NO.1 You are looking to migrate your Development (Dev) and Test environments to AWS. You have
decided to
use separate AWS accounts to host each environment. You plan to link each accounts bill to a Master
AWS account using Consolidated Billing. To make sure you Keep within budget you would like to
implement a way for administrators in the Master account to have access to stop, delete and/or
resources in both the Dev and Test accounts. Identify which option will allow you to achieve this goal.
A. Create IAM users in the Master account Create cross-account roles in the Dev and Test accounts
have full Admin permissions and grant the Master account access.
B. Create IAM users in the Master account with full Admin permissions. Create cross-account roles in
Dev and Test accounts that grant the Master account access to the resources in the account by
permissions from the Master account.
C. Link the accounts using Consolidated Billing. This will give IAM users in the Master account access
resources in the Dev and Test accounts
D. Create IAM users and a cross-account role in the Master account that grants full Admin
permissions to
the Dev and Test accounts.
Answer: A

NO.2 Which statement is NOT true about a stack which has been created in a Virtual Private Cloud
(VPC) in
AWS OpsWorks?
A. Subnets whose instances can communicate only with other instances in the VPC and cannot
communicate directly with the Internet are referred to as private subnets.
B. Your app and custom cookbook repositories should be accessible for all instances in the stack.
C. All instances in the stack should have access to any package repositories that your operating
depends on, such as the Amazon Linux or Ubuntu Linux repositories.
D. Subnets whose instances cannot communicate with the Internet are referred to as public subnets.
Answer: D

AWS-Solutions-Architect-Professional赤本   AWS-Solutions-Architect-Professional模擬資料   
In AWS OpsWorks, you can control user access to a stack's instances by creating it in a virtual private
cloud (VPC). For example, you might not want users to have direct access to your stack's app servers
databases and instead require that all public traffic be channeled through an Elastic Load Balancer.
A VPC consists of one or more subnets, each of which contains one or more instances. Each subnet
an associated routing table that directs outbound traffic based on its destination IP address.
Instances within a VPC can generally communicate with each other, regardless of their subnet.
Subnets whose instances can communicate with the Internet are referred to as public subnets.
Subnets whose instances can communicate only with other instances in the VPC and cannot
communicate directly with the Internet are referred to as private subnets.
AWS OpsWorks requires the VPC to be configured so that every instance in the stack, including
instances in private subnets, has access to the following endpoints:
The AWS OpsWorks service, .
Amazon S3
The package repositories for Amazon Linux or Ubuntu 12.04 LTS, depending on which operating
you specify.
Your app and custom cookbook repositories.

NO.3 An organization is setting up a highly scalable application using Elastic Beanstalk. They are
using Elastic
Load Balancing (ELB) as well as a Virtual Private Cloud (VPC) with public and private subnets. They
the following requirements:
. All the EC2 instances should have a private IP
. All the EC2 instances should receive data via the ELB's.
Which of these will not be needed in this setup?
A. Create routing rules which will route all inbound traffic from ELB to the EC2 instances.
B. Create routing rules which will route all outbound traffic from the EC2 instances through NAT.
C. Configure ELB and NAT as a part of the public subnet only.
D. Launch the EC2 instances with only the public subnet.
Answer: D
The Amazon Virtual Private Cloud (Amazon VPC) allows the user to define a virtual networking
environment in a private, isolated section of the Amazon Web Services (AWS) cloud. The user has
complete control over the virtual networking environment. If the organization wants the Amazon EC2
instances to have a private IP address, he should create a public and private subnet for VPC in each
Availability Zone (this is an AWS Elastic Beanstalk requirement). The organization should add their
resources, such as ELB and NAT to the public subnet, and AWS Elastic Beanstalk will assign them
unique elastic IP addresses (a static, public IP address). The organization should launch Amazon EC2
instances in a private subnet so that AWS Elastic Beanstalk assigns them non-routable private IP
addresses. Now the organization should configure route tables with the following rules:
. route all inbound traffic from ELB to EC2 instances
. route all outbound traffic from EC2 instances through NAT

NO.4 Regarding Amazon SNS, you can send notification messages to mobile devices through any of
following supported push notification services, EXCEPT:
A. Apple Push Notification Service (APNS)
B. Amazon Device Messaging (ADM)
C. Microsoft Windows Mobile Messaging (MWMM)
D. Google Cloud Messaging for Android (GCM)
Answer: C

In Amazon SNS, you have the ability to send notification messages directly to apps on mobile devices.
Notification messages sent to a mobile endpoint can appear in the mobile app as message alerts,
updates, or even sound alerts. Microsoft Windows Mobile Messaging (MWMM) doesn't exist and is
supported by Amazon SNS.




試験科目:AWS Certified Solutions Architect - Professional
問題と解答:全275問 AWS-Solutions-Architect-Professional試験内容

>> AWS-Solutions-Architect-Professional試験内容

試験科目:AWS Certified Solutions Architect - Associate (AWS-Solutions-Architect-Associate日本語版)
問題と解答:全445問 AWS-Solutions-Architect-Associate日本語ファンデーション

>> AWS-Solutions-Architect-Associate日本語ファンデーション