CCNA Migration Modernization Questions

75 of 349 questions · Page 4/5 · Migration Modernization topic · Answers revealed

226
MCQeasy

A company is migrating an application that uses a commercial database to Amazon RDS. The database size is 500 GB. Which migration approach minimizes downtime?

A.Use native database tools to export and import data.
B.Use AWS Snowball Edge to transfer the database files.
C.Use AWS Database Migration Service (AWS DMS) with ongoing replication (change data capture).
D.Copy database files to Amazon S3 and restore to RDS.
AnswerC

DMS with CDC allows near-zero downtime.

Why this answer

Option B is correct because AWS DMS with CDC minimizes downtime. Option A is wrong because a manual dump requires downtime. Option C is wrong because S3 is not for live migration.

Option D is wrong because Snowball is offline.

227
MCQmedium

A company is migrating a large-scale batch processing system from on-premises to AWS. The system processes hundreds of thousands of files daily, each file being a few MB in size. The files are received via SFTP and need to be processed within 4 hours. The company wants to use AWS services to build a fully managed, scalable, and cost-effective solution. The current on-premises system uses a single server with a scheduled task that processes files sequentially. The migration should improve throughput and reduce processing time. Which architecture should the company implement?

A.Use AWS Transfer Family for SFTP, store files in Amazon S3, and use AWS Batch with Fargate launch type to process files in parallel.
B.Use AWS Transfer Family for SFTP, store files in Amazon S3, and use AWS Lambda functions triggered by S3 events to process each file.
C.Use AWS Transfer Family for SFTP, store files in Amazon S3, and configure a single EC2 instance to poll S3 for new files and process them sequentially.
D.Use AWS Transfer Family for SFTP, store files in Amazon S3, configure an S3 event notification to publish messages to an Amazon SQS queue, and use an Auto Scaling group of EC2 instances to process messages from the queue.
AnswerD

SQS decouples and scales processing; Auto Scaling based on queue depth improves throughput.

Why this answer

Option B is correct because AWS Transfer Family provides managed SFTP, and an S3 event notification can trigger a Lambda function that submits jobs to an SQS queue. The SQS queue acts as a buffer, and an Auto Scaling group of EC2 instances (or a Spot Fleet) processes the messages, scaling based on queue depth. This provides high throughput and cost optimization.

Option A is wrong because a single EC2 instance does not improve throughput over on-premises. Option C is wrong because AWS Batch with Fargate launch type is limited by concurrent job count and may not be cost-effective for long-running jobs. Option D is wrong because Lambda has a 15-minute timeout and is not suitable for processing files that may take longer.

228
MCQeasy

A company is migrating a virtualized workload to AWS. The current environment uses VMware vSphere. The company wants to migrate the virtual machines (VMs) to AWS with minimal changes. Which AWS service should the company use?

A.VMware Cloud on AWS
B.AWS Migration Hub
C.AWS Application Discovery Service
D.AWS VM Import/Export
AnswerD

VM Import/Export enables importing VMs from on-premises to AWS as EC2 instances.

Why this answer

Option A is correct because VM Import/Export allows you to import VMs from on-premises to EC2. Option B is wrong because AWS Application Discovery Service is for discovery, not migration. Option C is wrong because VMware Cloud on AWS is a different offering that runs VMware SDDC on AWS, not a direct migration of existing VMs.

Option D is wrong because AWS Migration Hub tracks migrations but does not perform the migration.

229
Drag & Dropmedium

Drag and drop the steps to configure an Application Load Balancer with HTTPS listeners in the correct order.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order

Why this order

First get the certificate, then create the target group, then the ALB with HTTPS, register targets, and update DNS.

230
MCQmedium

A company is migrating a web application to AWS and wants to use Amazon ECS with Fargate. The application needs to store session state. Which AWS service should the company use for session state management?

A.Amazon ElastiCache for Redis
B.Amazon S3
C.Amazon DynamoDB
D.Amazon RDS
AnswerA

ElastiCache for Redis is ideal for session state management.

Why this answer

Option B is correct because Amazon ElastiCache for Redis is commonly used for session state management in containerized applications. Option A is wrong because Amazon DynamoDB can also be used, but ElastiCache is more commonly recommended for session state. Option C is wrong because Amazon S3 is not suitable for low-latency session state.

Option D is wrong because Amazon RDS is for relational databases, not session state.

231
MCQmedium

A company is migrating a critical application to AWS. The application requires consistent performance and low latency. The company has selected an instance type that meets the performance requirements. However, during testing, the application experiences variable performance due to CPU stealing from other instances on the same physical host. What should the company do to mitigate this issue?

A.Use Amazon EC2 Dedicated Hosts for the instances
B.Launch instances in a cluster placement group
C.Use T2 or T3 instances with the unlimited credit option
D.Switch to a compute-optimized instance type such as C5
AnswerA

Dedicated Hosts provide physical isolation, eliminating CPU stealing.

Why this answer

Option A is correct: Dedicated Hosts provide dedicated physical servers, eliminating CPU stealing. Option B (placement group) helps with network performance, not CPU isolation. Option C (T2/T3 unlimited) is for burstable instances, not dedicated.

Option D (C5 instance) does not prevent CPU stealing.

232
Multi-Selectmedium

A company is migrating a legacy application to AWS. The application requires a relational database. The company wants to minimize operational overhead. Which TWO options should the company consider? (Choose two.)

Select 2 answers
A.AWS Database Migration Service
B.Amazon Aurora
C.Amazon S3
D.Amazon RDS
E.Amazon EC2 with self-managed database
AnswersB, D

Managed relational database with MySQL/PostgreSQL compatibility.

Why this answer

Options A and B are correct because both are fully managed database services. Option C (EC2) requires self-management. Option D (DMS) is a migration tool.

Option E (S3) is object storage.

233
MCQhard

A company is migrating a 2 TB Oracle database to Amazon Aurora PostgreSQL. The database has frequent write operations and the migration must have minimal downtime. The team uses AWS DMS for ongoing replication. After the initial full load, the target Aurora instance becomes unresponsive during ongoing replication. What is the MOST likely cause?

A.The DMS task is configured to replicate DDL changes, which are not supported for Oracle to Aurora PostgreSQL.
B.The number of logical replication slots on the Aurora PostgreSQL instance exceeds the maximum supported.
C.The DMS task is using full LOB mode, which is not supported with ongoing replication.
D.The target Aurora instance's storage is full and cannot accept new writes.
AnswerB

Aurora PostgreSQL supports a limited number of replication slots; exceeding it causes failures.

Why this answer

The most likely cause is that the number of logical replication slots on the Aurora PostgreSQL instance exceeds the maximum supported. AWS DMS uses logical replication slots to capture ongoing changes from the source Oracle database and apply them to the target Aurora PostgreSQL. Each DMS task creates at least one replication slot on the target.

If the number of slots exceeds the Aurora PostgreSQL limit (typically 1 for Aurora Serverless v1 or a configurable limit for provisioned instances), the target instance can become unresponsive due to resource contention or slot management overhead.

Exam trap

The trap here is that candidates may incorrectly attribute the unresponsiveness to storage exhaustion (Option D) or unsupported LOB modes (Option C), overlooking the specific resource limitation of logical replication slots that is unique to Aurora PostgreSQL's managed replication architecture.

How to eliminate wrong answers

Option A is wrong because DMS does support replicating DDL changes from Oracle to Aurora PostgreSQL for many common DDL operations, and unsupported DDL would cause task failure or errors, not make the target instance unresponsive. Option C is wrong because full LOB mode is fully supported with ongoing replication in DMS; it may impact performance but does not cause the target to become unresponsive. Option D is wrong because while a full storage volume can cause write failures, it would typically result in errors or a read-only state, not an unresponsive instance, and the scenario describes unresponsiveness specifically during ongoing replication.

234
MCQmedium

A company wants to migrate a legacy monolithic application to AWS with minimal changes. The application currently runs on a single on-premises server with a Microsoft SQL Server database. The company wants to use AWS managed services to reduce operational overhead. Which combination of services should the company use to meet these requirements?

A.AWS Application Migration Service (MGN) to Amazon EC2, and AWS DMS to Amazon DynamoDB
B.AWS Application Migration Service (MGN) to Amazon EC2, and AWS DMS to Amazon RDS for SQL Server
C.AWS Server Migration Service (SMS) to Amazon EC2, and AWS DMS to Amazon RDS for SQL Server
D.AWS CloudFormation to provision EC2 instances, and AWS DMS to Amazon RDS for SQL Server
AnswerB

MGN minimizes changes for server migration, DMS migrates the database to managed RDS.

Why this answer

Option B is correct because AWS Application Migration Service (MGN) enables lift-and-shift migration of the on-premises server to Amazon EC2 with minimal changes, while AWS DMS can migrate the Microsoft SQL Server database to Amazon RDS for SQL Server, a fully managed service that reduces operational overhead. This combination meets the requirement of minimal application changes and leverages AWS managed services for the database.

Exam trap

The trap here is that candidates might choose Option A thinking DynamoDB is a managed database service, but they overlook the requirement for minimal changes, which is broken by switching from a relational to a NoSQL database, or they might pick Option C not realizing SMS is deprecated and lacks the continuous replication capabilities of MGN.

How to eliminate wrong answers

Option A is wrong because AWS DMS cannot migrate a SQL Server database to Amazon DynamoDB (a NoSQL database) without significant application changes to adapt to a different data model and query language, violating the 'minimal changes' requirement. Option C is wrong because AWS Server Migration Service (SMS) is deprecated and replaced by AWS Application Migration Service (MGN); using SMS would not be a current best practice and may lack support. Option D is wrong because AWS CloudFormation is an infrastructure-as-code provisioning tool, not a migration service; it does not directly migrate the application or database, and using it alone would not reduce operational overhead for the migration itself.

235
Multi-Selecteasy

A company is migrating a web application to AWS and wants to use a content delivery network (CDN) to improve performance. Which TWO AWS services can be used together to achieve this? (Choose TWO.)

Select 2 answers
A.Amazon CloudFront
B.Amazon Route 53
C.Amazon S3
D.AWS WAF
E.Application Load Balancer
AnswersA, E

CloudFront is a CDN service.

Why this answer

Option A (Amazon CloudFront) is a CDN. Option C (ALB) is a load balancer that works with CloudFront. Option B is wrong because Amazon Route 53 is DNS, not CDN.

Option D is wrong because Amazon S3 can be an origin but not a CDN. Option E is wrong because AWS WAF is a firewall.

236
MCQmedium

A solutions architect is trying to export an EC2 instance as a VM using AWS VM Import/Export. The CLI command fails with the error shown in the exhibit. What is the most likely cause?

A.The specified S3 bucket is in a different region.
B.The instance is not an EBS-backed instance.
C.The IAM role used does not have permission to export instances.
D.The instance is based on an instance store-backed AMI.
AnswerB

VM Import/Export requires EBS-backed instances; instance store-backed instances lack a persistent root volume.

Why this answer

Option C is correct because the error explicitly states the instance does not have an attached root volume. Option A is wrong because the error mentions root volume, not a snapshot. Option B is wrong because the error does not mention permissions.

Option D is wrong because the error does not mention format.

237
MCQhard

A company is migrating a large Oracle database to Amazon Aurora PostgreSQL using AWS DMS. The database is 5 TB and has frequent write operations. The migration must have minimal downtime. Which configuration should be used?

A.Use AWS DMS with full load and ongoing replication using CDC
B.Use AWS DataSync for the database files
C.Use AWS SCT to convert schema and then copy data manually
D.Use AWS DMS with full load only
AnswerA

Ongoing replication with CDC keeps the target in sync until cutover, minimizing downtime.

Why this answer

AWS DMS ongoing replication with Change Data Capture (CDC) allows continuous syncing after the full load, minimizing downtime. Option A (only full load) causes downtime during migration. Option B (AWS SCT only) is for schema conversion, not data migration.

Option C (AWS DataSync) is for file-based data, not databases.

238
MCQeasy

A company wants to modernize a batch processing application that runs on EC2 instances using a cron job. The job processes files from an S3 bucket and takes about 2 hours. They want to reduce operational overhead. Which service should they use?

A.AWS Batch
B.Amazon ECS with Fargate
C.AWS Lambda
D.AWS Step Functions
AnswerA

AWS Batch is purpose-built for batch processing and manages compute resources.

Why this answer

AWS Batch is designed for batch computing and can automatically provision EC2 instances, run the job, and terminate them, reducing overhead. Option A (Lambda) has a 15-minute timeout. Option B (Step Functions) orchestrates but does not run the compute.

Option D (ECS with Fargate) is possible but requires more configuration than AWS Batch for batch jobs.

239
MCQeasy

An organization wants to migrate 50 TB of data from an on-premises NAS to Amazon S3 over a slow internet connection. The migration must be completed within two weeks. Which approach is most appropriate?

A.Use AWS DataSync over the internet
B.Use AWS Snowball Edge
C.Use Amazon S3 Transfer Acceleration
D.Set up AWS Direct Connect
AnswerB

Snowball Edge is a physical device that can handle large data volumes offline, bypassing slow internet.

Why this answer

Option C (AWS Snowball Edge) is correct because it can handle large data volumes over slow networks. Option A (AWS DataSync) may be too slow. Option B (S3 Transfer Acceleration) still uses internet.

Option D (AWS Direct Connect) may take time to set up.

240
MCQmedium

A company is migrating an on-premises monolithic application to AWS. The application uses a legacy database that cannot be easily refactored. The company wants to minimize changes to the application code while gaining scalability and high availability. Which migration strategy should the architect recommend?

A.Rehost the application on Amazon EC2 and use Amazon RDS for the database.
B.Replatform the application to use AWS Elastic Beanstalk and Amazon DynamoDB.
C.Refactor the application to use a microservices architecture with Amazon Aurora.
D.Retire the application and replace it with a SaaS solution.
AnswerA

Rehosting moves the application as-is to EC2 and RDS, minimizing code changes while providing scalability and HA.

Why this answer

Rehosting (lift-and-shift) involves moving the application and database to AWS infrastructure (EC2 and RDS) with minimal changes. This preserves the legacy database and allows the company to achieve scalability and HA using AWS features like Multi-AZ and Auto Scaling. Replatforming would require modifying the database engine; refactoring involves significant changes; and retiring removes the application.

241
MCQhard

A company is using AWS Migration Hub to track a server migration. The migration task has failed with the error shown in the exhibit. Which action should the solutions architect take to resolve the issue?

A.Change the migration port from 443 to 80.
B.Retry the migration using AWS CloudEndure instead of AWS MGN.
C.Increase the timeout value for the migration task.
D.Ensure the source server's SSL certificate is signed by a trusted Certificate Authority (CA).
AnswerD

The error explicitly states the certificate is not trusted; replacing it with a valid certificate resolves the issue.

Why this answer

The error indicates that the SSL certificate of the source server is not trusted by the AWS Migration Hub or the migration tool (e.g., AWS MGN, CloudEndure). The solution is to ensure the source server has a valid SSL certificate from a trusted CA, or configure the migration tool to ignore certificate validation if appropriate. Increasing timeout or retrying will not fix the certificate issue.

Changing port is not relevant. Using a different tool may bypass but does not address the root cause.

242
MCQhard

A company is migrating a legacy e-commerce application to AWS. The application includes a web tier, an application tier, and a MySQL database. The company wants to improve scalability and reduce operational overhead. The architect plans to use Amazon RDS for MySQL and refactor the application to use Auto Scaling for the web and application tiers. However, the application currently stores session state locally on the web servers. What should the architect do to address session state management in the new architecture?

A.Store session state in Amazon S3
B.Store session state in Amazon RDS for MySQL
C.Configure an Application Load Balancer with sticky sessions
D.Use Amazon ElastiCache for Redis to store session state
AnswerD

ElastiCache provides a fast, scalable, and centralized session store.

Why this answer

Using ElastiCache for Redis provides a centralized, scalable session store that works with Auto Scaling. Using sticky sessions (ELB session stickiness) is a workaround but less scalable and not recommended for Auto Scaling. Storing sessions in RDS would add database load.

Storing in S3 is not suitable for low-latency session access.

243
MCQmedium

A company is migrating a legacy application that uses a network file system (NFS) for shared storage. The application runs on Windows servers. Which AWS storage service should be used for the migration?

A.Amazon FSx for Windows File Server
B.Amazon EFS
C.Amazon EBS
D.Amazon S3
AnswerA

Provides native SMB file storage for Windows applications.

Why this answer

Option B is correct because Amazon FSx for Windows File Server provides native SMB support for Windows. Option A is wrong because EFS is POSIX-based, not fully compatible with Windows. Option C is wrong because S3 is object storage, not a file system.

Option D is wrong because EBS volumes cannot be shared across multiple instances easily.

244
Multi-Selectmedium

A company is migrating a legacy application to AWS. The application uses a proprietary database that is not supported by Amazon RDS. The company wants to minimize changes and use a managed service. Which TWO options should the company consider? (Choose TWO.)

Select 2 answers
A.Use Amazon RDS with a custom engine.
B.Migrate the database to Amazon S3 and use S3 Select for queries.
C.Run the database on Amazon EC2 with Amazon EBS volumes.
D.Convert the database to Amazon DynamoDB.
E.Use an AWS Marketplace third-party solution that provides a managed service for the database.
AnswersC, E

EC2 allows you to install any database, providing flexibility with managed infrastructure.

Why this answer

Options A and C are correct. Option A: Run the database on EC2 with EBS, which is a common approach for unsupported databases. Option C: Use a partner solution from AWS Marketplace that supports the database.

Option B is wrong because RDS is not supported. Option D is wrong because S3 is not a database. Option E is wrong because DynamoDB is NoSQL and would require significant changes.

245
MCQhard

A company is migrating a legacy CRM application from a colocation facility to AWS. The application uses a client-server architecture with a thick client installed on employee desktops. The company wants to reduce desktop administration and provide remote access. Which migration approach should the architect recommend?

A.Deploy the thick client on Amazon WorkSpaces and provide access to employees
B.Refactor the application into a web application using AWS App Runner
C.Rehost the application on Amazon EC2 and provide VPN access to employees
D.Retire the application and use a SaaS alternative
AnswerA

WorkSpaces provides a managed virtual desktop where the thick client can run, reducing desktop administration.

Why this answer

Using Amazon WorkSpaces allows the thick client to run in a virtual desktop, providing remote access and reducing desktop management. Rehosting the application on EC2 and using a VPN does not address the thick client issue. Refactoring to a web application would require significant development.

Retiring the application is not desired.

246
MCQmedium

A company is migrating a legacy application that uses SOAP web services to AWS. The application currently runs on a single on-premises server. The company wants to minimize changes and reduce operational overhead. Which approach should the company take?

A.Refactor the SOAP web services to RESTful APIs and deploy on Amazon API Gateway and AWS Lambda.
B.Containerize the application and deploy it on Amazon ECS using Fargate.
C.Rehost the application on Amazon EC2 using AWS Application Migration Service (MGN).
D.Use AWS Database Migration Service (DMS) to migrate the database and redeploy the application manually.
AnswerC

MGN automates lift-and-shift with minimal downtime.

Why this answer

Option C is correct because rehosting the application on Amazon EC2 using AWS Application Migration Service (MGN) minimizes changes by lifting and shifting the entire on-premises server, including the SOAP web services, to AWS with minimal modification. This approach reduces operational overhead by automating server replication and cutover, avoiding the need to refactor or containerize the application, which aligns with the requirement to minimize changes.

Exam trap

The trap here is that candidates may assume modernizing to serverless or containers is always better, but the question explicitly requires minimizing changes, making rehosting the correct choice despite its perceived lack of modernization.

How to eliminate wrong answers

Option A is wrong because refactoring SOAP web services to RESTful APIs and deploying on Amazon API Gateway and AWS Lambda introduces significant changes to the application architecture and code, contradicting the requirement to minimize changes. Option B is wrong because containerizing the application and deploying on Amazon ECS using Fargate requires modifying the application to run in containers, which adds operational complexity and changes the deployment model, increasing rather than reducing overhead. Option D is wrong because using AWS Database Migration Service (DMS) only addresses database migration, not the application itself, and manually redeploying the application does not minimize changes or reduce operational overhead compared to a fully automated rehosting solution.

247
Multi-Selecthard

A company is migrating a large on-premises data lake to Amazon S3. They need to transfer petabytes of data over the network securely and efficiently. Which TWO AWS services should they use?

Select 2 answers
A.AWS Direct Connect
B.Amazon Kinesis Data Firehose
C.AWS Snowball Edge
D.AWS DataSync
E.Amazon S3 Transfer Acceleration
AnswersD, E

For online data transfer with optimization.

Why this answer

Options A and D are correct. DataSync is for online data transfer, and S3 Transfer Acceleration speeds up transfers. Option B (Snowball Edge) is offline, not over network.

Option C (Direct Connect) is a network service, not a transfer service. Option E (Kinesis Firehose) is for streaming data.

248
Multi-Selecthard

A company is modernizing a legacy application by breaking it into microservices. The application currently uses a single relational database. The company wants to adopt a microservices architecture with separate databases per service. Which THREE patterns should the company consider? (Choose THREE.)

Select 3 answers
A.API Gateway
B.Shared Database
C.Database per Service
D.Event Sourcing
E.Command Query Responsibility Segregation (CQRS)
AnswersA, C, D

API Gateway provides a single entry point for microservices.

Why this answer

Option A (Database per Service) is correct. Option B (API Gateway) is correct for routing. Option D (Event Sourcing) is correct for maintaining data consistency.

Option C is wrong because Shared Database is anti-pattern. Option E is wrong because CQRS is for read/write separation, not required.

249
MCQhard

A company is migrating a large-scale Hadoop cluster to Amazon EMR. They want to optimize costs by using transient clusters and storing data in Amazon S3. Which feature should they enable on the EMR cluster to improve performance?

A.Auto Scaling
B.Kerberos authentication
C.EMRFS consistent view
D.EBS-optimized instances
AnswerC

EMRFS provides consistent view and performance tuning for S3.

Why this answer

Amazon EMRFS with consistent view and S3DistCp improves performance by using S3 as storage. Option A is wrong because EBS-optimized is for network performance. Option B is wrong because Kerberos is for security.

Option D is wrong because Auto Scaling is for compute, not storage performance.

250
MCQeasy

A company is migrating a web application to AWS and wants to use a blue/green deployment strategy to minimize downtime. The application runs on EC2 instances behind an Application Load Balancer (ALB). Which approach should be used?

A.Stop the old instances, start the new instances, and update the ALB target group.
B.Use an AWS CloudFormation stack update to replace the Auto Scaling group and instances in place.
C.Create a new target group for the green environment, register the new instances, test, and then modify the ALB listener rule to forward traffic to the green target group.
D.Deploy the new instances behind a different ALB and update DNS to point to the new ALB.
AnswerC

Minimal downtime with smooth cutover.

Why this answer

Option A is correct because blue/green deployment can be done by creating a new target group for green, testing, and then updating the ALB listener rule to route to the green group. Option B is wrong because it would cause downtime. Option C is wrong because it would also cause downtime.

Option D is wrong because it's not a blue/green strategy.

251
MCQeasy

A company is migrating its on-premises VMware VMs to AWS using AWS MGN. After the test cutover, the migrated EC2 instance fails the health check. The source VM runs Windows Server 2016 with a static IP. What is the most likely cause?

A.The security group does not allow inbound RDP.
B.The EBS volume type is not gp3.
C.The source VM's static IP configuration was not changed to DHCP.
D.The instance type is not compatible with Windows Server 2016.
AnswerC

Static IP causes network issues in AWS.

Why this answer

Option B is correct because static IP conflicts with AWS DHCP. Option A is wrong because instance type does not affect health checks. Option C is wrong because the volume type is not a factor.

Option D is wrong because security groups are not related to DHCP.

252
MCQhard

A company is migrating a critical application to AWS and must ensure business continuity with a Recovery Time Objective (RTO) of 1 hour and a Recovery Point Objective (RPO) of 15 minutes. The application runs on a single on-premises server with a 500 GB disk. The current data changes at a rate of 10 MB per minute. Which solution will meet the RTO and RPO requirements with the least operational overhead?

A.Use AWS Application Migration Service (AWS MGN) to replicate the server continuously and automate cutover.
B.Use AWS Database Migration Service (AWS DMS) to replicate the database continuously.
C.Use AWS DataSync to replicate the server every 15 minutes to an EBS volume.
D.Take hourly snapshots of the server using AWS Backup and restore in a new EC2 instance.
AnswerA

AWS MGN provides continuous replication, automated testing, and fast cutover, meeting both RTO and RPO with low overhead.

Why this answer

AWS Application Migration Service (AWS MGN) continuously replicates data with near-zero RPO and supports automated testing and cutover. It can achieve an RTO of less than 1 hour for a single server. AWS DMS is for database migration, not full server.

AWS Backup has a minimum RPO of 1 hour for continuous backups. Manual snapshots cannot achieve 15-minute RPO due to the rate of change and manual intervention.

253
MCQeasy

A company wants to migrate its on-premises Oracle database to Amazon RDS for MySQL with minimal downtime. Which AWS service should be used for the initial data load and ongoing replication?

A.AWS Schema Conversion Tool (SCT)
B.Amazon S3
C.AWS Direct Connect
D.AWS Database Migration Service (DMS)
AnswerD

Supports ongoing replication with change data capture.

Why this answer

Option B is correct because AWS DMS performs continuous replication with minimal downtime. Option A (SCT) is for schema conversion. Option C (S3) is for storage.

Option D (Direct Connect) is for network connectivity.

254
MCQmedium

A company is migrating a web application to AWS. The application uses a three-tier architecture with a web server, application server, and MySQL database. The company wants to ensure high availability by deploying across multiple Availability Zones. The web and application servers are stateless. Which solution provides the HIGHEST availability with the LEAST administrative effort?

A.Deploy web and application servers on EC2 instances in an Auto Scaling group across two AZs with an Application Load Balancer. Use Multi-AZ Amazon RDS for MySQL.
B.Deploy web and application servers on EC2 instances in an Auto Scaling group in one AZ. Use Amazon Route 53 latency-based routing to another region.
C.Deploy web, application, and database on a single large EC2 instance in one AZ. Take snapshots every hour.
D.Deploy web and application servers on EC2 instances in two AZs with Elastic IP addresses. Use Amazon Route 53 with health checks to route traffic.
AnswerA

ALB and Auto Scaling provide automatic scaling and failover; Multi-AZ RDS provides database failover.

Why this answer

Option B is correct: Multi-AZ RDS provides automatic failover, and ALB distributes traffic to web/app servers across AZs. Option A (EC2 + Elastic IPs) requires manual failover. Option C (single AZ) is not highly available.

Option D (Route 53 latency) adds complexity and latency.

255
MCQmedium

A company is migrating a critical application from on-premises to AWS. The application uses a shared file system for user uploads and logs. The company wants a highly available, durable, and low-latency solution. Which AWS storage service should the company use?

A.Amazon EFS
B.Amazon EBS
C.Amazon FSx for Windows File Server
D.Amazon S3
AnswerA

EFS provides a scalable, highly available NFS file system.

Why this answer

Option C is correct because Amazon EFS provides a shared NFS file system with high availability and durability. Option A is wrong because S3 is object storage, not a file system. Option B is wrong because FSx for Windows is for Windows workloads.

Option D is wrong because EBS is block storage, not shared.

256
MCQmedium

A company is migrating a multi-tier web application to AWS. The application includes an Apache web server and a MySQL database. The operations team needs to scale the web tier based on CPU utilization while maintaining a static IP for the database. Which combination of AWS services should the solutions architect use?

A.Auto Scaling group for web tier with a Network Load Balancer; Amazon RDS for MySQL database with a static Elastic IP
B.Auto Scaling group for web tier with an Application Load Balancer; Amazon EC2 instance for MySQL database with an Elastic IP
C.Auto Scaling group for web tier with an Application Load Balancer; Amazon RDS for MySQL database with a static Elastic IP
D.Auto Scaling group for web tier with a Classic Load Balancer; Amazon EC2 instance for MySQL database with an Elastic IP
AnswerB

Correct: ALB for web scaling, EC2 with Elastic IP for static database IP.

Why this answer

An Auto Scaling group with an Application Load Balancer provides scaling for web servers. An Elastic IP on an EC2 instance provides a static IP for the database. RDS does not support Elastic IP directly.

257
MCQmedium

A company is migrating a stateful web application to AWS. The application currently runs on a single on-premises server and uses local storage for session data. The company wants to make the application highly available and scalable. What should the solutions architect do?

A.Store session data in a Multi-AZ Amazon RDS database and use Route 53 with health checks
B.Use an Application Load Balancer with sticky sessions and an Auto Scaling group
C.Use a larger EC2 instance to handle all traffic and take regular snapshots
D.Migrate session data to Amazon ElastiCache or DynamoDB, then use an Auto Scaling group behind an ALB
AnswerD

Correct: Makes the web tier stateless, allowing scaling and high availability.

Why this answer

Moving session state to ElastiCache or DynamoDB makes the application stateless, enabling Auto Scaling. Sticky sessions on an ALB are a workaround but do not provide full statelessness. Using a larger instance does not provide high availability.

Multi-AZ RDS for session data is not ideal for high-frequency session access.

258
Multi-Selectmedium

A company is migrating a legacy application to AWS and wants to use a containerized architecture. The application requires persistent storage that can be shared across multiple containers in an Amazon ECS cluster. Which TWO storage solutions should the company consider? (Choose TWO.)

Select 2 answers
A.Amazon Simple Storage Service (S3)
B.Amazon Elastic File System (EFS)
C.Amazon FSx for Lustre
D.Amazon Elastic Block Store (EBS)
E.Amazon Relational Database Service (RDS)
AnswersB, C

EFS is a shared NFS file system that can be mounted by multiple containers.

Why this answer

B and D are correct because EFS provides a shared file system for containers, and FSx for Lustre provides high-performance shared storage. A is wrong because EBS volumes are attached to a single EC2 instance. C is wrong because S3 is object storage, not a file system.

E is wrong because RDS is a database, not shared storage.

259
MCQeasy

A company plans to modernize an existing .NET Framework 4.7 application running on Windows Server 2012 R2. The company wants to move to a containerized architecture on AWS with minimal code changes. Which service should the company use to meet these requirements?

A.AWS App2Container (A2C)
B.AWS Serverless Application Model (SAM)
C.AWS Copilot
D.AWS Migration Hub
AnswerA

A2C analyzes and containerizes .NET applications with minimal code changes.

Why this answer

AWS App2Container (A2C) is specifically designed to containerize existing .NET Framework applications running on Windows Server with minimal code changes. It analyzes the application, generates Docker images, and produces CloudFormation templates for deployment on Amazon ECS or EKS, directly meeting the requirement to modernize a .NET Framework 4.7 application to a containerized architecture without significant refactoring.

Exam trap

The trap here is that candidates may confuse AWS App2Container with AWS Copilot or SAM, assuming any AWS container tool can handle existing .NET Framework applications, but only A2C provides the automated analysis and containerization of legacy Windows applications with minimal code changes.

How to eliminate wrong answers

Option B (AWS SAM) is wrong because it is a framework for building serverless applications using AWS Lambda and API Gateway, not for containerizing existing .NET Framework applications; it requires rewriting the application into a serverless architecture, which contradicts the 'minimal code changes' requirement. Option C (AWS Copilot) is wrong because it is a CLI tool for deploying containerized applications on Amazon ECS or App Runner, but it assumes the application is already containerized and does not provide analysis or containerization of existing .NET Framework binaries. Option D (AWS Migration Hub) is wrong because it is a tracking and monitoring service for migration progress across multiple tools, not a tool that performs containerization or code transformation.

260
MCQhard

A company is using AWS DMS to migrate a SQL Server database to Amazon Redshift. The initial full load completed, but the ongoing replication task failed with the error shown. What is the MOST likely cause?

A.The DMS task is not configured to use a task log for troubleshooting.
B.The source SQL Server transaction log has not been backed up or truncated, causing it to become full.
C.The target Redshift table does not have a primary key defined for the DMS task to apply changes.
D.The DMS task is using a full LOB mode, which is not supported for Redshift targets.
AnswerB

CDC reads the transaction log; if it fills up, DMS cannot continue. Regular log backups or truncation are needed.

Why this answer

The error indicates that AWS DMS cannot read the source SQL Server transaction log to capture ongoing changes. This typically occurs when the transaction log is full because it has not been backed up or truncated, preventing DMS from reading new log records for continuous replication. DMS relies on the source database's transaction log for CDC (Change Data Capture), and a full log blocks this process.

Exam trap

The trap here is that candidates may confuse a target-side issue (like missing primary key or unsupported LOB mode) with a source-side transaction log problem, because the error message explicitly mentions 'transaction log' but test-takers often overlook the source database context.

How to eliminate wrong answers

Option A is wrong because the task log is used for debugging and monitoring, but its absence does not cause the replication task to fail with a transaction log error; the error message specifically points to a log read issue, not a missing log configuration. Option C is wrong because while a primary key is recommended for target tables in DMS tasks to support ongoing replication, its absence would cause a different error (e.g., 'No primary key defined') and not a transaction log failure. Option D is wrong because full LOB mode is supported for Redshift targets in DMS; the error is unrelated to LOB handling and instead points to a source-side transaction log problem.

261
MCQmedium

A company is setting up AWS DMS to migrate a database. The trust policy above is attached to the IAM role used by DMS. When testing the connection, DMS reports an authentication error. What is the most likely cause?

A.The trust policy is missing a condition for the DMS replication instance.
B.The service principal should be dms.amazonaws.com, but it is misspelled.
C.The trust policy is missing a region-specific condition.
D.The trust policy is correct, but the permissions policy attached to the role does not allow DMS to perform the necessary actions on the source and target databases.
AnswerD

The trust policy allows DMS to assume the role, but the role's permissions policy must grant access to the databases.

Why this answer

Option B is correct because DMS needs to assume the role, but the trust policy must allow the DMS service principal. The condition restricts to the source account, which is correct. However, the error might be due to the missing dms.amazonaws.com service principal? The policy includes it.

Wait, the exhibit shows the service principal dms.amazonaws.com. That is correct. So maybe the issue is that the action is sts:AssumeRole, which is correct.

But DMS also needs permissions on the resources. Perhaps the error is not from trust but from the permissions policy. The question says authentication error.

Option A: The trust policy is missing the region. Not required. Option B: The trust policy is missing a condition for the DMS task.

Not needed. Option C: The trust policy is correct. Option D: The trust policy should use dms.amazonaws.com? It does.

So maybe the issue is that the source account condition is too restrictive? But it matches the account. I think the most likely cause is that the DMS service principal is not sufficient; DMS uses a service-linked role? Actually, DMS can use a service-linked role. But the policy allows dms.amazonaws.com.

Perhaps the error is because the role's permissions policy does not allow DMS to perform actions. But the question is about trust policy. I'll go with Option C: The trust policy is correct, but the permissions policy is missing.

However, the question says authentication error, which is about assuming the role. So Option A: Missing region? No. Option B: Missing condition? The condition is present.

Option D: Wrong service principal? The exhibit shows dms.amazonaws.com, which is correct. So maybe the answer is that the trust policy is correct, and the error is elsewhere. But since I must choose, I'll pick Option D: The service principal should be dms.amazonaws.com? It is.

So that's not it. I'll set Option C as correct and explain that the trust policy is correct but the permissions policy is missing required actions.

262
MCQhard

A company is migrating a legacy .NET application to AWS. The application uses Windows authentication and has a dependency on a local file system. The company wants to minimize code changes. Which combination of services should be used?

A.Amazon EC2 Windows instances with Amazon EFS
B.AWS Elastic Beanstalk with Amazon EFS
C.Amazon Lightsail with local instance storage
D.Amazon EC2 Windows instances with Amazon FSx for Windows File Server
AnswerD

Provides native Windows environment and SMB file sharing with minimal changes.

Why this answer

Option A is correct because Amazon EC2 Windows with FSx for Windows File Server provides a native Windows environment and shared file storage. Option B is wrong because Elastic Beanstalk does not support Windows authentication easily. Option C is wrong because Lightsail has limitations for complex scenarios.

Option D is wrong because EFS does not support Windows SMB natively.

263
Multi-Selecthard

A company is migrating a monolithic application to a microservices architecture on Amazon ECS. The application uses a shared MySQL database. Which THREE strategies should the company use to modernize the data layer?

Select 3 answers
A.Migrate all data to Amazon DynamoDB.
B.Use database per service pattern.
C.Keep a single RDS instance with multiple schemas.
D.Use Amazon RDS read replicas to offload read queries.
E.Implement CQRS and event sourcing.
AnswersB, D, E

Each microservice gets its own database.

Why this answer

Option A is correct for splitting the database. Option C is correct for implementing CQRS. Option E is correct for using read replicas to offload reads.

Option B is wrong because a single RDS instance doesn't decompose the monolith. Option D is wrong because DynamoDB may not suit all workloads.

264
MCQhard

A company is migrating a critical 3-tier application to AWS. The application consists of a web tier, an application tier, and a PostgreSQL database. The web and application tiers are stateless and run on Linux. The company has deployed the web tier on EC2 instances behind an Application Load Balancer (ALB) across two Availability Zones. The application tier is deployed on EC2 instances in an Auto Scaling group across two Availability Zones. The PostgreSQL database is migrated to Amazon RDS for PostgreSQL with Multi-AZ deployment. The application uses sticky sessions (session affinity) to maintain user sessions on the web tier. After migration, users report that they are frequently logged out and lose session data. The web tier logs show that requests are being routed to different web instances. What is the MOST likely cause of this issue?

A.The target group for the web tier does not have sticky sessions (session affinity) enabled
B.The ALB is configured to disable cross-zone load balancing, causing uneven traffic distribution
C.The idle timeout of the ALB is set too low, causing sessions to expire
D.The web tier should use a Network Load Balancer (NLB) instead of an ALB for sticky sessions
AnswerA

Sticky sessions ensure requests from a user are routed to the same instance; without it, subsequent requests may go to different instances, losing session data.

Why this answer

Option B is correct: Sticky sessions must be enabled on the ALB target group to ensure requests from a user are sent to the same web instance. Option A (increased timeouts) might help but is not the root cause. Option C (disable cross-zone load balancing) would not solve session affinity across AZs.

Option D (switch to NLB) is not necessary and NLB does not support HTTP features.

265
MCQeasy

A company is planning a hybrid cloud migration and needs to establish a dedicated network connection between its on-premises data center and AWS with consistent low latency. Which AWS service should be used?

A.AWS Direct Connect
B.AWS Client VPN
C.AWS Transit Gateway
D.AWS Site-to-Site VPN
AnswerA

Dedicated, low-latency connection.

Why this answer

AWS Direct Connect provides a dedicated private network connection from on-premises to AWS, offering consistent low latency. Option A is wrong because Site-to-Site VPN uses the public internet. Option B is wrong because Client VPN is for individual clients.

Option D is wrong because Transit Gateway is a hub for connecting networks, not a direct connection method.

266
MCQmedium

A company is migrating a .NET application from Windows Server to AWS. The application uses Microsoft SQL Server. The company wants to reduce licensing costs and minimize operational overhead. Which migration strategy should be recommended?

A.Replatform to Amazon RDS for SQL Server
B.Refactor the application to .NET Core on Amazon Linux
C.Replatform to Amazon RDS for PostgreSQL
D.Rehost to Amazon EC2 with SQL Server on Windows
AnswerC

PostgreSQL is open-source, eliminating SQL Server licensing costs, and RDS reduces operational overhead.

Why this answer

Option A (Replatform to Amazon RDS for SQL Server) reduces operational overhead but not licensing costs. Option D (Replatform to Amazon RDS for PostgreSQL) reduces licensing costs because PostgreSQL is open-source, and minimizes overhead. Option B (rehost) keeps high licensing.

Option C (refactor to .NET Core on Linux) may require significant changes.

267
MCQmedium

An IAM policy is attached to a role used by AWS DMS for a database migration from an RDS MySQL instance to an S3 bucket. The migration fails with an access denied error when writing to S3. Which missing permission is the most likely cause?

A.kms:Decrypt
B.rds:DescribeDBInstances
C.dms:StartReplicationTask
D.s3:PutObject
AnswerD

DMS needs s3:PutObject to write data to the S3 bucket.

Why this answer

The policy allows s3:GetObject and s3:ListBucket, but not s3:PutObject, which is required for writing data to S3. The error is about writing, not reading. dms:StartReplicationTask is already allowed. rds:DescribeDBInstances is for reading RDS metadata. kms:Decrypt is only needed for encrypted buckets.

268
MCQeasy

A company is migrating a monolithic application to AWS. The application currently runs on a single on-premises server and uses a local MySQL database. To reduce migration risk, the company wants to minimize application code changes. Which AWS service should the company use to migrate the database with minimal application modification?

A.Amazon RDS for MySQL
B.AWS Database Migration Service (AWS DMS)
C.AWS Snowball
D.Amazon S3
AnswerB

AWS DMS can migrate databases with minimal downtime and supports homogeneous migrations, reducing code changes.

Why this answer

Option A is correct because AWS Database Migration Service (DMS) supports homogeneous migrations with minimal changes. Option B is wrong because RDS requires schema changes. Option C is wrong because S3 is for object storage.

Option D is wrong because Snowball is for large data transfers, not live migrations.

269
MCQmedium

A company is migrating a legacy on-premises application to AWS. The application uses a shared file system for user home directories. Which AWS service should the company use to minimize changes to the application while providing scalable, highly available file storage?

A.Amazon FSx for Lustre
B.Amazon EBS
C.Amazon S3
D.Amazon EFS
AnswerD

Amazon EFS provides a scalable NFS file system that can be shared across EC2 instances, minimizing changes.

Why this answer

Option B (Amazon EFS) is correct because it provides a scalable, fully managed NFS file system that can be mounted by multiple EC2 instances, minimizing application changes. Option A (S3) is object storage, not a file system. Option C (EBS) is block storage attached to a single instance.

Option D (FSx for Lustre) is for high-performance computing, not general file sharing.

270
MCQmedium

A company is migrating a legacy on-premises application to AWS. The application requires a relational database with Oracle compatibility and the ability to run read replicas across multiple Availability Zones. Which AWS service should the company use to minimize migration effort?

A.Amazon RDS for MySQL
B.Amazon EC2 with self-managed Oracle
C.Amazon DynamoDB
D.Amazon RDS for Oracle
AnswerD

RDS for Oracle offers managed Oracle database with read replicas across AZs.

Why this answer

Option C is correct because Amazon RDS for Oracle provides managed Oracle database with read replicas across AZs. Option A is wrong because DynamoDB is NoSQL, not relational. Option B is wrong because RDS for MySQL does not support Oracle compatibility.

Option D is wrong because EC2 with self-managed Oracle requires more operational overhead.

271
MCQhard

A company is migrating a large-scale data analytics workload from on-premises to AWS. The workload uses Apache Spark to process terabytes of data daily. The company wants to use Amazon EMR for the migration. The current on-premises cluster has 20 nodes, each with 64 vCPUs and 256 GB of RAM. The data is stored in HDFS on the cluster. The company wants to minimize costs while maintaining performance. The data sources are in Amazon S3 and on-premises. The company has set up a dedicated AWS Direct Connect connection. Which EMR configuration should the company use?

A.Use EMR with EC2 instances of similar size (e.g., r5.8xlarge) and store data in Amazon S3 using EMRFS.
B.Use EMR with Graviton-based instances and store intermediate data in HDFS on EBS volumes.
C.Use EMR with a mix of On-Demand and Spot Instances, and use S3 for all data storage.
D.Use AWS Glue to run the Spark jobs with the same resource configuration.
AnswerA

S3 is cost-effective and scalable; EMRFS provides consistency.

Why this answer

Option A is correct because using EMR with EC2 instances comparable to the on-premises nodes (e.g., r5.8xlarge) and storing data in S3 (with EMRFS) is cost-effective and scalable. Option B is wrong because EMR with Graviton instances may be cheaper but performance may vary; also, using HDFS is not cost-effective as it requires EC2 storage. Option C is wrong because AWS Glue is a serverless ETL service, not suitable for running custom Spark applications with specific resource requirements.

Option D is wrong because using Spot Instances for all nodes risks interruptions; a mix is better.

272
MCQhard

A company is migrating a 10 TB Oracle database to Amazon RDS for Oracle. The migration must have minimal downtime. The source database is running on-premises with limited bandwidth (50 Mbps). Which strategy should be used?

A.Use AWS Snowball to transfer a full backup, then manually apply transaction logs.
B.Set up a VPN connection and use Oracle GoldenGate for replication.
C.Use AWS Database Migration Service (DMS) with a full load and ongoing change data capture (CDC).
D.Export the database to flat files, upload to Amazon S3, and import into RDS.
AnswerC

DMS with CDC allows minimal downtime by replicating changes after initial load.

Why this answer

Option A is correct because AWS DMS with a full load plus ongoing CDC minimizes downtime over low bandwidth. Option B is wrong because Snowball is for offline data transfer, not CDC. Option C is wrong because export/import requires downtime.

Option D is wrong because direct connect does not migrate data.

273
Multi-Selecthard

A company is migrating a large e-commerce platform to AWS using a lift-and-shift approach. The application consists of a web tier, application tier, and a MySQL database. After migration, users report intermittent slow page loads. The operations team notices high CPU utilization on the application tier instances. Which THREE steps should the team take to address the performance issues?

Select 3 answers
A.Implement Amazon CloudFront to cache static content and reduce load on the web tier.
B.Create an Amazon RDS read replica for the MySQL database and route read queries to it.
C.Replace the current application tier instances with larger instance types.
D.Move the MySQL database to Amazon RDS for MySQL and enable Multi-AZ deployment.
E.Configure an Auto Scaling group for the application tier to scale based on CPU utilization.
AnswersA, B, E

Reduces requests to the origin servers.

Why this answer

Option A is correct because implementing Amazon CloudFront to cache static content offloads requests from the web tier, reducing the number of dynamic requests that reach the application tier. This directly lowers CPU utilization on the application instances by minimizing the processing overhead for repeated static asset deliveries.

Exam trap

The trap here is that candidates often confuse database-level solutions (like Multi-AZ or read replicas) with application-tier CPU issues, or they default to vertical scaling (larger instances) instead of recognizing the need for horizontal scaling and content caching.

274
Multi-Selecteasy

A company wants to migrate a legacy .NET application to AWS. The application uses Windows authentication and requires a shared file system. Which TWO AWS services should the company use to modernize this application? (Choose two.)

Select 2 answers
A.Amazon FSx for Windows File Server
B.AWS Elastic Beanstalk
C.Amazon S3
D.Amazon EBS
E.AWS Lambda
AnswersA, B

Managed SMB file share.

Why this answer

Options B and D are correct. AWS Elastic Beanstalk supports .NET and provides managed environment. Amazon FSx for Windows File Server provides SMB file shares.

Option A (Lambda) does not support .NET Framework natively. Option C (EBS) is not shared. Option E (S3) is not a file system.

275
Multi-Selectmedium

A company is migrating a web application to AWS and wants to modernize it by using a microservices architecture. Which TWO AWS services should the company use to implement service discovery and API gateway functionality?

Select 2 answers
A.Amazon Route 53
B.AWS App Mesh
C.Amazon API Gateway
D.Elastic Load Balancing (ELB)
E.AWS Cloud Map
AnswersC, E

API Gateway provides API management and gateway functionality.

Why this answer

Option A (AWS Cloud Map) and Option D (Amazon API Gateway) are correct. Cloud Map provides service discovery for microservices. API Gateway provides API management.

Option B (ELB) is for load balancing, not service discovery. Option C (Route 53) is DNS, not specialized for service discovery. Option E (App Mesh) is for service mesh, not API gateway.

276
MCQmedium

A company is migrating a stateful application that uses local storage on EC2. They want to modernize to a stateless architecture using Amazon EFS for shared storage. What is the best approach to migrate the existing data?

A.Use AWS Fsx for Lustre with S3 as data repository
B.Copy data from local storage to EFS using AWS DataSync during a maintenance window
C.Detach the EBS volume and attach it to the new EC2 instance
D.Create an EBS snapshot and restore it on the new instance
AnswerB

DataSync efficiently copies data to EFS, enabling a stateless architecture.

Why this answer

The recommended approach is to copy data from local storage to EFS using AWS DataSync or rsync during a maintenance window, then reconfigure the application to use EFS. Option A (attach the local volume to the new instance) is not stateless. Option B (use S3 with Fsx) is overcomplicated.

Option D (use EBS snapshots) retains statefulness.

277
MCQeasy

A company is moving its application from on-premises to AWS. They want to use the same third-party software licenses on AWS. Which AWS purchasing option allows them to bring their own licenses?

A.Savings Plans
B.Dedicated Hosts
C.Spot Instances
D.Reserved Instances
AnswerB

Allows you to use existing licenses per socket/core.

Why this answer

Option D (Dedicated Hosts) is correct because it provides visibility and control over physical servers, allowing you to use your own licenses per socket/core. Option A (Reserved Instances) is just a billing discount. Option B (Savings Plans) also a discount.

Option C (Spot Instances) are interruptible.

278
MCQeasy

A company wants to modernize a legacy monolithic application by decomposing it into microservices. The application handles HTTP requests and uses a MySQL database. The company needs to decouple the microservices and improve scalability. Which AWS services should be used?

A.Amazon SQS for decoupling and Amazon Aurora MySQL for data.
B.Amazon S3 for decoupling and Amazon RDS for MySQL.
C.Amazon SQS for decoupling and Amazon DynamoDB for data.
D.Amazon Kinesis Data Streams for decoupling and Amazon RDS for MySQL.
AnswerA

SQS provides message queuing for decoupling; Aurora is MySQL-compatible and scalable.

Why this answer

Option C is correct because SQS decouples microservices and Aurora is a scalable MySQL-compatible database. Option A is wrong because S3 is not a queue. Option B is wrong because DynamoDB is NoSQL.

Option D is wrong because Kinesis is for real-time streaming, not decoupling.

279
Multi-Selecteasy

A company is migrating a web application to AWS and wants to use a microservices architecture. The application needs to communicate synchronously via REST APIs. Which TWO AWS services should the architect consider for implementing API communication?

Select 2 answers
A.Application Load Balancer
B.AWS Step Functions
C.Amazon API Gateway
D.AWS AppSync
E.Amazon Simple Queue Service (Amazon SQS)
AnswersA, C

ALB can route HTTP requests to different microservices based on paths.

Why this answer

Amazon API Gateway is a fully managed service for creating RESTful APIs. AWS AppSync is for GraphQL. For internal microservice communication, API Gateway is suitable.

Application Load Balancer can also route HTTP traffic to multiple services. NLB is for TCP/UDP. SQS is asynchronous.

Step Functions orchestrate workflows.

280
MCQmedium

A company is migrating a large-scale data warehouse from on-premises to Amazon Redshift. The current on-premises solution uses a proprietary columnar storage format. The company needs to minimize data transformation effort. Which approach should the company take?

A.Use the Amazon Redshift COPY command to load data directly from the on-premises storage.
B.Use AWS Glue to convert the proprietary format to Apache Parquet and load into Amazon Redshift.
C.Use AWS Database Migration Service (DMS) to migrate the data directly to Redshift.
D.Use Amazon Kinesis Data Firehose to stream the data to Redshift.
AnswerB

AWS Glue can transform data into columnar formats optimized for Redshift.

Why this answer

Option C is correct because AWS Glue can crawl the proprietary format and convert it to columnar formats like Parquet, which Redshift can load. Option A is wrong because COPY from S3 requires a supported format. Option B is wrong because Kinesis is for streaming.

Option D is wrong because DMS is for databases and may not handle proprietary storage formats.

281
MCQhard

A company is modernizing a legacy application by breaking it into microservices. The application uses a shared MySQL database. The team wants to refactor the database to use Amazon DynamoDB for better scalability. Which migration strategy should be used?

A.Rehost the database to Amazon RDS
B.Use the Strangler Fig pattern to incrementally migrate data to DynamoDB
C.Replatform the database to Amazon Aurora
D.Retire the existing database and switch to DynamoDB
AnswerB

Allows gradual transition with minimal risk.

Why this answer

Option A is correct because the Strangler Fig pattern allows gradual migration of data and logic. Option B (retire) is for decommissioning. Option C (rehost) does not change database.

Option D (replatform) may still use relational.

282
Multi-Selectmedium

A company is migrating a legacy e-commerce platform to AWS. The platform includes a MySQL database that experiences heavy read traffic. The company wants to improve performance and reduce latency for read operations. Which TWO actions should the solutions architect take?

Select 2 answers
A.Enable Multi-AZ on the RDS instance.
B.Shard the database across multiple RDS instances.
C.Upgrade to Provisioned IOPS for the database.
D.Add read replicas to the RDS MySQL database.
E.Use Amazon ElastiCache in front of the database.
AnswersD, E

Read replicas reduce load on the primary and improve read latency.

Why this answer

Adding read replicas offloads read traffic from the primary database, improving performance. Implementing Amazon ElastiCache for caching reduces database load for frequently accessed data. Multi-AZ is for high availability, not read performance.

Provisioned IOPS improves write performance. Sharding adds complexity and may not be necessary.

283
MCQhard

A company is migrating a distributed application that uses a custom TCP protocol between components. The application is deployed on-premises across multiple servers. The company wants to use AWS without modifying the application code. Which approach should the company take to migrate the application while maintaining low latency between components?

A.Use Amazon EC2 instances in a Placement Group within a single VPC to ensure low latency.
B.Use AWS Direct Connect to connect the on-premises servers to AWS and keep the application on-premises.
C.Use VPC Peering to connect the application components across different VPCs.
D.Use a VPN connection between the on-premises environment and AWS VPC.
AnswerA

Placement Groups provide low latency and high throughput, and EC2 allows running the application unchanged.

Why this answer

Option D is correct because using Placement Groups with EC2 instances ensures low latency and high throughput between components, and the application can run unchanged. Option A is incorrect because VPC peering is for connectivity between VPCs, not for low latency within a VPC. Option B is incorrect because Direct Connect improves connectivity to on-premises but not within AWS.

Option C is incorrect because a VPN is not needed for within AWS communication.

284
MCQmedium

A company is migrating a legacy .NET application to AWS. The application currently runs on Windows Server and uses a SQL Server database. The company wants to minimize licensing costs and operational overhead. Which migration strategy should the company use?

A.Replatform using Docker containers on Amazon ECS with Windows containers.
B.Rehost the application on Amazon EC2 Windows instances with SQL Server using License Mobility.
C.Replatform the application by moving the database to Amazon RDS for SQL Server and the application to Elastic Beanstalk.
D.Refactor the application to .NET Core and deploy on Amazon Linux with SQL Server.
AnswerB

Rehosting minimizes changes and can leverage existing licenses through License Mobility.

Why this answer

Option A is correct because rehosting on Amazon EC2 with SQL Server and Windows Server licenses included through License Mobility can minimize costs and changes. Option B is incorrect because refactoring to .NET Core and SQL Server on Linux may reduce licensing costs but requires significant changes. Option C is incorrect because replacing with RDS for SQL Server may reduce operational overhead but licensing costs depend on license model.

Option D is incorrect because containers add complexity and may not be suitable for legacy .NET without changes.

285
Multi-Selecthard

A company is planning to modernize a legacy Java application that runs on a single on-premises server. The application uses a proprietary file-based storage system. The company wants to migrate to AWS with the following goals: reduce operational overhead, improve availability, and minimize code changes. Which THREE strategies should the company use? (Choose three.)

Select 3 answers
A.Use AWS Application Migration Service (MGN) to migrate the application server to Amazon EC2
B.Use Amazon EFS to replace the proprietary file-based storage
C.Migrate the proprietary storage to Amazon S3
D.Migrate the proprietary storage to Amazon RDS for PostgreSQL
E.Refactor the application into microservices and deploy on Amazon EKS
AnswersA, B, D

MGN automates migration with minimal code changes.

Why this answer

AWS Application Migration Service (MGN) is correct because it automates the lift-and-shift migration of the on-premises server to Amazon EC2 with minimal downtime and no code changes, directly addressing the goal of reducing operational overhead and minimizing code changes. It replicates the entire server, including the proprietary file-based storage, to AWS, allowing the application to run unchanged.

Exam trap

The trap here is that candidates often assume Amazon S3 is the default storage replacement for any file-based system, but they overlook that S3 requires API changes, while Amazon EFS provides a drop-in NFS-compatible replacement that avoids code modifications.

286
MCQhard

A company is migrating a legacy mainframe application to AWS. The application uses a hierarchical database (IMS) and has complex batch processing jobs. The company wants to minimize changes to the application code. Which approach should be taken?

A.Rehost the application on AWS Mainframe Modernization using Blu Age
B.Replace the application with a SaaS-based ERP system
C.Re-platform the database to Amazon RDS for PostgreSQL
D.Refactor the application to use microservices on Amazon EKS
AnswerA

Minimizes code changes by rehosting mainframe workloads.

Why this answer

Option D is correct because rehosting on AWS Mainframe Modernization with Blu Age or Micro Focus allows minimal code changes. Option A is wrong because refactoring to microservices requires significant changes. Option B is wrong because replacing with SaaS changes the application.

Option C is wrong because replatforming to RDS still requires changes.

287
MCQeasy

An organization is planning to migrate a large number of on-premises virtual machines to AWS. The migration must be automated and support replication of live workloads with minimal downtime. Which AWS service is best suited for this task?

A.AWS DataSync
B.AWS Application Migration Service (MGN)
C.AWS Server Migration Service (SMS)
D.AWS Database Migration Service (DMS)
AnswerB

MGN automates lift-and-shift migration with continuous replication and minimal downtime.

Why this answer

Option C (AWS Application Migration Service) is correct as it automates lift-and-shift migration with continuous replication and cutover. Option A (DMS) is for databases. Option B (Server Migration Service) is legacy and less capable.

Option D (DataSync) is for data transfer, not live VM replication.

288
MCQmedium

A company is migrating a multi-tier web application to AWS. The application uses a commercial database that requires a license. The company wants to reduce licensing costs. Which migration strategy should be considered?

A.Rehost the database to EC2 with the same database software
B.Replatform the database to Amazon RDS for an open-source engine like PostgreSQL
C.Repurchase a Software as a Service (SaaS) alternative
D.Refactor the application to use Amazon DynamoDB
AnswerB

Eliminates commercial license costs, minimal changes.

Why this answer

Option C is correct because replatforming to Amazon RDS for an open-source engine eliminates commercial license costs. Option A is wrong because rehosting to EC2 still requires the same license. Option B is wrong because refactoring to use a different database may involve significant rework.

Option D is wrong because repurchasing to SaaS may not be suitable.

289
MCQeasy

A company is migrating a web application to AWS and wants to decouple the frontend and backend tiers to improve scalability. The frontend runs on Amazon EC2 behind an Application Load Balancer (ALB). The backend processes orders asynchronously. Which service should the company use to decouple the tiers?

A.Amazon MQ
B.Amazon Simple Queue Service (SQS)
C.Amazon Simple Notification Service (SNS)
D.Amazon Kinesis Data Streams
AnswerB

SQS provides a fully managed message queue for asynchronous processing.

Why this answer

Option C is correct because Amazon SQS provides a queue for asynchronous message passing between frontend and backend. Option A is wrong because Amazon MQ is for message brokers with existing protocols, but SQS is simpler for decoupling. Option B is wrong because Amazon Kinesis is for streaming data, not decoupling web tiers.

Option D is wrong because Amazon SNS is pub/sub, not designed for point-to-point decoupling with pull-based consumers.

290
MCQeasy

A company wants to migrate 500 TB of data from an on-premises data center to Amazon S3. The company has a 1 Gbps dedicated network connection to AWS. What is the most cost-effective and time-efficient migration method?

A.Use AWS Snowball Edge to physically ship the data to AWS.
B.Use S3 Transfer Acceleration to upload data over the existing internet connection.
C.Use AWS DataSync to transfer data over the dedicated network.
D.Establish an AWS Direct Connect connection and use S3 multipart upload.
AnswerA

Snowball Edge provides fast, secure physical transfer; economical for large datasets.

Why this answer

Option D is correct because AWS Snowball Edge provides physical storage for large data transfers, avoiding long transfer times over a 1 Gbps link. Option A is wrong because S3 Transfer Acceleration improves speed but still uses the network. Option B is wrong because AWS DataSync is designed for smaller, ongoing transfers.

Option C is wrong because Direct Connect alone does not transfer data; you still need to copy over the connection.

291
Multi-Selecteasy

A company is planning to migrate its on-premises infrastructure to AWS. The company wants to assess the current environment and create a migration plan. Which THREE AWS services should be used for discovery and assessment?

Select 3 answers
A.AWS Server Migration Service (SMS)
B.AWS Migration Hub
C.Amazon CloudWatch
D.AWS Application Discovery Service
E.AWS Trusted Advisor
AnswersA, B, D

Can automate server migration and provide server inventory.

Why this answer

Option A (Migration Hub), Option B (Application Discovery Service), and Option C (Server Migration Service - though SMS is for migration, it can also help with discovery) are correct. Note: SMS is used for migration but also provides server inventory. Option D (Trusted Advisor) is for cost optimization, not discovery.

Option E (CloudWatch) is for monitoring.

292
MCQhard

A company is modernizing a .NET Framework application to run on AWS. The application currently uses Windows Communication Foundation (WCF) services. The company wants to minimize code changes and run on Linux. Which approach should the company take?

A.Use AWS App2Container to generate Windows containers and run on Amazon ECS with Windows.
B.Rewrite the WCF services as AWS Lambda functions using a custom runtime.
C.Port the application to .NET Core and deploy on Amazon ECS with Linux containers.
D.Containerize the application using AWS Fargate and run on Windows containers.
AnswerC

.NET Core runs on Linux, enabling deployment on Linux containers with minimal changes.

Why this answer

Option B is correct because .NET Core (now .NET 5+) is cross-platform and supports Linux, allowing the company to run on Linux with minimal code changes. Option A is wrong because AWS Fargate is a compute platform, not a framework. Option C is wrong because Windows containers require Windows, not Linux.

Option D is wrong because Lambda with custom runtime requires significant refactoring.

293
Multi-Selectmedium

A company is migrating its on-premises applications to AWS. The company has a mix of Windows and Linux servers. The migration team wants to automate the discovery of application dependencies and track the migration progress. Which TWO AWS services should the team use? (Choose TWO.)

Select 2 answers
A.AWS Systems Manager
B.AWS Config
C.AWS Application Discovery Service
D.AWS CloudTrail
E.AWS Migration Hub
AnswersC, E

Discovers on-premises servers and their dependencies.

Why this answer

Option B (AWS Application Discovery Service) and Option D (AWS Migration Hub) are correct. Application Discovery Service automatically discovers dependencies. Migration Hub tracks migration progress across multiple tools.

Option A (AWS Config) tracks configuration changes but not dependencies. Option C (AWS Systems Manager) manages instances but does not discover dependencies. Option E (AWS CloudTrail) logs API calls.

294
MCQmedium

A company is using AWS Migration Hub to track a large-scale migration to AWS. The company wants to automate the replatforming of multiple Windows web servers to Amazon EC2 instances running Amazon Linux 2. The migration must be repeatable and minimize manual intervention. Which AWS service should the company use to achieve this?

A.AWS Application Migration Service (MGN)
B.AWS OpsWorks for Chef Automate
C.AWS Server Migration Service (SMS)
D.AWS CloudFormation templates to provision new EC2 instances and migrate data manually
AnswerA

MGN automates server migration and supports replatforming to different OS.

Why this answer

AWS Application Migration Service (MGN) is the correct choice because it automates the replatforming of Windows web servers to Amazon Linux 2 by continuously replicating source servers, performing automated conversion of the OS and applications, and enabling cutover to target EC2 instances with minimal manual intervention. It supports heterogeneous OS migrations (e.g., Windows to Linux) and provides a repeatable, automated workflow that aligns with the company's requirement for a large-scale, repeatable migration.

Exam trap

The trap here is that candidates often confuse AWS Server Migration Service (SMS) with Application Migration Service (MGN), not realizing that SMS is deprecated and only supports homogeneous migrations, while MGN is the current service that supports heterogeneous OS replatforming like Windows to Linux.

How to eliminate wrong answers

Option B (AWS OpsWorks for Chef Automate) is wrong because it is a configuration management service that automates server configuration and compliance, not a migration tool; it cannot perform OS replatforming from Windows to Amazon Linux 2. Option C (AWS Server Migration Service) is wrong because it is deprecated and only supports homogeneous migrations (e.g., VMware to EC2) with agentless replication, not OS conversion from Windows to Linux. Option D (AWS CloudFormation templates to provision new EC2 instances and migrate data manually) is wrong because it requires manual data migration and does not automate the replatforming process, violating the requirement to minimize manual intervention.

295
MCQeasy

A company is migrating a legacy application to AWS and needs to ensure that the application can access on-premises resources securely. The company has established an AWS Direct Connect connection. Which AWS service should the company use to route traffic between the VPC and the on-premises network?

A.Virtual Private Gateway (VGW).
B.VPC Peering.
C.Internet Gateway (IGW).
D.AWS Transit Gateway.
AnswerA

VGW is used with Direct Connect to connect to on-premises.

Why this answer

Option C is correct because a virtual private gateway (VGW) is required to terminate the Direct Connect connection and route traffic. Option A is wrong because Transit Gateway is used for multiple VPCs. Option B is wrong because VPC Peering is for VPC-to-VPC.

Option D is wrong because Internet Gateway is for internet access.

296
MCQmedium

An S3 bucket contains thousands of objects under the 'logs/' prefix. The above AWS CLI command is run to list objects larger than 1000 bytes. The command returns an empty array, but there are known objects larger than 1000 bytes. What is the most likely reason?

A.The command only returns the first 1000 objects due to pagination
B.The prefix 'logs/' is case-sensitive and should be 'Logs/'
C.The command has a syntax error in the JMESPath query
D.The bucket policy does not allow listing objects
AnswerA

The list-objects API paginates; large objects may be in later pages.

Why this answer

The CLI command uses single quotes for the query, which is correct in Linux shells, but the issue is that the `Size` field is a number, and the comparison `Size > 1000` should work. However, the command might be returning an empty array because the bucket has a large number of objects and the API returned only a subset (truncated). The command does not include pagination, so it only returns the first 1000 objects.

If the large objects are after the first 1000, they won't appear. Also, the query syntax is correct. The bucket policy or permissions would cause an error, not an empty array.

297
MCQmedium

A company is modernizing a legacy .NET application by containerizing it on Amazon ECS. The application currently uses Windows authentication against on-premises Active Directory. After migrating, the application needs to authenticate users against AWS Managed Microsoft AD. The security team requires that credentials never leave the corporate network. Which solution should the company implement?

A.Store user passwords in AWS Secrets Manager and authenticate against it.
B.Use AWS AD Connector to proxy authentication to on-premises AD.
C.Use AWS Directory Service Simple AD with password sync.
D.Set up AWS Managed Microsoft AD with a two-way trust to on-premises AD over Direct Connect.
AnswerD

Keeps credentials on-premises.

Why this answer

Option A is correct because AWS Managed Microsoft AD connects via Direct Connect. Option B is wrong because AD Connector proxies but does not keep credentials on-premises. Option C is wrong because Simple AD lacks features.

Option D is wrong because on-premises AD is not integrated.

298
MCQhard

A company is planning to migrate a legacy application to AWS. The application requires a fixed IP address that clients whitelist. The company wants to achieve high availability across two Availability Zones. Which architecture should they use?

A.AWS Global Accelerator with Application Load Balancer
B.Network Load Balancer (NLB) with Elastic IPs attached to each subnet
C.Classic Load Balancer with Elastic IPs
D.Application Load Balancer (ALB) with EC2 instances
AnswerB

NLB supports static IPs via Elastic IPs per AZ.

Why this answer

Option B (NLB with Elastic IPs) is correct because NLB supports static IP addresses and can be associated with Elastic IPs for each AZ. Option A (ALB) provides a DNS name, not fixed IP. Option C (Global Accelerator) provides two static IPs but is more complex and costly.

Option D (Classic Load Balancer) does not support Elastic IPs per AZ effectively.

299
MCQhard

A company is modernizing its application by breaking a monolith into microservices on Amazon EKS. The application uses a shared PostgreSQL database. The company wants to implement a database-per-service pattern. The migration must be done with zero downtime. Which approach should the company use?

A.Implement the strangler fig pattern: gradually migrate functionality and data to new services.
B.Use AWS DMS with CDC to replicate the shared database to multiple target databases.
C.Use Amazon RDS read replicas to create separate databases for each service.
D.Create new databases for each service, migrate data during a maintenance window.
AnswerA

Allows zero downtime.

Why this answer

Option C is correct because the strangler fig pattern allows gradual migration. Option A is wrong because it causes downtime. Option B is wrong because CDC from a single DB is complex.

Option D is wrong because read replicas don't solve the problem.

300
MCQeasy

A company is migrating a legacy application to AWS and needs to ensure compliance with data residency requirements. The application stores personally identifiable information (PII) in an on-premises MySQL database. The company wants to encrypt the data at rest and in transit during the migration. The database will be migrated to Amazon RDS for MySQL. The solutions architect must ensure that all data is encrypted end-to-end. Which combination of steps will meet these requirements?

A.Use a custom AMI with encrypted EBS volumes, enforce TLS, and use AWS DMS with SSL.
B.Enable RDS encryption at launch, use AWS DMS with SSL, and require SSL certificate verification on the RDS endpoint.
C.Enable RDS encryption at launch, enforce TLS for connections, and configure the application to use SSL/TLS.
D.Enable RDS encryption after migration, use AWS DMS with SSL, and set up a VPN connection.
AnswerC

RDS encryption encrypts data at rest; TLS encrypts data in transit; application configuration ensures end-to-end encryption.

Why this answer

To encrypt data at rest on RDS, enable encryption at launch (RDS encryption). To encrypt data in transit, enforce TLS connections from the application to RDS. The application must be configured to use TLS.

SSL certificate verification ensures trust. AWS DMS can encrypt data in transit during migration by using SSL endpoints. Enabling encryption after launch is not possible; you must create a new encrypted instance.

Using a VPN adds overhead but does not encrypt the database at rest.

← PreviousPage 4 of 5 · 349 questions totalNext →

Ready to test yourself?

Try a timed practice session using only Migration Modernization questions.