AWS Certified SAP on AWS Specialty PAS-C01 (PAS-C01) — Questions 175

1733 questions total · 24pages · All types, answers revealed

Page 1 of 24

Page 2
1
MCQmedium

A company is migrating a legacy monolithic application to a microservices architecture on AWS. The application currently uses an Oracle database with complex stored procedures. The company wants to minimize changes to the application code during migration. Which database migration strategy should the company use?

A.Migrate the database to Amazon Aurora with PostgreSQL compatibility using the AWS Database Migration Service (DMS)
B.Store the data in Amazon S3 and use Athena for querying
C.Refactor the application to use Amazon DynamoDB as the database
D.Replatform the application by migrating the Oracle database to Amazon RDS for Oracle
AnswerD

Migrating to RDS for Oracle preserves the existing SQL dialect and stored procedures, minimizing code changes while leveraging managed database services.

Why this answer

Option D is correct because the company wants to minimize changes to the application code during migration. By replatforming the Oracle database to Amazon RDS for Oracle, the application can continue to use the same Oracle database engine, stored procedures, and SQL dialect with minimal or no code changes. This approach avoids the need to rewrite complex stored procedures or adapt to a different database engine, which would be required with other migration strategies.

Exam trap

The trap here is that candidates may assume any AWS-managed database service (like Aurora or DynamoDB) is automatically better, overlooking the critical requirement to minimize code changes by keeping the same database engine.

How to eliminate wrong answers

Option A is wrong because migrating to Amazon Aurora with PostgreSQL compatibility would require rewriting complex Oracle-specific stored procedures (e.g., PL/SQL) to PostgreSQL-compatible code (PL/pgSQL), which contradicts the requirement to minimize application code changes. Option B is wrong because storing data in Amazon S3 and using Athena for querying is not suitable for transactional workloads with complex stored procedures; Athena is designed for serverless ad-hoc querying of data lakes, not for OLTP operations with stored procedures. Option C is wrong because refactoring the application to use Amazon DynamoDB would require significant application code changes, including replacing SQL queries and stored procedures with NoSQL API calls, which violates the goal of minimizing changes.

2
MCQmedium

A company is migrating a SAP system to AWS and needs to ensure that the SAP license is compliant. The current license is based on the number of users. What is the correct approach for SAP licensing on AWS?

A.Purchase a SAP license through AWS Marketplace that is included in the EC2 instance cost.
B.Use AWS License Manager to track the number of vCPUs and report to SAP.
C.Bring your own SAP license to AWS and ensure compliance with the user-based metric.
D.Use AWS License Manager to convert the user-based license to a processor-based license.
AnswerC

SAP allows BYOL to AWS.

Why this answer

Option C is correct because SAP licensing on AWS follows the same model as on-premises; the customer must license the SAP software based on users or engine size. Option A is wrong because AWS does not offer bring-your-own-license for all SAP products, but it is allowed. Option B is wrong because AWS does not include SAP licenses.

Option D is wrong because AWS does not provide SAP licenses.

3
MCQeasy

A company wants to automate the installation of SAP software on AWS using AWS CloudFormation. Which service is most appropriate to execute the SAP installation scripts?

A.AWS CodeDeploy.
B.AWS Lambda functions triggered by CloudFormation.
C.AWS Systems Manager Run Command.
D.AWS OpsWorks for Chef Automate.
AnswerC

Run Command can execute scripts on instances with SSM Agent.

Why this answer

AWS Systems Manager Run Command is the most appropriate service because it can execute scripts (including SAP installation scripts) on EC2 instances without requiring SSH or RDP access, and it integrates with CloudFormation via custom resources or the AWS::SSM::Document resource. This allows you to run complex, long-running installation commands that are typical for SAP software, which Lambda functions cannot handle due to time limits.

Exam trap

The trap here is that candidates often choose AWS Lambda because it is a common 'automation' service, but they overlook Lambda's 15-minute execution timeout and its inability to handle long-running, stateful installations like SAP software.

How to eliminate wrong answers

Option A is wrong because AWS CodeDeploy is designed for deploying application code and managing rolling updates, not for executing standalone installation scripts like SAP installers. Option B is wrong because AWS Lambda functions have a maximum execution timeout of 15 minutes, which is insufficient for SAP installations that often take hours, and Lambda is not designed for interactive or long-running script execution. Option D is wrong because AWS OpsWorks for Chef Automate is a configuration management service that uses Chef cookbooks, which is overkill and not the simplest or most direct way to run a one-time SAP installation script; it adds unnecessary complexity and is not the recommended approach for this task.

4
Multi-Selectmedium

A company is designing a microservices architecture on Amazon ECS with Fargate. The services need to communicate securely and be accessible only within the VPC. Which TWO steps should the solutions architect take to meet these requirements? (Choose TWO.)

Select 2 answers
A.Attach an Internet Gateway to the VPC and configure route tables for the private subnets.
B.Place the Fargate tasks in public subnets to allow them to communicate with each other through the internet gateway.
C.Use AWS Cloud Map for service discovery and register a public DNS name for each service.
D.Use an internal Application Load Balancer to distribute traffic between services.
E.Create a VPC endpoint for Amazon ECS to allow the service to call the ECS API without internet access.
AnswersD, E

Internal ALB routes traffic within the VPC.

Why this answer

Option D is correct because an internal Application Load Balancer (ALB) operates within a VPC and does not expose a public endpoint, ensuring that traffic between microservices remains private. It distributes incoming requests to Fargate tasks based on defined rules, enabling secure, internal communication without internet access.

Exam trap

The trap here is that candidates often confuse public subnets with the ability to communicate privately, or assume that an internet gateway is required for any inter-service communication, when in fact internal load balancers and VPC endpoints provide fully private connectivity.

5
MCQeasy

An SAP HANA database administrator needs to restore a database from a backup stored in Amazon S3. The backup was taken using SAP HANA Backint. Which AWS service should be used to retrieve the backup files from S3?

A.SAP HANA Backint agent
B.Amazon S3 console
C.AWS CLI
D.AWS Backup
AnswerA

Backint handles restore directly.

Why this answer

SAP HANA Backint is the native SAP interface for integrating with third-party backup tools. When a backup is taken using Backint, the backup files are stored in Amazon S3 via the Backint agent for SAP HANA on AWS. To restore from these backups, the same Backint agent must be used because it understands the proprietary metadata and file format that Backint writes to S3, and it handles the direct S3 API calls required to retrieve the files.

Other methods like the S3 console or AWS CLI cannot interpret Backint-specific metadata or restore the database correctly.

Exam trap

The trap here is that candidates assume any AWS tool that can access S3 (like the console, CLI, or AWS Backup) can be used to restore the database, but they overlook that SAP HANA Backint requires its own agent to interpret the proprietary backup metadata and communicate with the HANA database engine.

How to eliminate wrong answers

Option B is wrong because the Amazon S3 console is a web-based interface for browsing and downloading objects, but it cannot interpret SAP HANA Backint metadata or perform a database restore; it would only provide raw files without the necessary database context. Option C is wrong because the AWS CLI can download objects from S3, but it lacks the Backint-specific logic to parse backup metadata and restore the SAP HANA database; it would require manual scripting and knowledge of the backup format. Option D is wrong because AWS Backup is a centralized backup service that supports various AWS resources, but it does not natively integrate with SAP HANA Backint backups stored in S3; it cannot restore a database from Backint-specific backup files.

6
Multi-Selectmedium

Which THREE factors should be considered when selecting an AWS Region for a migration to minimize latency for users in Europe? (Choose three.)

Select 3 answers
A.Data residency and compliance requirements
B.Availability of required AWS services in that Region
C.Proximity to user base
D.Number of Availability Zones in the Region
E.Cost of data transfer between Regions
AnswersA, B, C

Data may need to stay in specific countries.

Why this answer

Data residency and compliance requirements (Option A) are critical when selecting an AWS Region for a migration to minimize latency for users in Europe because many European countries have strict data sovereignty laws (e.g., GDPR) that mandate personal data remain within the EU/EEA. Choosing a Region outside Europe would violate these regulations, regardless of latency benefits, and could result in legal penalties. Therefore, compliance directly influences which Regions are permissible, making it a primary factor in Region selection.

Exam trap

The trap here is that candidates often confuse Availability Zone count with latency optimization, but Availability Zones are designed for resilience within a Region, not for reducing user-facing latency.

7
MCQeasy

A company needs to monitor the CPU utilization of SAP EC2 instances and send an alert if it exceeds 90% for 5 consecutive minutes. Which AWS service should be used?

A.AWS Config
B.Amazon CloudWatch Alarms
C.AWS Trusted Advisor
D.AWS CloudTrail
AnswerB

CloudWatch Alarms can monitor CPU and trigger alerts.

Why this answer

Option C is correct because CloudWatch Alarms monitor metrics and trigger actions. Option A (CloudTrail) is for API auditing. Option B (Config) is for configuration compliance.

Option D (Trusted Advisor) provides best-practice checks.

8
MCQhard

An SAP system is experiencing slow performance. The SAP team suspects a memory bottleneck in the HANA database. The database runs on an r5.24xlarge instance with 768 GB RAM. CloudWatch metrics show the HANA memory usage is consistently above 90%. Which action should be taken first?

A.Reduce the number of HANA services.
B.Upgrade the instance to a larger memory-optimized type.
C.Increase the HANA memory allocation parameter in the global.ini file.
D.Increase the swap space on the instance.
AnswerC

Adjusting the memory allocation can reduce pressure without changing instance type.

Why this answer

Option A is correct because increasing the HANA memory allocation dynamically can address the immediate bottleneck. Option B is wrong because scaling up is a later step. Option C is wrong because increasing swap is a workaround, not a solution.

Option D is wrong because it would reduce available memory.

9
MCQeasy

A company is planning to migrate its SAP system to AWS and wants to test the migration process with a smaller system first. Which AWS service can be used to create a pre-configured SAP environment for testing?

A.AWS Service Catalog
B.AWS Quick Starts
C.AWS Launch Wizard for SAP
D.AWS CloudFormation
AnswerC

Launch Wizard provides a guided, pre-configured SAP deployment for testing.

Why this answer

AWS Launch Wizard for SAP provides a guided way to deploy SAP systems on AWS, including pre-configured environments. Option A (Quick Starts) are templates but not SAP-specific. Option C (Service Catalog) is for IT governance.

Option D (CloudFormation) is infrastructure as code but not pre-configured for SAP.

10
MCQeasy

A company wants to migrate a 10 TB SAP HANA database to AWS with minimal downtime. The network bandwidth between the on-premises data center and AWS is 1 Gbps. Which migration method is most suitable?

A.Use AWS Snowball Edge to transfer the initial data load, then use AWS DMS for ongoing replication.
B.Use SAP HANA System Replication directly over the internet.
C.Use AWS DMS with ongoing replication to migrate data incrementally.
D.Use AWS Backup to back up the database to S3 and restore to an EC2 instance.
AnswerA

Snowball Edge handles large data offline; DMS can do CDC after initial load.

Why this answer

Given the large data size and limited bandwidth, using AWS Snowball Edge for initial load reduces network dependency. AWS DMS with CDC requires a stable connection but initial load over 1 Gbps would take >22 hours. Backup/restore over network also suffers from bandwidth.

SAP HANA System Replication requires high bandwidth and low latency.

11
Multi-Selecteasy

Which TWO AWS services can be used to monitor the performance of SAP NetWeaver application servers? (Choose two.)

Select 2 answers
A.AWS CloudTrail
B.AWS Trusted Advisor
C.AWS Systems Manager
D.AWS X-Ray
E.Amazon CloudWatch
AnswersC, E

Systems Manager can collect OS-level metrics and run commands.

Why this answer

AWS Systems Manager is correct because it provides the Agent-based infrastructure management capabilities needed to monitor SAP NetWeaver application servers. Specifically, Systems Manager Inventory can collect OS-level metrics like CPU, memory, and disk usage from EC2 instances running SAP, and its Run Command or State Manager can execute custom scripts to gather SAP-specific performance data (e.g., from ST03 or ST06 transactions) without requiring direct SSH access.

Exam trap

The trap here is that candidates often confuse AWS CloudTrail (audit logging) with performance monitoring, or assume X-Ray can monitor any application, when in fact SAP NetWeaver requires OS-level and SAP-specific metrics that only Systems Manager and CloudWatch (via custom metrics or SAP Agent) can provide.

12
MCQeasy

A company is migrating its SAP HANA database to AWS. Which instance type is specifically designed for SAP HANA and certified for production workloads?

A.c5.xlarge
B.r5.xlarge
C.x1e.xlarge
D.t3.xlarge
AnswerC

x1e instances are SAP HANA certified for production.

Why this answer

The x1e.xlarge instance is part of the AWS X1e family, which is specifically designed for memory-intensive workloads like SAP HANA and is certified by SAP for production deployments. SAP HANA requires large memory footprints and high memory-to-vCPU ratios, which the X1e instances provide with up to 3,904 GiB of memory and 128 vCPUs, meeting SAP's certification requirements.

Exam trap

The trap here is that candidates often assume any memory-optimized instance (like R5) is suitable for SAP HANA, but AWS requires specific instance families (X1, X1e, high-memory) that are officially SAP-certified for production workloads.

How to eliminate wrong answers

Option A (c5.xlarge) is wrong because it belongs to the compute-optimized C5 family, which lacks the high memory capacity and SAP HANA certification required for production workloads. Option B (r5.xlarge) is wrong because while R5 instances are memory-optimized, they are not specifically certified for SAP HANA production workloads; SAP HANA certification requires instances from the X1, X1e, or high-memory families. Option D (t3.xlarge) is wrong because T3 instances are burstable general-purpose instances with limited sustained performance and no SAP HANA certification, making them unsuitable for production database workloads.

13
MCQhard

A company has an SAP HANA database running on an EC2 instance with EBS volumes. The database requires 10,000 IOPS consistently. The current volume type is gp3 with 3000 IOPS. Which change should be made to meet the IOPS requirement?

A.Change the volume type to io2 Block Express and provision 10,000 IOPS.
B.Increase the volume size of the gp3 volume to automatically increase IOPS.
C.Increase the IOPS on the existing gp3 volume to 10,000.
D.Add an instance store volume and move the data to it.
AnswerA

io2 Block Express volumes support high IOPS and are suitable for SAP HANA.

Why this answer

Option A is correct because io2 Block Express volumes can provision up to 256,000 IOPS. Option B is wrong because gp3 max IOPS is 16,000 but you can increase IOPS. However, io2 is better for high IOPS.

Option C is wrong because instance store is ephemeral. Option D is wrong because increasing volume size on gp3 doesn't necessarily increase IOPS beyond baseline.

14
MCQmedium

An SAP HANA database on AWS is using EBS io2 volumes. The company wants to monitor the read and write latency of the database volumes. Which CloudWatch metrics should be used?

A.VolumeIdleTime and VolumeTotalReadTime.
B.VolumeReadLatency and VolumeWriteLatency.
C.VolumeThroughputPercentage and VolumeConsumedReadWriteOps.
D.VolumeQueueLength and VolumeThroughput.
AnswerB

These metrics directly measure latency per operation.

Why this answer

Option B is correct because CloudWatch provides the `VolumeReadLatency` and `VolumeWriteLatency` metrics specifically to monitor the average time (in seconds) for read and write I/O operations on EBS volumes. For SAP HANA on io2 volumes, these metrics directly reflect storage performance and are critical for detecting latency issues that could impact database throughput and transaction response times.

Exam trap

The trap here is that candidates confuse throughput or queue-length metrics (like `VolumeQueueLength` or `VolumeThroughput`) with latency metrics, assuming high queue length directly equals high latency, but CloudWatch provides dedicated latency metrics that are the correct and direct measure for this monitoring requirement.

How to eliminate wrong answers

Option A is wrong because `VolumeIdleTime` measures the total number of seconds the volume is idle (no I/O), and `VolumeTotalReadTime` is the total time spent on read operations, but neither directly provides per-operation latency; they are used for calculating average latency indirectly, not as direct latency metrics. Option C is wrong because `VolumeThroughputPercentage` is not a standard CloudWatch metric (the correct metric is `VolumeThroughput`), and `VolumeConsumedReadWriteOps` tracks the number of I/O operations consumed against the provisioned IOPS, not latency. Option D is wrong because `VolumeQueueLength` measures the number of pending I/O requests (indicating backpressure), and `VolumeThroughput` measures data transfer rate (MB/s), neither of which directly measure read or write latency.

15
MCQeasy

A company is designing a disaster recovery (DR) strategy for its SAP environment on AWS. The primary site is in us-east-1 and the DR site in us-west-2. The SAP HANA database is 3 TB and uses HANA System Replication (HSR) in async mode. The RPO requirement is 15 minutes. What is the most cost-effective way to meet the RPO?

A.Take full database backups to Amazon S3 every 15 minutes.
B.Use EBS snapshots every 5 minutes to replicate data to DR region.
C.Use HANA System Replication in synchronous mode to ensure zero data loss.
D.Configure HANA System Replication in asynchronous mode over AWS Direct Connect.
AnswerD

Async HSR over Direct Connect provides low latency replication meeting the RPO.

Why this answer

HSR in async mode over AWS Direct Connect provides low latency and meets the RPO of 15 minutes. Option A (sync mode) would be costly and may have performance impact. Option B (S3 backup) has longer RPO.

Option C (EBS snapshots) also has longer RPO. Option D is correct.

16
MCQmedium

Refer to the exhibit. An SAP administrator has created this IAM policy for a backup user. The user can list and download backups but cannot delete them. However, the user is unable to list the objects in the bucket. What is the most likely cause?

A.The IAM policy does not include s3:ListBucket for the bucket.
B.There is an additional bucket policy that denies s3:ListBucket to this user.
C.The user needs s3:GetObjectVersion permission to list objects.
D.The Deny statement also denies s3:ListBucket because of the wildcard resource.
AnswerB

A bucket policy might be overriding the IAM policy.

Why this answer

Option C is correct because the Deny statement for s3:DeleteObject uses a condition that might not be evaluated correctly, but more importantly, the Deny statement does not affect ListBucket. The user has ListBucket permission, so the issue must be a bucket policy that denies list access. Option A is wrong because the Deny on DeleteObject does not affect list.

Option B is wrong because GetObject is allowed. Option D is wrong because the policy allows ListBucket.

17
MCQhard

An SAP Basis administrator is configuring a high availability setup for SAP HANA on AWS using HANA System Replication (HSR) with automatic failover. The architecture includes a primary HANA node in us-east-1a and a secondary in us-east-1b. The administrator uses a Network Load Balancer (NLB) with a floating IP for the HANA virtual IP address. After a failover test, the secondary node becomes primary, but client applications cannot connect to the database. What is the most likely cause?

A.The security group for the NLB does not allow inbound traffic on port 3<0xEB><0x9C><0x9D><0xEB><0x9E><0x80>13.
B.The SAP HANA client is using a DNS name that does not resolve to the NLB endpoint.
C.The NLB target group is not configured to include the secondary node's IP address.
D.The secondary HANA node is in a different subnet and not routable from the NLB.
AnswerC

Without the secondary as a target, NLB cannot route to it after failover.

Why this answer

With NLB and floating IP, the target group must be configured with the secondary's IP address as a target. If the target group only contains the primary's IP, failover breaks. Option A (security group) would affect all connections, not just after failover.

Option B (subnet) is possible but NLB can target cross-subnet. Option D (DNS) is not used because the virtual IP is handled by NLB. Option C is the most specific and common misconfiguration.

18
MCQmedium

A company runs SAP HANA on AWS and uses AWS Systems Manager to automate patching of the operating system. After a recent patching cycle, the SAP HANA database failed to start. The administrator checked the logs and found that the HANA service was not starting due to a missing library dependency. What should the administrator do to prevent this issue in future patching cycles?

A.Use AWS Systems Manager Patch Manager to apply patches but exclude the library in question
B.Test patches in a non-production environment and create a new AMI after successful validation
C.Create a script to reinstall the missing library after patching
D.Set up a maintenance window that stops HANA before patching and starts it after
AnswerB

Testing and creating a new AMI ensures the image is validated and includes all dependencies.

Why this answer

Creating a new AMI with all patches and HANA dependencies ensures that instances launched from that AMI are consistent. Option D is correct.

19
MCQhard

A company is running SAP on AWS and wants to ensure high availability for the SAP Central Services (ASCS) instance. They have set up a cluster using Amazon Route 53 with health checks. During a failover test, the ASCS instance fails but the DNS record does not update immediately. What is the most likely cause?

A.The TTL on the DNS record is set too high
B.The health check is not configured to check the ASCS service port
C.The Route 53 record is using simple routing instead of failover
D.The Route 53 record set is not updatable
AnswerA

High TTL causes clients to cache old IPs, delaying failover.

Why this answer

Option C is correct because the TTL (Time to Live) on the Route 53 record determines how long clients cache the DNS response. A high TTL delays failover. Option A is wrong because health checks are separate from TTL.

Option B is wrong because the failover routing policy works with health checks. Option D is wrong because Route 53 record sets can be updated.

20
MCQhard

An organization runs SAP ERP on a single EC2 instance with a separate RDS for Oracle database. The Operations team needs to patch the operating system of the EC2 instance without causing downtime for the SAP application. What is the most effective approach?

A.Create an AMI of the instance, launch a new instance from the AMI, and patch it.
B.Use an Auto Scaling group with a launch template that references a patched AMI, and perform a rolling update.
C.Apply patches using AWS Systems Manager Patch Manager during a maintenance window.
D.Use AWS Systems Manager to run a script that patches the OS without rebooting.
AnswerB

Rolling updates replace instances gradually, minimizing downtime.

Why this answer

Option D is correct because using an Auto Scaling group with a launch template that includes the updated AMI allows for rolling updates with minimal downtime. Option A is wrong because patching a running instance requires a reboot, causing downtime. Option B is wrong because Systems Manager Patch Manager also requires a reboot.

Option C is wrong because Snapshots are for data backup, not OS patching.

21
MCQhard

A company runs a containerized application on Amazon ECS with Fargate launch type. The application needs to access an Amazon RDS database that is in a private subnet. The ECS tasks are also in private subnets. The security group for the RDS instance allows inbound traffic on port 3306 from the security group attached to the ECS tasks. However, the application cannot connect to the database. Which solution should the company implement to resolve this issue?

A.Configure the ECS task definition to assign a public IP address to the tasks and ensure the tasks have a route to the internet via a NAT gateway
B.Attach the same security group to the ECS tasks and the RDS instance, and ensure the security group has an inbound rule allowing traffic from itself on port 3306
C.Place both the ECS tasks and the RDS instance in the same public subnet to ensure network connectivity
D.Modify the RDS security group inbound rule to allow traffic from the CIDR block of the ECS tasks’ private subnets instead of the security group ID
AnswerB

Using the same security group for both resources and allowing inbound from the group itself (self-reference) enables traffic between them, regardless of outbound rules. This is a common pattern for internal communication.

Why this answer

Option B is correct because when using security group IDs in inbound rules, the traffic is evaluated based on the source security group's network interfaces, not the IP addresses. However, for this to work, the security group must be attached to the ECS tasks' elastic network interfaces (ENIs). By attaching the same security group to both the ECS tasks and the RDS instance, and adding a self-referencing inbound rule for port 3306, the RDS instance will accept traffic from any resource that has that security group attached, including the ECS tasks.

This resolves the connectivity issue because the security group rule correctly identifies the source by the security group ID, not by IP.

Exam trap

The trap here is that candidates often assume security group rules using security group IDs require the source and destination to be in the same security group, but they actually require the source security group to be attached to the source resource's ENI, and the rule must be a self-referencing rule (allowing traffic from itself) to work correctly when both resources share the same security group.

How to eliminate wrong answers

Option A is wrong because assigning a public IP address to ECS tasks in private subnets is not possible with Fargate; tasks in private subnets cannot have public IPs, and even if they could, a NAT gateway is for outbound internet access, not for inbound database connectivity. Option C is wrong because placing both resources in a public subnet exposes them unnecessarily to the internet and does not solve the underlying security group rule issue; the application should remain in private subnets for security. Option D is wrong because using CIDR blocks instead of security group IDs would require the ECS tasks to have static IPs, which they do not in Fargate; the tasks' IPs can change, making CIDR-based rules unreliable and less secure.

22
MCQmedium

Refer to the exhibit. A migration engineer is setting up an IAM policy for an AWS DMS task that will replicate data from an on-premises SAP ASE database to Amazon RDS for SAP ASE. The engineer wants to ensure the DMS task can be created and started. What is missing from this policy?

A.Permissions to create DMS endpoints (dms:CreateEndpoint)
B.Permissions to describe DMS replication instances
C.Permissions to start and stop replication tasks
D.Permissions to use AWS Key Management Service (KMS) for encryption
AnswerA

Endpoints are required for replication tasks.

Why this answer

Option A is correct because DMS needs 'dms:CreateEndpoint' to create source/target endpoints. Option B is incorrect because the policy already allows DescribeReplicationTasks. Option C is incorrect because KMS is not used here.

Option D is incorrect because the policy allows StartReplicationTask, but without endpoints, it won't work.

23
MCQhard

An SAP Basis administrator is troubleshooting a slow-running SAP HANA query. The administrator wants to identify which SQL statements are consuming the most CPU time in the HANA database. Which SAP HANA view or tool should they query?

A.M_ACTIVE_STATEMENTS
B.M_TABLES
C.M_LOAD_HISTORY
D.M_SERVICE_REPLICATION
AnswerA

Shows currently running statements with CPU time.

Why this answer

Option C is correct because the M_ACTIVE_STATEMENTS view shows currently executing statements with resource usage. Option A is wrong because M_SERVICE_REPLICATION is for replication status. Option B is wrong because M_TABLES shows table metadata.

Option D is wrong because M_LOAD_HISTORY shows load history.

24
Multi-Selectmedium

A company is migrating a web application to AWS and wants to improve security. The application uses a classic three-tier architecture. Which TWO security measures should the company implement?

Select 2 answers
A.Allow direct internet access to the database tier
B.Use Amazon S3 Transfer Acceleration
C.Place all tiers in public subnets
D.Use AWS WAF to protect the web tier
E.Use security groups to control traffic between tiers
AnswersD, E

WAF protects against web exploits.

Why this answer

Using security groups as a virtual firewall and AWS WAF to protect against common web exploits are both security best practices. Option A (Direct internet access for database tier) is insecure. Option B (S3 Transfer Acceleration) is for speed, not security.

Option E (Public subnets for all tiers) is insecure.

25
MCQmedium

An SAP system on AWS uses a shared file system for /sapmnt and /usr/sap/trans mounted from an EC2 instance running NFS. The NFS server experiences a failure causing downtime for all SAP application servers. The company wants a highly available shared file system with automatic failover. The budget is limited, and the company prefers a fully managed solution. Which AWS service should the company use?

A.Amazon FSx for Windows File Server
B.Amazon EFS
C.Amazon EBS with a cluster file system
D.Amazon S3 with s3fs-fuse
AnswerB

EFS is a managed NFS file system that provides high availability across AZs.

Why this answer

Option A is correct because Amazon EFS is a fully managed NFS file system that is highly available across multiple Availability Zones. Option B is wrong because FSx for Windows File Server is not POSIX-compliant for SAP. Option C is wrong because EBS is not shared.

Option D is wrong because S3 is not a POSIX file system.

26
MCQmedium

A company is migrating an SAP HANA database to AWS. The system requires a high-performance storage solution with low latency for database files, and the storage must be scalable without downtime. Which AWS storage solution should the company use for the SAP HANA data volume?

A.Amazon S3
B.Amazon EBS st1
C.Amazon EBS io2 Block Express
D.Amazon EBS gp3
AnswerC

io2 Block Express provides up to 256000 IOPS and can be modified without downtime.

Why this answer

Option B is correct because Amazon EBS io2 Block Express volumes provide high IOPS, low latency, and can be scaled dynamically without downtime. Option A is wrong because S3 is object storage with higher latency. Option C is wrong because EBS gp3 offers lower maximum IOPS.

Option D is wrong because EBS st1 is throughput-optimized and not suitable for database workloads.

27
MCQeasy

A company is migrating an on-premises SAP HANA database to AWS. The database is 2 TB in size, and the network link has a bandwidth of 1 Gbps with an average utilization of 40% during the migration window. They need to minimize the migration time. Which approach should they use?

A.Use AWS Snowball Edge to transfer the data physically.
B.Request a temporary bandwidth increase from the ISP.
C.Use AWS Database Migration Service (DMS) with ongoing replication to minimize downtime.
D.Use Amazon S3 Transfer Acceleration to speed up the transfer.
AnswerA

Snowball avoids network bottleneck for large data.

Why this answer

AWS Snowball Edge is the most efficient for large data transfers over limited bandwidth; it avoids network bottlenecks. Option A is wrong because AWS DMS with ongoing replication is better for minimal downtime but initial load is slow over constrained network. Option B is wrong because increasing bandwidth is not feasible.

Option D is wrong because S3 Transfer Acceleration only speeds up uploads to S3, not to SAP HANA directly.

28
MCQhard

An SAP NetWeaver system on AWS is configured with a shared file system between the application servers. Which AWS storage service should be used for this shared file system?

A.AWS Storage Gateway File Gateway
B.Amazon S3
C.Amazon EFS
D.Amazon EBS with multi-attach
AnswerC

EFS provides a fully managed NFS file system that can be shared across multiple EC2 instances.

Why this answer

Amazon EFS is the correct choice because it provides a fully managed, NFS-based shared file system that can be mounted concurrently by multiple EC2 instances, making it ideal for SAP NetWeaver application servers that require a common file system for shared data such as transport directories, logs, and profile files. EFS supports the NFSv4.1 and NFSv4.0 protocols, ensuring POSIX-compliant file locking and consistency across the cluster.

Exam trap

The trap here is that candidates often confuse Amazon EBS with multi-attach as a viable shared file system for SAP, but they overlook that EBS multi-attach requires a cluster-aware file system and is limited to a small number of instances, making it unsuitable for the multi-instance, high-availability requirements of SAP NetWeaver.

How to eliminate wrong answers

Option A is wrong because AWS Storage Gateway File Gateway provides on-premises access to S3 via NFS or SMB, but it is not designed for low-latency, high-throughput shared file systems between EC2 instances in the same AWS region; it introduces unnecessary latency and complexity for SAP workloads. Option B is wrong because Amazon S3 is an object storage service with eventual consistency for overwrite PUTS and lacks native file locking, POSIX permissions, and the ability to serve as a shared file system mountable by multiple EC2 instances simultaneously. Option D is wrong because Amazon EBS with multi-attach supports only a limited number of instances (up to 16) and requires a cluster-aware file system like XFS or GFS2, but it is not recommended for SAP NetWeaver due to scalability limitations and the lack of native NFS support.

29
MCQeasy

A company runs SAP ERP on AWS using a single EC2 instance for the database and application. The system has been in production for two years. The SAP administrator receives a notification that the EC2 instance's underlying hardware is scheduled for retirement in two weeks. The administrator needs to minimize downtime and ensure the SAP system is available during the maintenance. Which action should the administrator take?

A.Reboot the instance to move it to healthy hardware.
B.Request an extension of the retirement date from AWS Support.
C.Create an AMI of the instance and launch a new instance from the AMI.
D.Stop the instance and then start it again to migrate to new hardware.
AnswerD

Stop/start moves instance to new hardware quickly.

Why this answer

Option C is correct: Stopping and starting the instance migrates it to new hardware with minimal downtime (the stop/start cycle takes a few minutes). Option A is wrong because rebooting does not change the underlying hardware; it stays on the same degraded hardware. Option B is wrong because creating an AMI and launching a new instance would take longer and may cause IP/hostname changes.

Option D is wrong because scheduled events do not support delay beyond the given date; requesting a delay is not a standard procedure.

30
Multi-Selectmedium

An organization is planning to migrate its SAP landscape to AWS and needs to ensure high availability for the SAP Central Services (ASCS) instance. Which TWO AWS services can be used to implement a high-availability architecture for ASCS?

Select 2 answers
A.Amazon EC2 Auto Recovery
B.Amazon CloudFront
C.AWS Database Migration Service (DMS)
D.Elastic Load Balancing (ELB)
E.Amazon Route 53
AnswersA, E

Auto Recovery can recover the instance if it fails.

Why this answer

Options A and B are correct. Amazon Route 53 can be used for DNS-level failover, and Amazon EC2 Auto Recovery can automatically restart an instance in case of failure. Option C is wrong because ELB is not typically used for ASCS.

Option D is wrong because AWS DMS is a database migration service. Option E is wrong because Amazon CloudFront is a CDN.

31
MCQeasy

A company is planning to migrate their SAP system to AWS. They need to ensure that the SAP application servers and database servers are in the same AWS Region but in different Availability Zones for high availability. The network latency between Availability Zones must be minimal. Which AWS service should be used to connect the instances?

A.Set up VPC Peering between the Availability Zones
B.Establish an AWS Direct Connect connection
C.Use the default VPC network within the same VPC spanning multiple Availability Zones
D.Use AWS Transit Gateway to connect the subnets
AnswerC

Instances in the same VPC across AZs communicate over AWS's low-latency network.

Why this answer

Option A is correct because AWS uses a redundant, high-bandwidth, low-latency network between Availability Zones. Option B is wrong because VPC Peering is used for connecting different VPCs. Option C is wrong because Direct Connect is for on-premises connections.

Option D is wrong because Transit Gateway is for hub-and-spoke connectivity, not needed for within a VPC.

32
Multi-Selecthard

Which THREE of the following are valid considerations for designing SAP workloads on AWS to achieve high availability within a single AWS Region? (Choose three.)

Select 3 answers
A.Use AWS Network Load Balancer (NLB) for SAP Enqueue Replication 2 (ENSA2)
B.Use HANA scale-out with HSR across two nodes for high availability
C.Use a cluster with a shared file system (e.g., Amazon EFS or FSx) for SAP ASCS
D.Use Elastic Network Interface (ENI) failover for the SAP application server floating IP
E.Implement HANA System Replication (HSR) with automatic failover using a third instance as a quorum
AnswersC, D, E

ASCS can be made highly available with a clustered file system.

Why this answer

Option C is correct because SAP ASCS (ABAP Central Services) requires a shared file system for the global transport directory and instance profiles to enable failover between cluster nodes. Amazon EFS or FSx for NetApp ONTAP provide the necessary NFS-based shared storage that supports the SAP enqueue replication and message server services during a failover event.

Exam trap

Cisco often tests the misconception that ENSA2 requires a load balancer for replication traffic, but in reality, ENSA2 uses direct peer-to-peer communication between ASCS and ERS instances without any intermediate load balancer.

33
Multi-Selecthard

Which THREE factors should be considered when choosing an instance type for an SAP HANA database on AWS? (Select THREE.)

Select 3 answers
A.Memory size of the instance
B.The instance type must be certified for SAP HANA
C.Number of EBS volumes that can be attached
D.GPU capabilities of the instance
E.Network throughput of the instance
AnswersA, B, E

HANA is memory-intensive; the instance must have enough RAM.

Why this answer

Options A, B, and D are correct. SAP HANA requires certified instance types (A), memory must be sufficient for the data (B), and network performance is critical for throughput (D). Option C is wrong because GPU is not required for HANA.

Option E is wrong because EBS-optimized instances are already required for HANA, but the instance type itself determines that; it's not a separate consideration.

34
Multi-Selecteasy

Which TWO services can be used to centrally manage and enforce backup policies for SAP systems on AWS? (Choose TWO.)

Select 2 answers
A.Amazon Data Lifecycle Manager
B.AWS Backup
C.AWS CloudFormation
D.AWS Config
E.Amazon S3
AnswersA, B

DLM automates creation, retention, and deletion of EBS snapshots.

Why this answer

Amazon Data Lifecycle Manager (DLM) automates the creation, retention, and deletion of EBS snapshots and EBS-backed AMIs. For SAP systems, you can use DLM to enforce backup policies for the underlying EBS volumes (e.g., /usr/sap, /sapmnt, data volumes) by scheduling snapshots and applying retention rules. AWS Backup provides a centralized, policy-based backup service that supports SAP HANA databases (via Backint integration) and EC2 instances, enabling you to define backup plans, assign resources, and enforce compliance across your SAP landscape.

Exam trap

The trap here is that candidates often confuse AWS Config's compliance evaluation (which can detect missing backups) with actual backup policy enforcement, or they assume Amazon S3's storage capabilities include policy management, when in fact only DLM and AWS Backup provide the scheduling, retention, and enforcement mechanisms required for centralized backup management.

35
MCQhard

A company is migrating their SAP S/4HANA system to AWS. They plan to use SAP HANA Cockpit for migration. During the pre-migration assessment, they find that the on-premises HANA system uses a mix of row and column store tables. The target AWS HANA instance is provisioned on a memory-optimized instance. They want to ensure optimal performance post-migration. Which additional step should they take?

A.Reduce the memory allocation of the HANA instance
B.Disable data compression on the target HANA instance
C.Convert row store tables to column store tables where possible
D.Increase the number of HANA index servers
AnswerC

Column store is optimized for SAP HANA performance.

Why this answer

Option C is correct because migrating to a column store improves performance for analytical workloads, which is typical for S/4HANA. Option A is wrong because disabling compression would increase storage and memory usage. Option B is wrong because reducing memory allocation could degrade performance.

Option D is wrong because increasing parallelism may not help if the storage layout is suboptimal.

36
Multi-Selecthard

Which TWO configurations are mandatory for an SAP HANA system replication setup on AWS? (Choose TWO.)

Select 2 answers
A.An Application Load Balancer in front of the HANA instances
B.A virtual IP (VIP) address for the HANA system
C.A dedicated replication network between primary and secondary
D.Encryption of data in transit using SSL
E.A separate VPC for the secondary instance
AnswersB, C

VIP is used for failover.

Why this answer

SAP HANA system replication requires a virtual IP address and a replication network. Option B is wrong because a load balancer is optional. Option C is wrong because a separate VPC is not required.

Option E is wrong because encryption is recommended but not mandatory.

37
Multi-Selecthard

Which THREE actions should be taken to ensure minimal downtime during an SAP system migration to AWS using SAP HSR (HANA System Replication)?

Select 3 answers
A.Disable backups on the source system to reduce load.
B.Perform a takeover to the target system to finalize migration.
C.Pre-provision the target SAP HANA instance on AWS.
D.Manually copy data files to AWS before starting replication.
E.Configure HANA System Replication between source and target.
AnswersB, C, E

Takeover switches production to the target with minimal downtime.

Why this answer

To minimize downtime, you need to replicate data in advance, configure a takeover, and pre-create resources. Option A ensures the target is ready. Option B is the core replication mechanism.

Option C allows quick cutover. Option D is wrong because disabling backup does not reduce downtime and risks data loss. Option E is wrong because manual sync is not needed with HSR.

38
MCQmedium

An operations team needs to ensure that all changes to AWS resources related to SAP systems are tracked and audited. Which AWS service should they use?

A.AWS CloudTrail
B.Amazon CloudWatch
C.AWS Config
D.AWS Trusted Advisor
AnswerA

CloudTrail logs all API activity for auditing.

Why this answer

Option A is correct because CloudTrail records API calls for auditing. Option B is wrong because Config tracks configuration changes, not API calls. Option C is wrong because CloudWatch is for monitoring.

Option D is wrong because Trusted Advisor is for best practices.

39
MCQmedium

A company is migrating an SAP S/4HANA system to AWS. The migration strategy involves using SAP HANA System Replication (HSR) to replicate the source HANA database to an EC2 instance running HANA. During the final cutover, the replication link breaks and the target database becomes inconsistent. What should the migration team do to recover?

A.Restart HSR with a delta snapshot from the source
B.Perform a full HSR initial snapshot from the source to the target
C.Restore the target database from an AWS Backup
D.Use AWS DMS to replicate remaining changes
AnswerB

Full snapshot ensures consistency and can be used to reinitialize replication.

Why this answer

Option A is incorrect because using HSR to reinitialize from the source will overwrite the target. Option B is incorrect because from backup may cause data loss and time. Option C is incorrect because AWS DMS does not support HANA-to-HANA replication fully.

Option D is correct because a full HSR initial snapshot from the source will bring the target to a consistent state.

40
MCQmedium

A company migrates its SAP HANA database to an EC2 instance with 1 TB of memory. The system is used for both OLTP and OLAP workloads. The performance team notices that memory utilization is high but the CPU is underutilized. Which configuration change would best improve overall system throughput?

A.Use a smaller instance type with higher CPU to memory ratio
B.Enable HANA Large Pages to reduce TLB misses and improve memory access
C.Increase the swap space on the instance store volumes
D.Disable HANA compression to reduce CPU overhead
AnswerB

Large pages improve memory access efficiency.

Why this answer

Option C is correct because enabling HANA Large Pages improves memory management and CPU efficiency for large workloads. Option A is incorrect because increasing swap would degrade performance. Option B is incorrect because disabling HANA compression increases memory usage.

Option D is incorrect because using smaller instances would not help.

41
MCQhard

A company runs SAP S/4HANA on AWS. The system is deployed in a cluster across two Availability Zones using Pacemaker for high availability. The primary SAP HANA node fails, and the failover to the secondary node is successful. However, after failover, the application servers cannot connect to the database because the database IP address changed. The application servers are configured to use the IP address of the primary node. The company needs a solution that allows the application servers to connect to the active database node without reconfiguration after failover. Which solution should the company implement?

A.Use Amazon Route 53 DNS with a health check to point to the active node's IP
B.Associate an Elastic IP address to the active node using a script during failover
C.Configure a CNAME record in Route 53 that points to the primary node's DNS name
D.Deploy an internal Network Load Balancer (NLB) with a static IP and target the HANA nodes
AnswerD

NLB provides a static IP that stays constant; it forwards traffic to the active node.

Why this answer

Option D is correct because using an internal Network Load Balancer (NLB) with a static IP address for the database virtual IP allows application servers to connect to the NLB, which forwards traffic to the active node. Option A is wrong because Elastic IPs are not automatically reassigned. Option B is wrong because Route 53 health checks have DNS TTL delays.

Option C is wrong because a CNAME record still has TTL issues.

42
Multi-Selectmedium

A company is migrating an SAP ERP system to AWS. Which TWO AWS services should they use to set up a highly available SAP HANA database?

Select 2 answers
A.AWS Elastic Disaster Recovery (DRS)
B.Amazon EFS
C.Amazon Redshift
D.Amazon DynamoDB
E.Amazon S3
AnswersA, B

DRS provides replication and recovery for SAP HANA.

Why this answer

Options B and D are correct. AWS Elastic Disaster Recovery (DRS) enables replication for failover, and Amazon EFS provides shared storage for SAP HANA. Option A is wrong because S3 is not suitable for database storage.

Option C is wrong because DynamoDB is NoSQL, not for SAP HANA. Option E is wrong because Redshift is a data warehouse.

43
MCQhard

A company uses AWS Lambda functions with reserved concurrency to process messages from an SQS queue. The operations team notices that the Lambda function sometimes throttles, causing messages to remain in the queue. What is the MOST likely cause and solution?

A.The SQS visibility timeout is too short; increase it.
B.The Lambda function's dead-letter queue (DLQ) is not configured; set up a DLQ.
C.The SQS queue's redrive policy is too aggressive; reduce the maxReceiveCount.
D.The reserved concurrency is set too low; increase the reserved concurrency for the function.
AnswerD

Reserved concurrency limits concurrent executions, causing throttling when exceeded.

Why this answer

Option D is correct because Lambda throttling occurs when the reserved concurrency limit is reached, preventing the function from processing new invocations. Since the function uses reserved concurrency, setting it too low restricts the number of concurrent executions, causing SQS messages to remain in the queue until concurrency becomes available. Increasing the reserved concurrency allows more parallel invocations, reducing throttling and improving message processing throughput.

Exam trap

The trap here is that candidates often confuse throttling with message processing failures and incorrectly focus on DLQ or visibility timeout settings, rather than recognizing that reserved concurrency directly controls the maximum number of concurrent Lambda executions and is the primary cause of throttling when set too low.

How to eliminate wrong answers

Option A is wrong because the SQS visibility timeout controls how long a message is hidden after being polled, not the cause of Lambda throttling; a short visibility timeout would cause duplicate processing, not throttling. Option B is wrong because a dead-letter queue (DLQ) captures messages that fail processing after multiple retries, but it does not prevent throttling or address the root cause of messages staying in the queue due to concurrency limits. Option C is wrong because the redrive policy's maxReceiveCount determines how many times a message can be received before being sent to a DLQ, and reducing it would send messages to the DLQ sooner, not resolve throttling issues.

44
MCQhard

A company is deploying SAP S/4HANA on AWS and needs to ensure that the system can handle a sudden increase in user load during month-end closing. Which architectural change would best address this requirement?

A.Configure auto-scaling for the SAP application tier based on CPU utilization.
B.Deploy the application across multiple Availability Zones.
C.Increase the provisioned IOPS on the database EBS volumes.
D.Use a larger EC2 instance type for the application server.
AnswerA

Auto-scaling adds compute capacity automatically during high load.

Why this answer

Option A is correct because application auto-scaling allows adding instances to handle increased load. Option B is wrong because vertical scaling has limits and requires downtime. Option C is wrong because increasing provisioned IOPS helps with storage, not compute.

Option D is wrong because Multi-AZ provides high availability, not scalability.

45
Multi-Selectmedium

A company is migrating an SAP system to AWS using the SAP DMO (Database Migration Option) with system move. Which TWO prerequisites must be met before starting the migration?

Select 2 answers
A.A separate AWS account must be used for the target system.
B.The target EC2 instances and storage must be prepared in advance.
C.The source system must be running a supported SAP NetWeaver release.
D.The source database must be stopped during the entire migration.
E.A VPN or Direct Connect connection must be established.
AnswersB, C

Needed to import the system.

Why this answer

SAP DMO requires that the source system is on a supported SAP NetWeaver release and that the target AWS infrastructure (EC2, storage) is prepared. The source database does not need to be stopped; DMO can run online. A separate AWS account is not a prerequisite.

A direct network connection is recommended but not strictly required.

46
MCQmedium

A company is migrating its SAP ERP system to AWS. The system requires high availability across two Availability Zones. Which AWS service should be used to manage the virtual IP address for the SAP Central Services (ASCS/ERS) cluster?

A.Elastic IP address
B.Network Load Balancer
C.AWS Global Accelerator
D.Amazon Route 53
AnswerD

Route 53 with failover routing and health checks can manage VIP for SAP clusters.

Why this answer

Amazon Route 53 is used to manage the virtual IP address for the SAP Central Services (ASCS/ERS) cluster by leveraging DNS-based failover. In a multi-AZ SAP cluster, Route 53 health checks monitor the active node and automatically update the DNS record to point to the healthy node's IP address, enabling clients to connect to the virtual hostname without relying on a floating IP. This approach is recommended by AWS for SAP deployments because it avoids the need for a shared IP across Availability Zones, which is not natively supported in AWS.

Exam trap

The trap here is that candidates often confuse the need for a virtual IP with a load balancer (NLB) or a static IP (Elastic IP), but AWS does not support floating IPs across Availability Zones, so Route 53's DNS-based failover is the correct and recommended service for managing the SAP ASCS/ERS virtual IP in a multi-AZ cluster.

How to eliminate wrong answers

Option A is wrong because Elastic IP addresses are static public IPv4 addresses that cannot be moved between instances across Availability Zones without manual intervention, and they do not support automatic failover required for SAP ASCS/ERS clustering. Option B is wrong because a Network Load Balancer operates at Layer 4 and distributes traffic to multiple targets, but it cannot serve as a virtual IP for the SAP cluster's active/passive model where only one node is active at a time; NLB is typically used for SAP application tier load balancing, not for the ASCS/ERS virtual IP. Option C is wrong because AWS Global Accelerator provides static IP addresses for global traffic routing and performance optimization, but it is designed for internet-facing applications and does not manage virtual IP failover within a single region's Availability Zones for SAP cluster services.

47
Multi-Selecthard

Which THREE factors are essential when planning the migration of an SAP system with near-zero downtime requirements? (Choose three.)

Select 3 answers
A.Network bandwidth between source and target
B.Data volume and change rate during migration
C.Performance testing strategy for the target system
D.Ability to perform a final delta sync before cutover
E.Choice of storage type (EBS vs. EFS)
AnswersA, B, D

Bandwidth affects the speed of data transfer for both full load and delta.

Why this answer

These three factors directly impact the ability to minimize downtime during migration. Option A is wrong because storage type does not directly affect downtime. Option B is wrong because performance testing can be done after migration and is not essential for planning near-zero downtime.

48
Multi-Selecteasy

A company is migrating its SAP environment to AWS. They need to choose the right storage for SAP HANA data and log volumes. Which two storage types are SAP HANA certified on AWS? (Choose TWO.)

Select 2 answers
A.Instance store volumes
B.Amazon EBS gp3 volumes
C.Amazon S3
D.Amazon EBS io2 volumes
E.Amazon EFS
AnswersB, D

gp3 is SAP HANA certified.

Why this answer

SAP HANA on AWS supports EBS gp3 and io2 for data and log volumes. Option A is correct because gp3 is certified. Option D is correct because io2 is certified.

Option B (instance store) is not recommended for persistent data. Option C (EFS) is not supported for HANA. Option E (S3) is object storage, not block storage.

49
MCQmedium

A company is designing an SAP S/4HANA deployment on AWS with high availability. They want to use a shared file system for the SAP transport directory. Which AWS service should they use for this shared file system?

A.Amazon EFS
B.Amazon FSx for Windows File Server
C.Amazon EBS with multi-attach enabled
D.Amazon S3
AnswerA

EFS provides a scalable NFS file system that can be shared across multiple AZs.

Why this answer

Option C is correct. Amazon EFS provides a shared NFS file system that can be mounted across multiple EC2 instances in different Availability Zones. Option A is wrong because EBS volumes can only be attached to one instance at a time.

Option B is wrong because S3 is object storage, not a file system. Option D is wrong because FSx for Windows File Server is for SMB, not typically for SAP transport.

50
MCQeasy

A company needs to migrate a large amount of on-premises data to Amazon S3. The data is stored on tape backups. The migration must be completed within 2 weeks. Which AWS service should they use?

A.AWS DataSync
B.AWS Database Migration Service
C.AWS Snowball Edge
D.AWS Storage Gateway
AnswerC

Snowball Edge can physically ship devices to transfer large data quickly.

Why this answer

AWS Snowball Edge is a physical device for large data transfer when internet bandwidth is limited. Option A is wrong because DMS is for databases. Option B is wrong because DataSync is for online transfer and may not be fast enough.

Option D is wrong because Storage Gateway is for hybrid storage, not bulk migration.

51
MCQmedium

An SAP administrator needs to ensure that all EC2 instances in the SAP landscape have the correct patches and configurations. Which AWS service can be used to automate OS patch management?

A.AWS CloudFormation
B.AWS Systems Manager Patch Manager
C.AWS OpsWorks
D.AWS Config
AnswerB

Automates OS patching.

Why this answer

Option D is correct because AWS Systems Manager Patch Manager automates patching. Option A is wrong because OpsWorks is for Chef/Puppet. Option B is wrong because CloudFormation is for infrastructure.

Option C is wrong because Config is for compliance.

52
MCQmedium

An SAP system running on AWS is experiencing high CPU utilization on the database server. The database is SAP HANA running on an r5.8xlarge instance. Which metric in Amazon CloudWatch would best indicate whether the CPU is being consumed by the HANA process or by other OS processes?

A.CPUUtilization metric from the EC2 instance
B.HANA CPU metric from SAP HANA CloudWatch integration
C.CPUCreditUsage metric
D.Custom metrics collected by the CloudWatch agent for the hdbindexserver process
AnswerD

The CloudWatch agent can collect per-process CPU metrics, allowing identification of HANA CPU usage.

Why this answer

Option D is correct because CloudWatch Agent can collect per-process CPU metrics. Option A is wrong because CPUUtilization is aggregate. Option B is wrong because CPUCreditUsage is for burstable instances.

Option C is wrong because the HANA metric is not a standard CloudWatch metric.

53
MCQmedium

An SAP system administrator is setting up monitoring for SAP NetWeaver on AWS. They want to send custom SAP application metrics to CloudWatch for alerting. What is the most efficient way to achieve this?

A.Use SAP Solution Manager to export metrics to CloudWatch via API
B.Use AWS Lambda to periodically query SAP and push metrics to CloudWatch
C.Install the Amazon CloudWatch Agent on the EC2 instance and configure it to collect SAP metrics
D.Configure AWS Systems Manager to collect SAP metrics
AnswerC

The CloudWatch Agent can collect custom metrics from the OS and applications, including SAP, and publish them to CloudWatch efficiently.

Why this answer

The CloudWatch Agent can collect custom metrics from the OS and applications, including SAP, and publish them to CloudWatch. AWS Lambda can be used but requires custom code and more overhead. SAP Solution Manager does not natively integrate with CloudWatch.

AWS Systems Manager is for management, not custom metric publishing.

54
MCQeasy

A company is planning to run SAP HANA on AWS. What is the recommended practice for sizing the EC2 instance for SAP HANA?

A.Select an instance type from the SAP HANA certified list on AWS
B.Choose an instance with the highest network bandwidth
C.Choose an instance with the highest vCPU count
D.Choose an instance with the most memory available
AnswerA

Only certified instances are supported for SAP HANA production.

Why this answer

SAP HANA requires that the instance be certified for SAP HANA on AWS. Option A is wrong because memory is just one factor. Option B is wrong because vCPU count is not the primary criterion.

Option D is wrong because network bandwidth is secondary.

55
MCQhard

A company is migrating a legacy application to AWS. The application uses a custom TCP protocol and requires session persistence. The application runs on a fleet of EC2 instances behind a Network Load Balancer (NLB). The current configuration uses a TCP listener with 'source IP' stickiness. However, some clients are being routed to different instances mid-session, causing application errors. What is the most likely cause and solution?

A.The NLB does not support source IP stickiness; use a Classic Load Balancer instead.
B.Clients are behind a NAT gateway, so the source IP changes between requests, breaking stickiness. Use a 'stitched' cookie or switch to an Application Load Balancer.
C.The NLB has cross-zone load balancing enabled, which distributes traffic across instances in different Availability Zones.
D.The idle timeout of the NLB is too low, causing the NLB to close connections prematurely.
AnswerB

NAT changes the source IP, which defeats source IP stickiness.

Why this answer

Option B is correct because clients behind a NAT gateway will have their source IP address translated to the NAT gateway's public IP, which remains consistent for all requests from that gateway. However, if multiple clients share the same NAT gateway, the source IP is the same, but the NLB's source IP stickiness is based on the client's source IP as seen by the NLB. If the NAT gateway uses multiple public IPs or if clients are behind different NAT gateways, the source IP can change between requests, breaking stickiness.

The solution is to use a 'stitched' cookie or switch to an Application Load Balancer, which supports cookie-based session persistence independent of source IP.

Exam trap

The trap here is that candidates assume source IP stickiness works identically for all clients, failing to consider that NAT gateways or proxy servers can cause the source IP to change between requests, which is a common scenario in hybrid or multi-VPC architectures.

How to eliminate wrong answers

Option A is wrong because Network Load Balancers do support source IP stickiness (also known as client IP stickiness) for TCP listeners; Classic Load Balancers are legacy and not recommended for new deployments. Option C is wrong because cross-zone load balancing distributes traffic across instances in different Availability Zones but does not cause mid-session routing changes; it actually helps maintain stickiness by keeping traffic within the same target group. Option D is wrong because the idle timeout of an NLB is configurable (default 350 seconds) and affects connection persistence, but it would cause connections to drop entirely, not route to different instances mid-session.

56
MCQeasy

An SAP administrator needs to ensure that all API calls made to AWS services are logged for auditing purposes. Which AWS service should be enabled?

A.AWS Config
B.AWS CloudTrail
C.Amazon CloudWatch Logs
D.VPC Flow Logs
AnswerB

CloudTrail provides a record of API activity.

Why this answer

Option A is correct. AWS CloudTrail records API calls. Option B is incorrect because CloudWatch Logs is for log data.

Option C is incorrect because Config is for configuration changes. Option D is incorrect because VPC Flow Logs capture network traffic.

57
Multi-Selecteasy

A company is designing an SAP S/4HANA deployment on AWS. They want to ensure high availability for the central services (ASCS and ERS) across two Availability Zones. Which TWO of the following are required components for a typical SAP high availability setup on AWS? (Choose TWO.)

Select 2 answers
A.Amazon RDS Multi-AZ deployment for the SAP HANA database.
B.AWS Network Load Balancer to route traffic to the ASCS and ERS instances.
C.Amazon EFS file system mounted on both instances for shared /sapmnt.
D.AWS Transit Gateway to connect the two Availability Zones.
E.AWS Global Accelerator to provide static anycast IP addresses.
AnswersB, C

NLB is used for SAP HA to manage virtual IPs and health checks.

Why this answer

The AWS Network Load Balancer (NLB) is required to distribute traffic to the ASCS and ERS instances across two Availability Zones. It uses health checks to detect failures and reroute traffic to the healthy instance, ensuring that the SAP central services remain available even if one AZ fails. The NLB operates at Layer 4, preserving the source IP and supporting the necessary SAP protocols like the Message Server and Enqueue Replication.

Exam trap

The trap here is that candidates often confuse the need for a shared file system (like EFS) with a database replication mechanism, but the question specifically asks for components required for central services (ASCS/ERS) HA, not the database layer.

58
MCQeasy

An SAP administrator needs to ensure that all API calls made to AWS services by the SAP system are logged for auditing purposes. Which AWS service should be enabled?

A.AWS Config
B.AWS CloudTrail
C.Amazon CloudWatch
D.VPC Flow Logs
AnswerB

CloudTrail provides a record of API activity in your account.

Why this answer

Option B is correct because AWS CloudTrail logs all API calls to AWS services. Option A is wrong because Amazon CloudWatch is for metrics and logs. Option C is wrong because AWS Config records resource configurations.

Option D is wrong because VPC Flow Logs capture IP traffic information.

59
MCQhard

A company is running SAP S/4HANA on AWS with a scale-out HANA configuration. The system is experiencing performance degradation during peak hours. Monitoring shows high network throughput on the HANA nodes. Which EC2 instance family is best suited to mitigate this?

A.x2iedn instances with high network bandwidth.
B.c5 instances with placement groups.
C.r5 instances with enhanced networking.
D.m5 instances with EBS optimization.
AnswerA

x2iedn is specifically designed for SAP HANA with high network performance.

Why this answer

The x2iedn instances are specifically designed for SAP HANA scale-out configurations, offering high memory per vCPU and dedicated high network bandwidth via the Elastic Network Adapter (ENA). In a scale-out HANA setup, nodes communicate intensively over the network for data synchronization and shared storage access, so high network throughput directly mitigates the performance degradation during peak hours.

Exam trap

The trap here is that candidates may assume any memory-optimized instance (like r5) is sufficient for SAP HANA, overlooking the specific network throughput and SAP certification requirements for scale-out configurations that only x2iedn instances meet.

How to eliminate wrong answers

Option B is wrong because c5 instances are compute-optimized and lack the large memory footprint required for SAP HANA, making them unsuitable for scale-out HANA workloads. Option C is wrong because r5 instances, while memory-optimized, do not provide the dedicated high network bandwidth and SAP certification for HANA scale-out that x2iedn instances offer. Option D is wrong because m5 instances are general-purpose and not optimized for the memory-intensive and high-throughput network demands of SAP HANA scale-out, and EBS optimization alone does not address inter-node network throughput.

60
MCQmedium

A company is running SAP ERP on AWS and uses SAP HANA as the database. The system administrator needs to apply an OS patch that requires a reboot. The SAP HANA database is running in a scale-out configuration across multiple EC2 instances. What is the best approach to minimize downtime?

A.Perform a rolling reboot of the HANA nodes, rebooting one node at a time.
B.Take EBS snapshots of all volumes before patching, then patch one by one.
C.Create an AMI of the master node and launch a new instance with the patch applied.
D.Stop all EC2 instances, apply the patch, and start them in sequence.
AnswerA

HANA scale-out allows rolling maintenance without full downtime.

Why this answer

Option C is correct because HANA scale-out supports rolling updates; rebooting one node at a time allows the database to remain operational. Option A is wrong because stopping all instances causes full downtime. Option B is wrong because taking EBS snapshots does not help with patching.

Option D is wrong because creating an AMI is unnecessary and still requires downtime for the master.

61
MCQmedium

A company is migrating a multi-tier application to AWS. The application includes a web tier, application tier, and database tier. To ensure security, the database tier must not be accessible from the internet. Which VPC configuration should be used?

A.Place the database tier in subnets with a NAT Gateway
B.Place the database tier in subnets with an Internet Gateway
C.Place all tiers in public subnets
D.Place the database tier in private subnets
AnswerD

Private subnets have no direct internet access.

Why this answer

Placing the database tier in private subnets ensures it is not directly accessible from the internet. Option A (Public subnets) would allow internet access. Option B (NAT Gateway) is for outbound internet.

Option D (Internet Gateway) is for inbound/outbound internet access.

62
MCQmedium

A company is migrating a legacy SAP ERP system to AWS. The migration must be completed over a weekend to minimize business impact. The SAP application relies on a custom kernel that is not supported by the AWS SAP HANA Large Instances. What is the best approach?

A.Migrate to SAP HANA Large Instances and update the kernel
B.Contact SAP to obtain a supported kernel version
C.Use an SAP-certified EC2 instance with the existing kernel
D.Re-platform the application to use a supported kernel
AnswerC

EC2 instances can run custom kernel if certified.

Why this answer

SAP on AWS supports HANA Large Instances and also certified EC2 instances. Using a certified EC2 instance avoids unsupported kernel issue. Option B is correct.

Option A is wrong because HANA Large Instances are not compatible. Option C is wrong because re-platforming is more risky. Option D is wrong because SAP support is not the blocker.

63
MCQmedium

A company is planning to migrate an SAP BusinessObjects environment to AWS. They need to ensure high availability for the Web Application Server tier. Which AWS service should they use to distribute traffic across multiple instances?

A.AWS Global Accelerator
B.Network Load Balancer (NLB)
C.Application Load Balancer (ALB)
D.Amazon Route 53
AnswerC

ALB is designed for HTTP/HTTPS traffic and is suitable for web application servers.

Why this answer

An Application Load Balancer (ALB) distributes HTTP/HTTPS traffic across targets. NLB is for TCP/UDP. Global Accelerator improves performance but not primarily for load balancing.

Route 53 is DNS.

64
Multi-Selecthard

A company is running SAP on AWS and uses an Application Load Balancer (ALB) to distribute traffic to SAP Web Dispatchers. The operations team notices that some requests are failing with 502 errors. Which THREE actions should be taken to troubleshoot the issue?

Select 3 answers
A.Disable cross-zone load balancing to isolate the issue.
B.Increase the idle timeout setting on the ALB.
C.Review the ALB access logs to identify the target response codes.
D.Verify the security group rules for the ALB and the target instances.
E.Check the health check configuration and target group health status.
AnswersC, D, E

Access logs provide detailed information about the requests and responses.

Why this answer

Option A is correct because checking health checks can reveal if targets are unhealthy. Option C is correct because reviewing ALB access logs can show the response codes and target details. Option E is correct because checking security group rules ensures the ALB can communicate with the targets.

Option B is incorrect because increasing idle timeout is not a direct fix for 502 errors. Option D is incorrect because disabling cross-zone load balancing does not affect 502 errors.

65
MCQmedium

A company is migrating an on-premises Oracle database to Amazon RDS for Oracle. The database is 2 TB in size and has a 24-hour maintenance window. The migration must minimize downtime and support ongoing replication during the cutover. Which AWS service should be used for the migration?

A.AWS Snowball Edge
B.AWS Database Migration Service (DMS)
C.Amazon S3 Transfer Acceleration
D.AWS Server Migration Service (SMS)
AnswerB

AWS DMS supports continuous replication and minimal downtime for database migrations.

Why this answer

Option C is correct because AWS Database Migration Service (DMS) supports ongoing replication from on-premises to RDS with minimal downtime, and can handle large databases using change data capture (CDC). Option A is wrong because AWS Snowball is for large data transfers but does not support ongoing replication. Option B is wrong because AWS Server Migration Service is for server-level migrations, not databases.

Option D is wrong because Amazon S3 Transfer Acceleration speeds up uploads to S3 but does not directly migrate databases.

66
MCQmedium

A company uses AWS Systems Manager Patch Manager to patch a fleet of EC2 instances. After a recent patching operation, some instances failed with the error 'Unable to retrieve patch baseline'. The instances are in a private subnet with a VPC endpoint for SSM. What is the MOST likely cause?

A.The VPC endpoint for SSM does not have a security group that allows HTTPS outbound to the endpoint
B.The CodeDeploy agent on the instances is outdated
C.The instances are not registered as managed instances with the SSM ManagedInstance role
D.The instances do not have an IAM instance profile attached
AnswerA

Missing outbound HTTPS from the instance to the SSM endpoint prevents communication.

Why this answer

The error 'Unable to retrieve patch baseline' indicates that the EC2 instances cannot communicate with the AWS Systems Manager service to fetch the patch baseline configuration. Since the instances are in a private subnet with a VPC endpoint for SSM, the most likely cause is that the VPC endpoint's security group does not allow HTTPS outbound traffic (port 443) to the endpoint itself. Without this outbound rule, the SSM Agent on the instance cannot establish the TLS connection required to retrieve the patch baseline from the SSM API.

Exam trap

The trap here is that candidates often assume the error is due to missing IAM permissions (Option D) or instance registration (Option C), but the specific error message 'Unable to retrieve patch baseline' is a network connectivity error, not an authorization error, and the VPC endpoint security group misconfiguration is the classic cause in private subnet scenarios.

How to eliminate wrong answers

Option B is wrong because the CodeDeploy agent is unrelated to Systems Manager Patch Manager; the error is specific to SSM communication, not CodeDeploy. Option C is wrong because the 'SSM ManagedInstance role' is not a valid AWS concept; instances use an IAM instance profile with the AmazonSSMManagedInstanceCore policy to register as managed instances, and the error message points to a network connectivity issue, not registration. Option D is wrong because while an IAM instance profile is required for SSM operations, the error 'Unable to retrieve patch baseline' is a network-level error, not an authorization error (which would typically return 'AccessDenied' or similar).

67
MCQhard

An organization is planning to migrate an SAP ERP system from on-premises to AWS. The system uses a custom ABAP application that has a hardcoded IP address for RFC connections. The migration strategy must minimize changes to the application. What is the MOST effective approach?

A.Use a NAT Gateway to provide a fixed IP
B.Use VPC Peering to connect on-premises to AWS
C.Use a DNS name and update the application to use the DNS name
D.Assign an Elastic IP address to the SAP instance
AnswerD

Provides a static IP that can be retained after migration.

Why this answer

Using an Elastic IP ensures the public IP remains the same after migration, avoiding application changes. Option A (DNS) would require application changes. Option C (NAT Gateway) is for outbound traffic.

Option D (VPC Peering) does not provide a fixed IP.

68
MCQhard

An SAP Basis team is designing a high-availability architecture for SAP NetWeaver on AWS. They plan to use a shared file system for the transport directory and SAP profiles across multiple availability zones. Which AWS storage service should they use?

A.Amazon EBS with multi-attach
B.Amazon FSx for Windows File Server
C.Amazon EFS
D.Amazon S3
AnswerC

EFS provides a shared NFS file system across AZs.

Why this answer

Amazon EFS (Elastic File System) is the correct choice because it provides a fully managed, NFS-based shared file system that is accessible from multiple EC2 instances across different Availability Zones. For SAP NetWeaver, the transport directory and SAP profiles must be concurrently accessible from all application servers in a high-availability setup, and EFS supports the required POSIX permissions and locking semantics needed by SAP.

Exam trap

The trap here is that candidates often confuse Amazon EBS Multi-Attach (option A) as a viable cross-AZ solution, but it is strictly single-AZ, making it incompatible with the multi-AZ high-availability requirement for SAP NetWeaver.

How to eliminate wrong answers

Option A is wrong because Amazon EBS with multi-attach is limited to a single Availability Zone and supports only up to 16 Nitro-based instances, making it unsuitable for cross-AZ SAP high-availability architectures. Option B is wrong because Amazon FSx for Windows File Server uses SMB protocol, which is not natively supported by SAP NetWeaver on Linux (the typical OS for SAP on AWS) and would require additional translation layers. Option D is wrong because Amazon S3 is an object storage service that does not provide a POSIX-compliant file system interface or support the file locking and concurrent access patterns required by SAP transport and profile directories.

69
Multi-Selecteasy

Which TWO AWS services can be used to monitor the health of SAP application servers? (Choose 2)

Select 2 answers
A.Amazon Route 53
B.Amazon S3
C.AWS CloudTrail
D.Amazon CloudWatch
E.AWS Systems Manager
AnswersD, E

Monitors EC2 metrics and logs.

Why this answer

Options B and C are correct. CloudWatch can monitor EC2 CPU/memory metrics, and Systems Manager can run custom scripts for health checks. Option A (CloudTrail) is for API auditing.

Option D (Route 53) is for DNS health checks but not application-level. Option E (S3) is storage.

70
MCQhard

An SAP Basis administrator is troubleshooting a slow-performing SAP ERP system on AWS. The system uses Amazon EBS volumes with Provisioned IOPS (PIOPS) for database storage. Which metric in Amazon CloudWatch would best indicate whether the EBS volume is experiencing a performance bottleneck?

A.VolumeIdleTime
B.VolumeReadOps
C.VolumeQueueLength
D.VolumeThroughputPercentage
AnswerC

A high queue length indicates pending I/O requests, suggesting a bottleneck.

Why this answer

VolumeQueueLength measures the number of pending I/O requests waiting to be serviced by the EBS volume. A sustained high queue length (e.g., consistently above 1 per optimized IOPS) indicates that the volume is saturated and cannot keep up with the workload, which directly causes performance bottlenecks for SAP ERP database operations. This metric is the most direct indicator of a bottleneck because it reflects backpressure from the storage subsystem.

Exam trap

The trap here is that candidates confuse high I/O operations (VolumeReadOps) with a bottleneck, but a high read count alone does not indicate queuing or saturation—only VolumeQueueLength reveals whether the volume is struggling to keep up with the demand.

How to eliminate wrong answers

Option A is wrong because VolumeIdleTime measures the percentage of time the volume has no pending I/O operations; a low idle time indicates activity, not a bottleneck, and a high idle time would suggest the volume is underutilized. Option B is wrong because VolumeReadOps simply counts read operations per minute; a high value indicates heavy read activity but does not by itself indicate a bottleneck—the volume could be handling those reads efficiently. Option D is wrong because VolumeThroughputPercentage is not a standard CloudWatch metric for EBS; the correct throughput-related metric is VolumeThroughput (bytes per second), and even that does not directly indicate queuing or saturation.

71
MCQhard

Refer to the exhibit. An SAP administrator runs the AWS CLI command and receives the output shown. The SAP application server (instance i-0abcd1234) is in 'running' state, but the SAP application is not reachable. The security group allows inbound traffic on port 3200. What is the MOST likely cause of the issue?

A.The network ACL for the subnet is blocking outbound traffic.
B.The instance is in a stopped state.
C.The security group inbound rule for port 3200 is not applied to the instance.
D.The operating system firewall on the instance is blocking port 3200.
AnswerD

OS firewall can block traffic even if security group allows it.

Why this answer

Option D is correct because the instance is in 'running' state and the security group allows inbound traffic on port 3200, yet the SAP application is unreachable. This indicates a host-level firewall (e.g., iptables, firewalld, or Windows Firewall) on the SAP application server is blocking inbound connections to port 3200, which operates independently of AWS security groups and network ACLs.

Exam trap

The trap here is that candidates often assume security group rules are the sole determinant of traffic flow, forgetting that the OS firewall on the instance can independently block traffic even when AWS-level permissions are correctly configured.

How to eliminate wrong answers

Option A is wrong because network ACLs are stateless and affect traffic at the subnet level, but the security group already allows inbound traffic on port 3200, and the instance is running; outbound traffic blocking would not prevent inbound connections to the instance. Option B is wrong because the AWS CLI output explicitly shows the instance is in 'running' state, not 'stopped'. Option C is wrong because the question states the security group allows inbound traffic on port 3200, and the security group is associated with the instance; if it were not applied, the instance would still be reachable via other rules or default deny, but the issue is specific to port 3200 being blocked at the OS level.

72
Multi-Selectmedium

Which THREE of the following are valid disaster recovery strategies for SAP on AWS? (Choose 3)

Select 3 answers
A.Maintain a cold standby environment in another Region
B.AWS RDS Multi-AZ deployment for SAP HANA
C.SAP backup to Amazon S3 with cross-region replication
D.Cross-region Amazon EBS snapshot copy and restore
E.SAP HANA System Replication across AWS Regions
AnswersC, D, E

Ensures backup availability in another region.

Why this answer

Options A, D, and E are correct. A: HANA System Replication provides near-sync replication to another region. D: EBS Snapshots to another region enable restore.

E: SAP Backup to S3 with cross-region replication ensures offsite backup. B is wrong because Multi-AZ for RDS is not applicable to HANA. C is wrong because cold standbys are not recommended; saves cost but recovery time is long.

73
MCQmedium

An SAP application running on an EC2 instance is experiencing high latency during peak hours. The instance is in a private subnet with a NAT Gateway for outbound internet. Which action would most effectively reduce latency for SAP users?

A.Increase the EC2 instance size to a larger type with more CPU and memory.
B.Move the instance to a public subnet and assign a public IP address.
C.Replace the NAT Gateway with an Internet Gateway.
D.Enable EBS optimization on the instance.
AnswerA

Larger instance type directly improves compute performance, reducing application latency.

Why this answer

Option A is correct because increasing instance size provides more CPU and memory, directly reducing processing latency. Option B is wrong because NAT Gateway is for outbound traffic, not inbound latency. Option C is wrong because EBS optimization helps disk I/O, not network latency.

Option D is wrong because changing subnet does not affect performance.

74
MCQmedium

Your company is running SAP Business Suite on Oracle on AWS. The database is hosted on an EC2 instance with EBS volumes configured as RAID 0 for performance. You are planning to migrate to SAP HANA on AWS. The new HANA database will be hosted on a single EC2 instance with EBS io2 volumes. You need to ensure minimal downtime during the migration. Which approach should you take?

A.Use SAP HANA System Replication (HSR) with DMO to replicate data while the source is running, then perform a final cutover.
B.Use AWS Database Migration Service (DMS) to continuously replicate from Oracle to HANA.
C.Use SAP Landscape Management (LaMa) to automate the migration with minimal downtime.
D.Perform a classic migration using SAP Software Update Manager (SUM) with database migration option (DMO) in a single step, stopping the source system.
AnswerA

HSR with DMO allows minimal downtime by replicating changes during the migration.

Why this answer

Option C is correct because using SAP HANA System Replication with a DMO migration allows near-zero downtime by replicating data while the source system is running. Option A (cold migration) causes extended downtime. Option B (AWS DMS) is not suitable for migrating from Oracle to HANA as it does not support HANA as a target.

Option D (SAP LaMa) can assist but does not directly provide near-zero downtime migration.

75
MCQmedium

An SAP application running on AWS is experiencing high latency for database write operations. The system uses SAP ASE on Amazon EC2 with gp2 EBS volumes. Which change is most likely to improve write performance?

A.Move database write logs to Amazon S3 for better throughput.
B.Migrate to io1/io2 EBS volumes with provisioned IOPS.
C.Migrate to gp3 EBS volumes with higher baseline performance.
D.Use instance store volumes for database data files.
AnswerB

Provisioned IOPS volumes are designed for consistent, low-latency database workloads.

Why this answer

Option B is correct because io1/io2 volumes provide consistent IOPS performance suitable for database workloads. Option A is wrong because gp3 may still not guarantee low latency writes. Option C is wrong because instance store is ephemeral and data is lost on stop/termination.

Option D is wrong because S3 is object storage, not block storage for database.

Page 1 of 24

Page 2