Daisylaura175
Uploaded on Jan 30, 2021
Category
Education
You can pass your SAP-C01 exam easily by putting you full focus on SAP-C01 Dumps because this material contains all the necessary information. If you download guidebook from Exam4Lead then you don’t have to further search for learning. You will have everything available at one place. The questions and answers are really useful and valuable for understanding of complicated concepts. SAP-C01 Dumps PDF material can be downloaded after making sure of the quality from demo questions which are free of cost.
Category
Education
Real Amazon SAP-C01 Dumps PDF - SAP-C01 Questions Answers
Amazon
SAP-C01
AWS Certified Solutions A rchitect - Professional
https://www.exam4lead.com/amazon/sap-c01-dumps.html
Latest Version: 37.0
Question: 1
A bank is re-architecting its mainframe-based credit card approval processing application to a cloud-
native application on the AWS cloud.
The new application will receive up to 1,000 requests per second at peak load. There are multiple steps
to each transaction, and each step must receive the result of the previous step. The entire request must
return an authorization response within less than 2 seconds with zero data loss. Every request must
receive a response. The solution must be Payment Card Industry Data Security Standard (PCI DSS)-
compliant.
Which option will meet all of the bank’s objectives with the LEAST complexity and LOWEST cost while
also meeting compliance requirements?
A. Create an Amazon API Gateway to process inbound requests using a single AWS Lambda task that
performs multiple steps and returns a JSON object with the approval status. Open a support case to
increase the limit for the number of concurrent Lambdas to allow room for bursts of activity due to the
new application.
B. Create an Application Load Balancer with an Amazon ECS cluster on Amazon EC2 Dedicated instances
in a target group to process incoming requests. Use Auto Scaling to scale the cluster out/in based on
average CPU utilization. Deploy a web service that processes all of the approval steps and returns a JSON
object with the approval status.
C. Deploy the application on Amazon EC2 on Dedicated Instances. Use an Elastic Load Balancer in front
of a farm of application servers in an Auto Scaling group to handle incoming requests. Scale out/in based
on a custom Amazon CloudWatch metric for the number of inbound requests per second after
measuring the capacity of a single instance.
D. Create an Amazon API Gateway to process inbound requests using a series of AWS Lambda processes,
each with an Amazon SQS input queue. As each step completes, it writes its result to the next step’s
queue. The final step returns a JSON object with the approval status. Open a support case to increase
the limit for the number of concurrent Lambdas to allow room for bursts of activity due to the new
application.
Answer: B
Question: 2
A company has a standard three-tier architecture using two Availability Zones. During the company’s off
season, users report that the website is not working. The Solutions Architect finds that no changes have
been made to the environment recently, the website is reachable, and it is possible to log in. However,
when the Solutions Architect selects the “find a store near you” function, the maps provided on the site
by a third-party RESTful API call do not work about 50% of the time after refreshing the page. The
outbound API calls are made through Amazon EC2 NAT instances.
What is the MOST likely reason for this failure and how can it be mitigated in the future?
A. The network ACL for one subnet is blocking outbound web traffic. Open the network ACL and prevent
administration from making future changes through IAM.
B. The fault is in the third-party environment. Contact the third party that provides the maps and
request a fix that will provide better uptime.
C. One NAT instance has become overloaded. Replace both EC2 NAT instances with a larger-sized
instance and make sure to account for growth when making the new instance size.
D. One of the NAT instances failed. Recommend replacing the EC2 NAT instances with a NAT gateway.
Answer: D
The issue is 50% failure, means the balancing over 2 AZs is failing on one NAT instance in one AZ. The
solution is to replace the NAT instance with fully managed and high available NAT gateway.
Question: 3
A company is planning to migrate an application from on-premises to AWS. The application currently
uses an Oracle database and the company can tolerate a brief downtime of 1 hour when performing the
switch to the new infrastructure. As part of the migration, the database engine will be changed to
MySQL. A Solutions Architect needs to determine which AWS services can be used to perform the
migration while minimizing the amount of work and time required.
Which of the following will meet the requirements?
A. Use AWS SCT to generate the schema scripts and apply them on the target prior to migration. Use
AWS DMS to analyse the current schema and provide a recommendation for the optimal database
engine. Then, use AWS DMS to migrate to the recommended engineer. Use AWS SCT to identify what
embedded SQL code in the application can be converted and what has to be done manually.
B. Use AWS SCT to generate the schema scripts and apply them on the target prior to migration. Use
AWS DMS to begin moving data from the on-premises database to AWS. After the initial copy, continue
to use AWS DMS to keep the databases in sync until cutting over to the new database. Use AWS SCT to
identify what embedded SQL code in the application can be converted and what has to be done
manually.
C. Use AWS DMS to help identify the best target deployment between installing the database engine on
Amazon EC2 directly or moving to Amazon RDS. Then, use AWS DMS to migrate to the platform. Use
AWS Application Discovery Service to identify what embedded SQL code in the application can be
converted and what has to be done manually.
D. Use AWS DMS to begin moving data from the on-premises database to AWS. After the initial copy,
continue to use AWS DMS to keep the databases in sync until cutting over to the new database. Use
AWS Application Discovery Service to identify what embedded SQL code in the application can be
converted and what has to be done manually.
Answer: B
Question: 4
A company has an Amazon VPC that is divided into a public subnet and a private subnet A web
application runs in Amazon VPC, and each subnet has its own NACL The public subnet has a CIDR of
10.0.0.0/24. An Application Load Balancer is deployed to the public subnet. The private subnet has a
CIDR of 10.0.1.0/24. Amazon EC2 instances that run a web server on port 80 are launched into the
private subnet.
Only network traffic that is required for the Application Load Balancer to access the web application can
be allowed to travel between the public and private subnets
What collection of rules should be written to ensure that the private subnet's NACL meets the
requirement? (Select TWO.)
A. An inbound rule for port 80 from source 0.0.0 0/0
B. An inbound rule for port 80 from source 10.0.0.0/24
C. An outbound rule for port 80 to destination 0.0.0.0/0
D. An outbound rule for port 80 to destination 10.0.0.0/24
E. An outbound rule for ports 1024 through 65535 to destination 10.0.0.0/24
Answer: B, E
Question: 5
A Solutions Architect must establish a patching plan for a large mixed fleet of Windows and Linux
servers. The patching plan must be implemented securely, be audit ready, and comply with the
company’s business requirements.
Which option will meet these requirements with MINIMAL effort?
A. Install and use an OS-native patching service to manage the update frequency and release approval
for all instances. Use AWS Config to verify the OS state on each instance and report on any patch
compliance issues.
B. Use AWS Systems Manager on all instances to manage patching. Test patches outside of production
and then deploy during a maintenance window with the appropriate approval.
C. Use AWS OpsWorks for Chef Automate to run a set of scripts that will iterate through all instances of
a given type. Issue the appropriate OS command to get and install updates on each instance, including
any required restarts during the maintenance window.
D. Migrate all applications to AWS OpsWorks and use OpsWorks automatic patching support to keep the
OS up-to-date following the initial installation. Use AWS Config to provide audit and compliance
reporting.
Answer: B
Only Systems Manager can patch both OS effectively on AWS and on premise.
Question: 6
A company has released a new version of a website to target an audience in Asia and South Americ
a. The website’s media assets are hosted on Amazon S3 and have an Amazon CloudFront distribution to
improve end-user performance. However, users are having a poor login experience the authentication
service is only available in the us-east-1 AWS Region.
How can the Solutions Architect improve the login experience and maintain high security and
performance with minimal management overhead?
A. Replicate the setup in each new geography and use Amazon Route 53 geo-based routing to route
traffic to the AWS Region closest to the users.
B. Use an Amazon Route 53 weighted routing policy to route traffic to the CloudFront distribution. Use
CloudFront cached HTTP methods to improve the user login experience.
C. Use Amazon Lambda@Edge attached to the CloudFront viewer request trigger to authenticate and
authorize users by maintaining a secure cookie token with a session expiry to improve the user
experience in multiple geographies.
D. Replicate the setup in each geography and use Network Load Balancers to route traffic to the
authentication service running in the closest region to users.
Answer: C
There are several benefits to using Lambda@Edge for authorization operations. First, performance is
improved by running the authorization function using Lambda@Edge closest to the viewer, reducing
latency and response time to the viewer request. The load on your origin servers is also reduced by
offloading CPU-intensive operations such as verification of JSON Web Token (JWT) signatures. Finally,
there are security benefits such as filtering out unauthorized requests before they reach your origin
infrastructure. https://aws.amazon.com/blogs/networking-and-content-delivery/authorizationedge-
how-to-use-lambdaedge-and-json-web-tokens-to-enhance-web-application-security/
Question: 7
A large company experienced a drastic increase in its monthly AWS spend. This is after Developers
accidentally launched Amazon EC2 instances in unexpected regions. The company has established
practices around least privileges for Developers and controls access to on-premises resources using
Active Directory groups. The company now wants to control costs by restricting the level of access that
Developers have to the AWS Management Console without impacting their productivity. The company
would also like to allow Developers to launch Amazon EC2 in only one region, without limiting access to
other services in any region.
How can this company achieve these new security requirements while minimizing the administrative
burden on the Operations team?
A. Set up SAML-based authentication tied to an IAM role that has an AdministrativeAccess managed
policy attached to it. Attach a customer managed policy that denies access to Amazon EC2 in each
region except for the one required.
B. Create an IAM user for each Developer and add them to the developer IAM group that has the
PowerUserAccess managed policy attached to it. Attach a customer managed policy that allows the
Developers access to Amazon EC2 only in the required region.
C. Set up SAML-based authentication tied to an IAM role that has a PowerUserAccess managed policy
and a customer managed policy that deny all the Developers access to any AWS services except AWS
Service Catalog. Within AWS Service Catalog, create a product containing only the EC2 resources in the
approved region.
D. Set up SAML-based authentication tied to an IAM role that has the PowerUserAccess managed policy
attached to it. Attach a customer managed policy that denies access to Amazon EC2 in each region
except for the one required.
Answer: D
The tricks here are: - SAML for AD federation and authentication - PowerUserAccess vs
AdministrativeAccess. (PowerUSer has less privilege, which is the required once for developers). Admin,
has more rights. The description of "PowerUser access" given by AWS is “Provides full access to AWS
services and resources, but does not allow management of Users and groups.”
Question: 8
A Solutions Architect needs to design a highly available application that will allow authenticated users to
stay connected to the application even when there are underlying failures.
Which solution will meet these requirements?
A. Deploy the application on Amazon EC2 instances Use Amazon Route 53 to forward requests to the
EC2 Instances. Use Amazon DynamoDB to save the authenticated connection details.
B. Deploy the application on Amazon EC2 instances in an Auto Scaling group Use an internet-facing
Application Load Balancer to handle requests Use Amazon DynamoDB to save the authenticated
connection details
C. Deploy the application on Amazon EC2 instances in an Auto Scaling group Use an internet-facing
Application Load Balancer on the front end Use EC2 instances to save the authenticated connection
details
D. Deploy the application on Amazon EC2 instances in an Auto Scaling group Use an internet-facing
Application Load Balancer on the front end Use EC2 instances hosting a MySQL database to save the
authenticated connection details
Answer: B
Question: 9
A group of Amazon EC2 instances have been configured as high performance computing (HPC) cluster.
The instances are running in a placement group, and are able to communicate with each other at
network of up to 20 Gbps.
The cluster needs to communicate with a control EC2 instance outside of the placement group. The
control instance has the same instance type and AMI as the other instances, and is configured with a
public IP address.
How can the Solutions Architect improve the network speeds between the control instance and the
instances in the placement group?
A. Terminate the control instance and relaunch in the placement group.
B. Ensure that the instances are communicating using the private IP addresses.
C. Ensure that the control instance is using an Elastic Network Adapter.
D. Move the control instance inside the placement group.
Answer: D
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html
Question: 10
A company has an application written using an in-house software framework. The framework
installation takes 30 minutes and is performed with a user data script. Company Developers deploy
changes to the application frequently. The framework installation is becoming a bottleneck in this
process.
Which of the following would speed up this process?
A. Create a pipeline to build a custom AMI with the framework installed and use this AMI as a baseline
for application deployments.
B. Employ a user data script to install the framework but compress the installation files to make them
smaller.
C. Create a pipeline to parallelize the installation tasks and call this pipeline from a user data script.
D. Configure an AWS OpsWorks cookbook that installs the framework instead of employing user data.
Use this cookbook as a base for all deployments.
Answer: A
https://aws.amazon.com/codepipeline/features/?nc=sn&loc=2
Question: 11
A company stores sales transaction data in Amazon DynamoDB tables. To detect anomalous behaviors
and respond quickly, all changes to the items stored in the DynamoDB tables must be logged within 30
minutes.
Which solution meets the requirements?
A. Copy the DynamoDB tables into Apache Hive tables on Amazon EMR every hour and analyze them for
anomalous behaviors. Send Amazon SNS notifications when anomalous behaviors are detected.
B. Use AWS CloudTrail to capture all the APIs that change the DynamoDB tables. Send SNS notifications
when anomalous behaviors are detected using CloudTrail event filtering.
C. Use Amazon DynamoDB Streams to capture and send updates to AWS Lambda. Create a Lambda
function to output records to Amazon Kinesis Data Streams. Analyze any anomalies with Amazon Kinesis
Data Analytics. Send SNS notifications when anomalous behaviors are detected.
D. Use event patterns in Amazon CloudWatch Events to capture DynamoDB API call events with an AWS
Lambda function as a target to analyze behavior. Send SNS notifications when anomalous behaviors are
detected.
Answer: C
https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Streams.html
Question: 12
A Solutions Architect must design a highly available, stateless, REST service. The service will require
multiple persistent storage layers for service object meta information and the delivery of content. Each
request needs to be authenticated and securely processed. There is a requirement to keep costs as low
as possible?
How can these requirements be met?
A. Use AWS Fargate to host a container that runs a self-contained REST service. Set up an Amazon ECS
service that is fronted by an Application Load Balancer (ALB). Use a custom authenticator to control
access to the API. Store request meta information in Amazon DynamoDB with Auto Scaling and static
content in a secured S3 bucket. Make secure signed requests for Amazon S3 objects and proxy the data
through the REST service interface.
B. Use AWS Fargate to host a container that runs a self-contained REST service. Set up an ECS service
that is fronted by a cross-zone ALB. Use an Amazon Cognito user pool to control access to the API. Store
request meta information in DynamoDB with Auto Scaling and static content in a secured S3 bucket.
Generate presigned URLs when returning references to content stored in Amazon S3.
C. Set up Amazon API Gateway and create the required API resources and methods. Use an Amazon
Cognito user pool to control access to the API. Configure the methods to use AWS Lambda proxy
integrations, and process each resource with a unique AWS Lambda function. Store request meta
information in DynamoDB with Auto Scaling and static content in a secured S3 bucket. Generate
presigned URLs when returning references to content stored in Amazon S3.
D. Set up Amazon API Gateway and create the required API resources and methods. Use an Amazon API
Gateway custom authorizer to control access to the API. Configure the methods to use AWS Lambda
custom integrations, and process each resource with a unique Lambda function. Store request meta
information in an Amazon ElastiCache Multi-AZ cluster and static content in a secured S3 bucket.
Generate presigned URLs when returning references to content stored in Amazon S3.
Answer: C
Question: 13
The Security team needs to provide a team of interns with an AWS environment so they can build the
serverless video transcoding application. The project will use Amazon S3, AWS Lambda, Amazon API
Gateway, Amazon Cognito, Amazon DynamoDB, and Amazon Elastic Transcoder.
The interns should be able to create and configure the necessary resources, but they may not have
access to create or modify AWS IAM roles. The Solutions Architect creates a policy and attaches it to the
interns’ group.
How should the Security team configure the environment to ensure that the interns are self-sufficient?
A. Create a policy that allows creation of project-related resources only. Create roles with required
service permissions, which are assumable by the services.
B. Create a policy that allows creation of all project-related resources, including roles that allow access
only to specified resources.
C. Create roles with the required service permissions, which are assumable by the services. Have the
interns create and use a bastion host to create the project resources in the project subnet only.
D. Create a policy that allows creation of project-related resources only. Require the interns to raise a
request for roles to be created with the Security team. The interns will provide the requirements for the
permissions to be set in the role.
Answer: C
Question: 14
What combination of steps could a Solutions Architect take to protect a web workload running on
Amazon EC2 from DDoS and application layer attacks? (Select two.)
A. Put the EC2 instances behind a Network Load Balancer and configure AWS WAF on it.
B. Migrate the DNS to Amazon Route 53 and use AWS Shield
C. Put the EC2 instances in an Auto Scaling group and configure AWS WAF on it.
D. Create and use an Amazon CloudFront distribution and configure AWS WAF on it.
E. Create and use an internet gateway in the VPC and use AWS Shield.
Answer: B, D
References: https://aws.amazon.com/answers/networking/aws-ddos-attack-mitigation/
Question: 15
A large company has increased its utilization of AWS over time in an unmanaged way. As such, they have
a large number of independent AWS accounts across different business units, projects, and
environments. The company has created a Cloud Center of Excellence team, which is responsible for
managing all aspects of the AWS Cloud, including their AWS accounts.
Which of the following should the Cloud Center of Excellence team do to BEST address their
requirements in a centralized way? (Select two.)
A. Control all AWS account root user credentials. Assign AWS IAM users in the account of each user who
needs to access AWS resources. Follow the policy of least privilege in assigning permissions to each user.
B. Tag all AWS resources with details about the business unit, project, and environment. Send all AWS
Cost and Usage reports to a central Amazon S3 bucket, and use tools such as Amazon Athena and
Amazon QuickSight to collect billing details by business unit.
C. Use the AWS Marketplace to choose and deploy a Cost Management tool. Tag all AWS resources with
details about the business unit, project, and environment. Send all AWS Cost and Usage reports for the
AWS accounts to this tool for analysis.
D. Set up AWS Organizations. Enable consolidated billing, and link all existing AWS accounts to a master
billing account. Tag all AWS resources with details about the business unit, project and environment.
Analyze Cost and Usage reports using tools such as Amazon Athena and Amazon QuickSight to collect
billing details by business unit.
E. Using a master AWS account, create IAM users within the master account. Define IAM roles in the
other AWS accounts, which cover each of the required functions in the account. Follow the policy of
least privilege in assigning permissions to each role, then enable the IAM users to assume the roles that
they need to use.
Answer: D, E
Question: 16
A company has asked a Solutions Architect to design a secure content management solution that can be
accessed by API calls by external customer applications. The company requires that a customer
administrator must be able to submit an API call and roll back changes to existing files sent to the
content management solution, as needed.
What is the MOST secure deployment design that meets all solution requirements?
A. Use Amazon S3 for object storage with versioning and bucket access logging enabled, and an IAM role
and access policy for each customer application. Encrypt objects using SSE-KMS. Develop the content
management application to use a separate AWS KMS key for each customer.
B. Use Amazon WorkDocs for object storage. Leverage WorkDocs encryption, user access management,
and version control. Use AWS CloudTrail to log all SDK actions and create reports of hourly access by
using the Amazon CloudWatch dashboard. Enable a revert function in the SDK based on a static Amazon
S3 webpage that shows the output of the CloudWatch dashboard.
C. Use Amazon EFS for object storage, using encryption at rest for the Amazon EFS volume and a
customer managed key stored in AWS KMS. Use IAM roles and Amazon EFS access policies to specify
separate encryption keys for each customer application. Deploy the content management application to
store all new versions as new files in Amazon EFS and use a control API to revert a specific file to a
previous version.
D. Use Amazon S3 for object storage with versioning and enable S3 bucket access logging. Use an IAM
role and access policy for each customer application. Encrypt objects using client-side encryption, and
distribute an encryption key to all customers when accessing the content management application.
Answer: A
Visit us athttps://www.examsboost.com/test/sap-c01/
Question: 17
A company runs a memory-intensive analytics application using on-demand Amazon EC2 compute
optimized instance. The application is used continuously and application demand doubles during
working hours. The application currently scales based on CPU usage. When scaling in occurs, a lifecycle
hook is used because the instance requires 4 minutes to clean the application state before terminating.
Because users reported poor performance during working hours, scheduled scaling actions were
implemented so additional instances would be added during working hours. The Solutions Architect has
been asked to reduce the cost of the application.
Which solution is MOST cost-effective?
A. Use the existing launch configuration that uses C5 instances, and update the application AMI to
include the Amazon CloudWatch agent. Change the Auto Scaling policies to scale based on memory
utilization. Use Reserved Instances for the number of instances required after working hours, and use
Spot Instances to cover the increased demand during working hours.
B. Update the existing launch configuration to use R5 instances, and update the application AMI to
include SSM Agent. Change the Auto Scaling policies to scale based on memory utilization. Use Reserved
instances for the number of instances required after working hours, and use Spot Instances with on-
Demand instances to cover the increased demand during working hours.
C. Use the existing launch configuration that uses C5 instances, and update the application AMI to
include SSM Agent. Leave the Auto Scaling policies to scale based on CPU utilization. Use scheduled
Reserved Instances for the number of instances required after working hours, and use Spot Instances to
cover the increased demand during work hours.
D. Create a new launch configuration using R5 instances, and update the application AMI to include the
Amazon CloudWatch agent. Change the Auto Scaling policies to scale based on memory utilization. use
Reserved Instances for the number of instances required after working hours, and use Standard
Reserved Instances with On-Demand Instances to cover the increased demand during working hours.
Answer: D
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring_ec2.html
Question: 18
A company is implementing a multi-account strategy; however, the Management team has expressed
concerns that services like DNS may become overly complex. The company needs a solution that allows
private DNS to be shared among virtual private clouds (VPCs) in different accounts. The company will
have approximately 50 accounts in total.
What solution would create the LEAST complex DNS architecture and ensure that each VPC can resolve
all AWS resources?
A. Create a shared services VPC in a central account, and create a VPC peering connection from the
shared services VPC to each of the VPCs in the other accounts. Within Amazon Route 53, create a
privately hosted zone in the shared services VPC and resource record sets for the domain and
subdomains. Programmatically associate other VPCs with the hosted zone.
B. Create a VPC peering connection among the VPCs in all accounts. Set the VPC attributes
enableDnsHostnames and enableDnsSupport to “true” for each VPC. Create an Amazon Route 53 private
zone for each VPC. Create resource record sets for the domain and subdomains. Programmatically
associate the hosted zones in each VPC with the other VPCs.
C. Create a shared services VPC in a central account. Create a VPC peering connection from the VPCs in
other accounts to the shared services VPC. Create an Amazon Route 53 privately hosted zone in the
shared services VPC with resource record sets for the domain and subdomains. Allow UDP and TCP port
53 over the VPC peering connections.
D. Set the VPC attributes enableDnsHostnames and enableDnsSupport to “false” in every VPC. Create an
AWS Direct Connect connection with a private virtual interface. Allow UDP and TCP port 53 over the
virtual interface. Use the on-premises DNS servers to resolve the IP addresses in each VPC on AWS.
Answer: A
https://aws.amazon.com/blogs/networking-and-content-delivery/centralized-dns-management-of-
hybrid-cloud-with-amazon-route-53-and-aws-transit-gateway/
Question: 19
A company is running an email application across multiple AWS Regions. The company uses Ohio (us-
east-2) as the primary Region and Northern Virginia (us-east-1) as the Disaster Recovery (DR) Region.
The data is continuously replicated from the primary Region to the DR Region by a single instance on the
public subnet in both Regions. The replication messages between the Regions have a significant backlog
during certain times of the day. The backlog clears on its own after a short time, but it affects the
application’s RPO.
Which of the following solutions should help remediate this performance problem? (Select TWO)
A. Increase the size of the instances.
B. Have the instance in the primary Region write the data to an Amazon SQS queue in the primary
Region instead, and have the instance in the DR Region poll from this queue.
C. Use multiple instances on the primary and DR Regions to send and receive the replication data.
D. Change the DR Region to Oregon (us-west-2) instead of the current DR Region.
E. Attach an additional elastic network interface to each of the instances in both Regions and set up load
balancing between the network interfaces.
Answer: AC
Question: 20
A Solutions Architect is working with a company that operates a standard three-tier web application in
AWS. The web and application tiers run on Amazon EC2 and the database tier runs on Amazon RDS. The
company is redesigning the web and application tiers to use Amazon API Gateway and AWS Lambda,
and the company intends to deploy the new application within 6 months. The IT Manager has asked the
Solutions Architect to reduce costs in the interim.
Which solution will be MOST cost effective while maintaining reliability?
A. Use Spot Instances for the web tier, On-Demand Instances for the application tier, and Reserved
Instances for the database tier.
B. Use On-Demand Instances for the web and application tiers, and Reserved Instances for the database
tier.
C. Use Spot Instances for the web and application tiers, and Reserved Instances for the database tier.
D. Use Reserved Instances for the web, application, and database tiers.
Answer: B
https://www.exam4lead.com/amazon/sap-c01-dumps.html
Comments