to a global table with replicas in target Regions. Update the application to access the nearest DynamoDB replica. Create a Route 53 geolocation record set for the target Regions. Configure Route 53 health checks and enable Evaluate Target Health.

Discussion

Answer:

Explanation:

The requirement is to reduce application latency for a globally distributed user base, with users primarily in the United States but increasing usage in Europe and the Middle East. The application is read-heavy and uses Amazon DynamoDB as its data store. Reducing latency for global users requires placing both the application compute and the data closer to users in each Region.

Option D uses the correct multi-Region architecture. Deploying the application to multiple AWS Regions places Amazon EKS workloads closer to end users. Converting the DynamoDB table to a global table creates fully managed, multi-Region replicas of the data with low-latency replication. This allows reads to be served locally from the nearest DynamoDB replica, significantly reducing read latency for users outside the primary Region. Because the workload is read-heavy, this design is particularly effective.

Route 53 geolocation routing directs users to the Region closest to them based on their geographic location. Combined with health checks and Evaluate Target Health, this ensures users are routed to the nearest healthy Region, improving both latency and availability.

Option A is incorrect because global secondary indexes do not replicate data across Regions. GSIs operate within a single Region and are used to support alternative query patterns, not global data distribution. Additionally, Route 53 failover routing is designed for disaster recovery, not for performance optimization or global load balancing.

Option B uses DynamoDB Accelerator (DAX), which improves read latency by caching data in memory, but DAX is Region-specific and does not reduce cross-Region network latency for users in Europe and the Middle East accessing a US-based application. It also does not address application-level latency caused by distance to the EKS cluster.

Option C is not valid because DynamoDB does not support read replicas in the same way relational databases do. DynamoDB replication for latency and global access is achieved through global tables, not through read replicas in a single Region. CloudFront can reduce latency for static or cacheable HTTP content, but it does not solve backend application latency or DynamoDB access latency for dynamic, read-heavy requests.

Therefore, deploying the application and DynamoDB as global tables across Regions and using Route 53 geolocation routing is the correct solution to minimize latency for all global users.

[References:AWS documentation on Amazon DynamoDB global tables for multi-Region, low-latency data access.AWS documentation on Route 53 geolocation routing and health checks for directing users to the closest Region., , ]

Question 39

During an audit, a security team discovered that a development team was putting IAM user secret access keys in their code and then committing it to an AWS CodeCommit repository. The security team wants to automatically find and remediate instances of this security vulnerability.

Which solution will ensure that the credentials are appropriately secured automatically7

Options:

Run a script nightly using AWS Systems Manager Run Command to search tor credentials on the development instances. If found. use AWS Secrets Manager to rotate the credentials.

Use a scheduled AWS Lambda function to download and scan the application code from CodeCommit. If credentials are found, generate new credentials and store them in AWS KMS.

Configure Amazon Made to scan for credentials in CodeCommit repositories. If credentials are found, trigger an AWS Lambda function to disable the credentials and notify the user.

Configure a CodeCommit trigger to invoke an AWS Lambda function to scan new code submissions for credentials. It credentials are found, disable them in AWS IAM and notify the user