AWS Certified SAP on AWS Specialty PAS-C01 (PAS-C01) — Questions 826900

1733 questions total · 24pages · All types, answers revealed

Page 11

Page 12 of 24

Page 13
826
MCQeasy

An SAP customer has deployed SAP HANA on AWS using an r5.12xlarge instance with 16 EBS io1 volumes for data and log. The system is running in production. The operations team receives an alert that one of the EBS volumes has failed (status check failed). The volume is part of the RAID 0 stripe for the data volume. What should they do to recover the system with minimal data loss?

A.Detach the failed volume, attach a new identical volume, and rebuild the RAID array.
B.Contact AWS Support to recover the data from the failed EBS volume.
C.Increase the size of the remaining volumes to compensate for the lost capacity.
D.Restore the HANA database from the latest backup to a new set of EBS volumes.
AnswerD

Restoring from backup ensures data consistency and recovery with minimal loss.

Why this answer

Option D is correct because since the failed volume is part of a RAID 0 stripe, the entire stripe is compromised. Restoring from the most recent backup is the safest way to recover with minimal data loss. Option A (replace volume and rebuild RAID) may not work because RAID 0 has no redundancy.

Option B (AWS Support) may help but not recover data directly. Option C (increase volume size) does not fix the failed volume.

827
MCQmedium

An SAP system administrator wants to monitor the CPU and memory usage of SAP HANA database instances. Which AWS service should be used to collect and visualize these metrics?

A.AWS CloudTrail
B.Amazon CloudWatch Agent
C.AWS Systems Manager Run Command
D.Amazon CloudWatch metrics
AnswerB

Collects memory and disk metrics from EC2 instances.

Why this answer

Option D is correct because CloudWatch Agent can collect memory metrics. Option A is wrong as CloudWatch metrics by default do not include memory. Option B is wrong as Systems Manager Run Command is for executing scripts.

Option C is wrong because CloudTrail is for API auditing.

828
Multi-Selecteasy

A company runs SAP on AWS and uses CloudWatch for monitoring. They want to set up an alarm that notifies the operations team when the CPU utilization of their SAP application server exceeds 90% for 5 consecutive minutes. Which THREE components are required to achieve this? (Select THREE.)

Select 3 answers
A.AWS CloudTrail to log the alarm actions.
B.A CloudWatch alarm configured with the metric and threshold.
C.An Amazon SNS topic to send the notification.
D.An AWS Lambda function to process the alarm.
E.A CloudWatch metric for CPU utilization.
AnswersB, C, E

The alarm triggers when the threshold is breached.

Why this answer

Options A, B, and D are correct. Option A: A CloudWatch metric is needed. Option B: A CloudWatch alarm is needed.

Option D: An SNS topic is needed to send notifications. Option C is wrong because a Lambda function is not required. Option E is wrong because CloudTrail is not needed.

829
MCQmedium

A company is migrating a legacy application to AWS. The application requires a static IP address that must not change after migration. Which networking component should be used to ensure the application's public IP remains consistent?

A.Elastic IP address
B.Internet Gateway
C.VPC Peering
D.NAT Gateway
AnswerA

Provides a static public IP that can be remapped.

Why this answer

An Elastic IP address is a static public IPv4 address that can be associated with an EC2 instance or a Network Load Balancer. Option A (Internet Gateway) is used for VPC internet access but does not provide a static IP. Option B (NAT Gateway) is for outbound traffic.

Option D (VPC Peering) is for connecting VPCs.

830
MCQmedium

A company runs SAP on AWS and wants to reduce costs by stopping non-production instances during off-hours. Which AWS service can automatically start and stop EC2 instances on a schedule?

A.AWS Systems Manager Maintenance Windows
B.AWS Instance Scheduler
C.Amazon CloudWatch Alarms
D.EC2 Auto Scaling
AnswerB

Instance Scheduler automates start/stop on a schedule.

Why this answer

Option D is correct because AWS Instance Scheduler is a solution that automatically starts and stops instances based on a schedule. Option A is wrong because EC2 Auto Scaling is for scaling, not scheduling. Option B is wrong because Systems Manager Maintenance Windows are for patching, not instance scheduling.

Option C is wrong because CloudWatch Alarms can trigger actions but not complex schedules.

831
MCQeasy

A company is migrating an on-premises Oracle database to Amazon RDS for Oracle. They need to minimize downtime and ensure data consistency. Which AWS service should be used for the initial data load?

A.AWS Database Migration Service (AWS DMS)
B.AWS Snowball Edge
C.AWS Schema Conversion Tool (AWS SCT)
D.AWS DataSync
AnswerA

AWS DMS supports full load and ongoing replication for minimal downtime.

Why this answer

AWS DMS can perform a full load and then ongoing replication to keep the target in sync, minimizing downtime. AWS SCT helps with schema conversion but not data transfer. AWS DataSync is for file data, not databases.

AWS Snowball is for large offline data transfer but not suitable for minimal downtime with replication.

832
MCQhard

A company is running SAP HANA on AWS and needs to ensure that the system can be restored to a specific point in time within the last 24 hours with minimal data loss. The database is 2 TB in size. Which backup strategy meets these requirements with the lowest cost?

A.Configure S3 Transfer Acceleration for faster backup uploads.
B.Use a script to copy HANA backup files to S3 every 15 minutes.
C.Use AWS Backup with a daily backup and a 24-hour retention policy, enabling point-in-time recovery.
D.Take hourly EBS snapshots of all HANA volumes and retain them for 24 hours.
AnswerC

AWS Backup supports PITR for HANA and is cost-effective with daily backups.

Why this answer

Option C is correct because AWS Backup for SAP HANA supports continuous backups and point-in-time recovery (PITR) with a 24-hour retention, meeting the requirement for minimal data loss. This managed service automates log backups every 5 minutes, enabling restore to any second within the retention window, and is more cost-effective than custom scripting or frequent EBS snapshots due to its incremental, deduplicated backup storage and no need for additional compute resources.

Exam trap

The trap here is that candidates often choose hourly EBS snapshots (Option D) thinking they are cheaper and simpler, but they overlook the high cost of frequent snapshots for a 2 TB database and the lack of application-consistent, point-in-time recovery, which is critical for SAP HANA.

How to eliminate wrong answers

Option A is wrong because S3 Transfer Acceleration only speeds up uploads to S3 but does not provide any backup or point-in-time recovery capability; it addresses network latency, not backup strategy. Option B is wrong because copying HANA backup files to S3 every 15 minutes requires custom scripting, manual orchestration, and does not guarantee consistent point-in-time recovery across all data files; it also incurs higher storage costs for full backups and lacks native integration with HANA's log backup chain. Option D is wrong because hourly EBS snapshots of all HANA volumes (2 TB) would be extremely costly due to the high frequency and large volume size, and EBS snapshots are crash-consistent, not application-consistent, risking data corruption for SAP HANA; they also do not support granular point-in-time recovery to a specific second within the last 24 hours.

833
MCQmedium

A company runs SAP on AWS and uses AWS Direct Connect for on-premises connectivity. The operations team notices that the SAP system is experiencing high latency when accessing an on-premises database. The network team confirms that the Direct Connect link is not saturated. What is the most likely cause of the high latency?

A.The traffic is traversing a transit VPC with additional NAT instances
B.The Direct Connect link is using a public VIF instead of a private VIF
C.The Direct Connect bandwidth is insufficient
D.The on-premises network is using a VPN over the Direct Connect link
AnswerA

Additional hops in a transit VPC increase latency.

Why this answer

If the Direct Connect link is not saturated, the issue could be routing inefficiency. A transit VPC with EC2 instances acting as NAT or proxy can introduce additional hops and latency. VPN over Direct Connect is not relevant.

MPLS is the underlying technology for Direct Connect. Increasing bandwidth does not reduce latency caused by routing.

834
MCQmedium

A company is migrating its SAP Business Suite system from on-premises to AWS. The system uses a Sybase ASE database. The migration team has limited Sybase expertise. They want to minimize the operational overhead after migration. Which database migration approach should they choose?

A.Use AWS MGN to replicate the entire Sybase server to EC2, then perform a system upgrade to SAP HANA.
B.Use SAP Software Update Manager (SUM) with Database Migration Option (DMO) to migrate the system to SAP HANA on EC2.
C.Use AWS DataSync to copy the Sybase data files to EBS and attach to an EC2 instance running Sybase.
D.Use AWS DMS to migrate the Sybase database to Amazon RDS for Sybase.
AnswerB

DMO allows migrating from Sybase to HANA as part of a system update, reducing overhead and leveraging SAP expertise.

Why this answer

SAP supports Sybase ASE to SAP HANA migration as part of SAP Business Suite on HANA. Migrating to SAP HANA on AWS is a strategic move and reduces complexity. Using DMS for Sybase to RDS for Sybase is possible but Sybase ASE on RDS is not a managed service; it's an EC2-based deployment.

Option C is correct because moving to HANA is a common SAP migration path and reduces overhead. Option A is wrong because DMS cannot migrate to Sybase on RDS (RDS supports Sybase? Actually RDS does not support Sybase; only EC2). Option B is wrong because using AWS MGN for the database server retains Sybase on EC2, not reducing overhead.

Option D is wrong because DataSync is not for database replication.

835
MCQmedium

A company is migrating a SAP database to Amazon RDS. The IAM policy shown in the exhibit is attached to a user. Which action is allowed by this policy?

A.Create a new RDS instance.
B.Modify the production SAP RDS instance.
C.Delete the production SAP RDS instance.
D.Only read RDS instances.
AnswerB

Modify is allowed under rds:*.

Why this answer

Option D is correct because the policy allows rds:* on all resources except the specific deny on DeleteDBInstance for the prod-sap-db. Therefore, the user can modify the production database. Option A is wrong because the deny on DeleteDBInstance for prod-sap-db prevents deletion.

Option B is wrong because the policy does not restrict to read-only. Option C is wrong because the policy does allow some write actions.

836
MCQhard

A company is migrating an SAP ERP system to AWS and needs to minimize downtime during the cutover. The database is SAP ASE. Which migration strategy is most appropriate?

A.Use SAP ASE replication to replicate data to an EC2 instance running ASE, then cut over.
B.Create a nightly backup of the on-premises database, copy to AWS, and restore.
C.Perform a full database export from on-premises and import into Amazon RDS for ASE.
D.Use AWS Database Migration Service (DMS) with ongoing replication.
AnswerA

ASE replication provides near-zero downtime migration.

Why this answer

Option D is correct because ASE replication can keep the target in sync and allow a fast cutover with minimal downtime. Option A is wrong because AWS DMS does not support ASE as a source. Option B is wrong because export/import requires downtime during export.

Option C is wrong because copying EBS snapshots requires downtime for consistent snapshot.

837
MCQhard

A company is migrating an SAP ERP system to AWS. The SAP application runs on a Windows Server with an MSSQL database. The migration must be completed within a strict 4-hour downtime window. The current database is 500 GB. Which migration strategy should be used to meet the downtime requirement?

A.Use SAP SWPM export/import to migrate the database
B.Use an SAP-certified backup/restore tool (e.g., Commvault) to restore to Amazon EC2 with MSSQL
C.Use AWS DMS with ongoing replication, then cutover
D.Use AWS CloudEndure Migration to replicate the entire server
AnswerB

Backup/restore can be faster and is supported for MSSQL on EC2.

Why this answer

Using SAP HANA System Replication is not applicable because the source is MSSQL. Option A is incorrect because SAP SWPM export/import is time-consuming and may exceed 4 hours. Option B is incorrect because AWS DMS may not fully support SAP-specific schemas and could have compatibility issues.

Option D is incorrect because AWS CloudEndure Migration is for server migration, not database-specific optimized transfer.

838
MCQhard

An SAP administrator created the IAM policy above for an EC2 instance role used by SAP HANA Backint agent. The backup to S3 fails with access denied. What is the likely cause?

A.The policy grants permissions on objects but not on the bucket itself. For s3:PutObject and s3:GetObject, a bucket-level permission is also required for some operations.
B.The policy does not allow s3:PutObject.
C.The policy does not allow ec2:CreateSnapshot.
D.The policy does not allow s3:ListBucket.
AnswerA

The resource ARN for S3 actions should include the bucket ARN for bucket-level operations.

Why this answer

The policy grants s3:PutObject and s3:GetObject on objects within the bucket (using the "arn:aws:s3:::bucket-name/*" resource), but does not include a bucket-level permission such as s3:PutObject or s3:GetObject on the bucket itself ("arn:aws:s3:::bucket-name"). For certain S3 operations, including multipart uploads and object writes that require bucket-level authorization checks, the IAM policy must explicitly allow the action on both the bucket and the object ARN. Without this, the SAP HANA Backint agent fails with access denied.

Exam trap

The trap here is that candidates assume s3:PutObject on the object ARN is sufficient, overlooking the requirement for bucket-level permissions on the same action for operations like multipart uploads or bucket-level condition checks.

How to eliminate wrong answers

Option B is wrong because the policy explicitly includes s3:PutObject on the object ARN, so the failure is not due to a missing s3:PutObject action. Option C is wrong because the question is about S3 backup failure, not EC2 snapshots; ec2:CreateSnapshot is irrelevant to the Backint agent's S3 access. Option D is wrong because s3:ListBucket is not required for the PutObject and GetObject operations used by the Backint agent; the error is caused by missing bucket-level permissions, not the ListBucket action.

839
MCQeasy

An SAP system is running on AWS and needs to be accessible over the internet securely. Which AWS service should be used to provide secure remote access for administrators?

A.Set up an AWS Site-to-Site VPN connection from the corporate network
B.Use AWS Systems Manager Session Manager
C.Use Amazon WorkSpaces to provide a virtual desktop for administrators
D.Configure the EC2 instance in a public subnet with SSH access from the internet
AnswerB

Session Manager provides secure, audited shell access without opening inbound ports.

Why this answer

Option C is correct because AWS Systems Manager Session Manager allows secure shell access without bastion hosts. Option A is wrong because a public subnet with SSH from the internet is insecure. Option B is wrong because a VPN connection is for site-to-site, not remote admin.

Option D is wrong because Amazon WorkSpaces is a virtual desktop, not a remote administration tool for SAP.

840
MCQmedium

An SAP Basis administrator notices that the SAP system's response time is increasing during peak hours. The system uses an SAP NetWeaver application server on EC2 and an SAP HANA database on a separate EC2 instance. CloudWatch metrics show that the application server's CPU utilization is at 80% and the database server's CPU is at 30%. The application server is an m5.2xlarge, and the database is an r5.2xlarge. The administrator checks the SAP work process overview and sees that all dialog work processes are busy. What should the administrator do to resolve the performance issue?

A.Increase the database server's CPU capacity by changing to a larger instance type.
B.Increase the instance size of the application server to a compute-optimized type.
C.Add another application server to the system and distribute the load.
D.Increase the number of dialog work processes in the SAP application server profile.
AnswerD

Adding more work processes allows handling more concurrent requests.

Why this answer

Option B is correct because the symptom is all work processes busy, indicating a need for more work processes. Option A is wrong because increasing CPU may not help if the bottleneck is work process count. Option C is wrong because the database is not the bottleneck.

Option D is wrong because scaling out is more complex.

841
MCQmedium

A company is migrating its SAP ERP system to AWS. The system requires high availability for the SAP central services (ASCS) and must support automatic failover. Which AWS architecture should the company use to meet these requirements?

A.Configure a Network Load Balancer in front of two ASCS instances in different Availability Zones.
B.Use Amazon RDS Multi-AZ to host the SAP central services.
C.Deploy ASCS on an EC2 instance in an Auto Scaling group with a lifecycle hook that triggers a Lambda function to reattach the ASCS cluster resources.
D.Run ASCS on a single EC2 instance in a single Availability Zone with an Elastic IP address.
AnswerC

This provides automated failover and high availability for ASCS.

Why this answer

Option A is correct because an Auto Scaling group with a lifecycle hook and custom AMI can automate the recovery of ASCS after a failure, ensuring high availability. Option B is wrong because a multi-AZ RDS instance is for databases, not ASCS. Option C is wrong because a Network Load Balancer distributes traffic but does not provide automatic failover for ASCS.

Option D is wrong because a single EC2 instance in one AZ offers no high availability.

842
Multi-Selecteasy

A company is migrating an SAP HANA database to AWS. Which TWO of the following are valid options for running SAP HANA on AWS? (Choose 2)

Select 2 answers
A.Amazon RDS for SAP HANA
B.Amazon EC2 instances with Amazon EBS storage
C.AWS Lambda
D.AWS Fargate
E.AWS HANA Large Instances (bare metal)
AnswersB, E

EC2 with EBS is a common deployment option.

Why this answer

SAP HANA can run on EC2 instances with EBS or on AWS HANA Large Instances. RDS for SAP HANA is not available. Lightsail is not suitable for HANA.

Fargate is for containers.

843
MCQeasy

A company has deployed SAP S/4HANA on AWS using a single EC2 instance for the HANA database. The database volume is an EBS io1 volume with 5,000 provisioned IOPS. The company wants to implement a high availability (HA) solution for the database using SAP HANA System Replication (HSR) with automatic failover. They plan to use a second EC2 instance in a different Availability Zone. The database administrator is concerned about data consistency during replication. Which additional AWS service should be used to ensure data consistency and minimize data loss during failover?

A.AWS Backup to schedule backups of the HANA database.
B.AWS Database Migration Service (DMS) to continuously replicate data.
C.Amazon EBS snapshots to capture point-in-time copies of the data volume.
D.Amazon Route53 with health checks to automatically redirect traffic to the standby instance.
AnswerD

Route53 can provide DNS failover with health checks.

Why this answer

Option C is correct because Elastic Load Balancing with a TCP listener can be used to front the HSR traffic and provide a floating IP. Alternatively, Amazon Route53 with health checks can redirect clients. Option A (EBS snapshots) are for backup, not replication.

Option B (AWS Backup) is not for replication. Option D (DMS) is for migration.

844
MCQmedium

An organization runs SAP ERP on AWS with an SAP HANA database. The database is deployed on an EC2 instance with EBS storage. The company is planning to upgrade the HANA database from version 2.0 to 2.0 SPS 05. The upgrade process requires a system copy to a new instance. The company wants to minimize the downtime during the upgrade and ensure that the existing system remains available until the new system is ready. The current HANA instance has 1 TB of data. The company has a test environment that can be used for the upgrade. Which approach should the company take to minimize downtime?

A.Use SAP HANA Studio to export the production database to a file, import it into a new instance, and upgrade. Then redirect users to the new instance.
B.Perform the upgrade directly on the production HANA instance during a maintenance window.
C.Take a full backup of the production HANA database, restore it to a new instance, and perform the upgrade on the new instance. Then switch DNS to the new instance.
D.Set up SAP HANA System Replication from the production instance to a new instance. Perform the upgrade on the replica. Once upgraded, perform a takeover to make the new instance the primary.
AnswerD

Replication allows the production system to stay online; takeover is quick.

Why this answer

Option D is correct because SAP HANA System Replication allows you to replicate data from the production instance to a new instance in near real-time. You can then perform the upgrade on the replica while the production system remains fully available. Once the upgrade is complete and validated, a takeover operation promotes the replica to primary, minimizing downtime to just the seconds required for the takeover and DNS switch.

Exam trap

The trap here is that candidates often choose Option C (backup and restore) because it seems straightforward, but they overlook that it does not keep the new instance synchronized with ongoing production changes, resulting in longer downtime than the replication-based approach.

How to eliminate wrong answers

Option A is wrong because exporting and importing 1 TB of data via SAP HANA Studio is a slow, manual process that would cause significant downtime, not minimize it. Option B is wrong because performing the upgrade directly on the production HANA instance would require taking the system offline for the entire upgrade duration, resulting in unacceptable downtime. Option C is wrong because taking a full backup and restoring it to a new instance is time-consuming for 1 TB of data, and the restore process does not keep the new instance synchronized with ongoing changes, so the switchover would still require a final outage to apply any delta.

845
Multi-Selectmedium

A company is planning to migrate a critical application to AWS using the 7 Rs migration strategy. The application is currently running on a large VMware VM. Which THREE strategies are appropriate for this migration? (Choose three.)

Select 3 answers
A.Rehost: Use AWS VM Import/Export to migrate the VM to EC2
B.Retire: Decommission the application as it is no longer needed
C.Refactor: Re-architect the application to use microservices
D.Replatform: Migrate to Amazon RDS for the database layer
E.Retain: Keep the application on-premises
AnswersA, C, D

Direct lift-and-shift of the VM.

Why this answer

Rehost (A) is appropriate because AWS VM Import/Export allows you to migrate VMware VMs directly to Amazon EC2 as AMIs, enabling a lift-and-shift migration with minimal changes. This is a core 7 Rs strategy for moving existing virtualized workloads to AWS.

Exam trap

The trap here is that candidates may confuse Retire with decommissioning an application that is still needed, or assume Retain is a valid migration strategy when the requirement is to move to AWS.

846
MCQeasy

A company is designing an SAP HANA disaster recovery (DR) solution on AWS. The primary site is in us-east-1, and the DR site is in us-west-2. The RPO must be less than 15 minutes, and the RTO must be less than 2 hours. Which replication strategy meets these requirements?

A.SAP HANA log shipping to an S3 bucket in the DR region.
B.S3 cross-region replication for HANA data files.
C.SAP HANA system replication with synchronous mode and pre-provisioned DR instances.
D.EBS snapshot replication to the DR region every 15 minutes.
AnswerC

Synchronous replication meets RPO; pre-provisioned instances reduce RTO.

Why this answer

SAP HANA system replication with synchronous mode ensures that every committed transaction is replicated to the DR site before acknowledgment, meeting the <15-minute RPO. Pre-provisioned DR instances in us-west-2 allow rapid failover, enabling the <2-hour RTO by eliminating the need to provision infrastructure during recovery.

Exam trap

Cisco often tests the misconception that any replication method with a 15-minute interval (like EBS snapshots or S3 replication) automatically meets a <15-minute RPO, ignoring the time required for snapshot finalization, transfer, and restoration, which pushes the actual RPO beyond the requirement.

How to eliminate wrong answers

Option A is wrong because SAP HANA log shipping to an S3 bucket in the DR region introduces significant latency and does not provide automatic failover, making it impossible to achieve a <15-minute RPO and <2-hour RTO. Option B is wrong because S3 cross-region replication for HANA data files only replicates static files, not the live transaction logs or in-memory state, so it cannot meet the RPO requirement and does not support database-level recovery. Option D is wrong because EBS snapshot replication to the DR region every 15 minutes can only achieve at best a 15-minute RPO (and often longer due to snapshot finalization), and restoring from snapshots requires manual steps that exceed the 2-hour RTO.

847
MCQmedium

During an SAP system migration to AWS, the team needs to ensure that the SAP application can automatically restart if the EC2 instance fails. Which combination of AWS services should they use?

A.AWS Elastic Beanstalk and Amazon RDS
B.Amazon EC2 Auto Scaling and Amazon CloudWatch
C.AWS Lambda and Amazon SQS
D.Amazon Route 53 and Elastic Load Balancing
AnswerB

Auto Scaling replaces unhealthy instances, and CloudWatch alarms can initiate recovery actions.

Why this answer

Option A is correct because Auto Scaling with a fixed instance count can automatically replace failed instances, and CloudWatch alarms can trigger recovery. Option B is wrong because Lambda does not natively restart instances. Option C is wrong because Route 53 health checks do not restart instances.

Option D is wrong because Elastic Beanstalk is for web applications, not SAP.

848
Multi-Selecthard

A company is running SAP HANA in a production environment on AWS. The database administrator wants to implement automated backups using AWS Backup. Which of the following are supported by AWS Backup for SAP HANA? (Select THREE.)

Select 3 answers
A.Amazon RDS databases
B.SAP HANA database backups
C.Amazon EBS volumes
D.Amazon EC2 instances
E.Amazon S3 buckets
AnswersA, C, D

AWS Backup supports RDS snapshots.

Why this answer

AWS Backup supports Amazon RDS databases, including Amazon RDS for SAP HANA, enabling automated backup management. This allows the database administrator to centralize backup policies and retention rules for RDS instances, which is a key requirement for SAP HANA production environments.

Exam trap

The trap here is that candidates may assume AWS Backup supports SAP HANA database backups directly, but it only supports the underlying infrastructure (EBS volumes, EC2 instances, RDS) and not the HANA application-level backup.

849
MCQmedium

An SAP system on AWS is experiencing performance issues. The system uses a shared file system (SAP transport directory) mounted from an NFS server. During migration, the team wants to improve performance and reduce complexity. Which AWS service should replace the NFS server?

A.Amazon S3 with S3FS
B.Amazon FSx for Windows File Server
C.AWS Storage Gateway (file gateway)
D.Amazon EFS
AnswerD

EFS provides a scalable, managed NFS file system that is ideal for SAP transport directories.

Why this answer

Option B is correct because Amazon EFS provides a scalable NFS file system that can be shared across multiple EC2 instances. Option A is wrong because Amazon S3 is not a file system. Option C is wrong because AWS Storage Gateway provides file shares but adds complexity.

Option D is wrong because Amazon FSx for Windows File Server is for Windows workloads, not SAP typically.

850
MCQmedium

Refer to the exhibit. An SAP administrator is creating an IAM policy for launching EC2 instances. Which instance type will the policy allow?

A.r5.16xlarge
B.r5.xlarge
C.r5.2xlarge
D.r5.4xlarge and r5.8xlarge
AnswerD

These are the only instance types allowed by the condition.

Why this answer

Option C is correct because the policy allows r5.4xlarge and r5.8xlarge instances. Option A is incorrect because r5.2xlarge is not listed. Option B is incorrect because r5.xlarge is not listed.

Option D is incorrect because r5.16xlarge is not listed.

851
MCQeasy

An SAP administrator is reviewing a CloudFormation template snippet shown in the exhibit. The template creates an EC2 instance for SAP. What is missing from the template to ensure the instance is placed in a specific subnet?

A.The SubnetId property is not specified in the NetworkInterface
B.The InstanceType is not suitable for SAP
C.The ImageId is invalid
D.The SecurityGroup reference is missing
AnswerA

SubnetId is required to place the instance in a subnet.

Why this answer

The template defines a network interface but does not specify a SubnetId. To place the instance in a specific subnet, the NetworkInterface must include a SubnetId property. Option B is correct.

The template already has a SecurityGroup reference. The ImageId is present. The instance type is specified.

852
MCQhard

An SAP administrator is setting up an S3 bucket to store SAP HANA backup files. The backups must be encrypted at rest using an AWS KMS customer managed key. Which bucket policy condition key should be used to enforce that only requests using KMS encryption with that specific key are allowed?

A.kms:EncryptionContext
B.s3:x-amz-server-side-encryption-aws-kms-key-id
C.s3:ServerSideEncryption
D.s3:x-amz-server-side-encryption
AnswerB

This condition key checks the specific KMS key ID used for encryption.

Why this answer

The s3:x-amz-server-side-encryption-aws-kms-key-id condition key allows restricting to a specific KMS key. Option B is wrong because s3:x-amz-server-side-encryption only checks if encryption is enabled, not the key. Option C is wrong because kms:EncryptionContext is for KMS actions, not S3.

Option D is wrong because s3:ServerSideEncryption is not a valid condition key.

853
MCQhard

A company is using AWS Database Migration Service (DMS) to migrate an SAP HANA database from on-premises to Amazon RDS for SAP HANA. The migration task fails with the error shown. Which step should the administrator take to resolve this?

A.Change the source database character set to ISO-8859-1.
B.Modify the DMS task to include character set conversion settings.
C.Create a new RDS instance with the correct character set.
D.Use AWS Server Migration Service (SMS) instead of DMS.
AnswerB

DMS supports character set conversion.

Why this answer

The error indicates a character set mismatch. DMS can convert character sets if configured properly. Option A is wrong because creating a new RDS instance takes time and may not be necessary if the target can be altered.

Option B is wrong because modifying the source is not practical. Option D is wrong because DMS can handle conversion; the task failed due to configuration.

854
MCQeasy

An SAP administrator wants to attach the EBS volume shown above to two EC2 instances running SAP HANA in a scale-out configuration. What is the issue?

A.The volume is gp3 type, which does not support Multi-Attach.
B.The volume size is too small for HANA scale-out.
C.SAP HANA scale-out does not support shared volumes.
D.The volume IOPS is insufficient.
AnswerA

Multi-Attach is only available on io1 and io2 volumes.

Why this answer

The gp3 volume type does not support the Multi-Attach feature, which is required to attach a single EBS volume to multiple EC2 instances simultaneously. For SAP HANA scale-out configurations, shared storage is necessary for the /hana/shared file system, and Multi-Attach is only supported on io1 and io2 block express volumes. Therefore, using a gp3 volume prevents the multi-attach capability needed for this architecture.

Exam trap

The trap here is that candidates assume gp3 is a general-purpose volume that supports all features, but AWS explicitly restricts Multi-Attach to io1 and io2 block express only, making this a common pitfall in SAP workload design questions.

How to eliminate wrong answers

Option B is wrong because the volume size (e.g., 1 TiB) is actually sufficient for SAP HANA scale-out; the issue is not size but the volume type's lack of Multi-Attach support. Option C is wrong because SAP HANA scale-out does support shared volumes (specifically for /hana/shared), and this is a documented requirement for scale-out deployments on AWS. Option D is wrong because IOPS is not the limiting factor; gp3 volumes can provision adequate IOPS, but they still cannot be attached to multiple instances due to the absence of Multi-Attach.

855
MCQmedium

A company has a CloudFormation stack that creates an EC2 instance with a custom AMI. The stack fails with the error 'Resource creation cancelled' during creation. The engineer checks the stack events and sees that the EC2 instance creation succeeded, but the subsequent creation of an EBS volume failed. What is the MOST likely reason for the failure?

A.The EC2 instance creation failed and then was cancelled
B.The EC2 instance had a DeletionPolicy of Retain, which prevented rollback
C.The EBS volume creation failed, causing the stack to roll back and cancel the instance
D.The EC2 instance depended on the EBS volume, and the dependency caused a timeout
AnswerC

If a subsequent resource fails, CloudFormation cancels previously created resources during rollback.

Why this answer

Option C is correct because when an EBS volume creation fails in a CloudFormation stack, the stack initiates a rollback of all previously created resources, including the EC2 instance. The 'Resource creation cancelled' error appears for the EC2 instance because its creation was successful but then undone during the rollback, not because it failed initially.

Exam trap

The trap here is that candidates misinterpret 'Resource creation cancelled' as a creation failure of the EC2 instance itself, rather than understanding it is a rollback cancellation of a previously successful resource.

How to eliminate wrong answers

Option A is wrong because the stack events explicitly show the EC2 instance creation succeeded, so the failure is not due to the instance itself. Option B is wrong because a DeletionPolicy of Retain only affects resource deletion during stack deletion, not rollback; during rollback, CloudFormation still terminates the instance regardless of the DeletionPolicy. Option D is wrong because the EC2 instance does not depend on the EBS volume in this scenario; the EBS volume is created after the instance, and a dependency would cause the instance to wait for the volume, not cancel the instance.

856
MCQeasy

An SAP HANA database is running on an EC2 instance with EBS volumes. The operations team needs to take nightly backups of the database. Which AWS service provides the most cost-effective backup solution for long-term retention?

A.Amazon S3 Glacier Deep Archive
B.Amazon EBS Snapshots
C.Amazon S3 Standard
D.AWS Backup
AnswerA

Glacier Deep Archive is the lowest cost storage for long-term backups.

Why this answer

Amazon S3 Glacier Deep Archive is the most cost-effective storage class for long-term retention of backups that are accessed infrequently. Amazon EBS Snapshots are stored in S3 but cost more for long-term retention. AWS Backup is a service but does not change storage class.

Amazon S3 Standard is expensive for long-term.

857
MCQhard

A company is migrating a large SAP landscape to AWS. The migration plan includes using AWS CloudEndure Migration for the application servers. However, the SAP database requires a different approach. Which database migration method is recommended for an SAP HANA database?

A.Use AWS Schema Conversion Tool (SCT) to convert the HANA schema.
B.Use AWS CloudEndure Migration for both application and database servers.
C.Use AWS DMS with Oracle as a source and HANA as target.
D.Use SAP HANA System Replication (HSR).
AnswerD

HSR is the native HANA replication method.

Why this answer

Option C is correct because SAP HANA System Replication (HSR) is the recommended method for migrating HANA databases with minimal downtime. Option A is wrong because CloudEndure is for block-level replication, not database-aware. Option B is wrong because DMS does not support HANA as a source.

Option D is wrong because SCT is not for HANA-to-HANA migration.

858
MCQmedium

An SAP administrator needs to monitor the disk I/O performance of EBS volumes attached to an SAP HANA instance. Which AWS service should be used to capture the average read latency and queue depth metrics?

A.AWS Config
B.AWS Health
C.Amazon CloudWatch
D.AWS CloudTrail
AnswerC

CloudWatch collects and provides metrics like AverageReadLatency and QueueDepth for EBS volumes.

Why this answer

Amazon CloudWatch provides the metrics necessary to monitor disk I/O performance, including `VolumeReadOps`, `VolumeQueueLength`, and `VolumeReadBytes` for EBS volumes. These metrics allow you to calculate average read latency (by dividing `VolumeReadBytes` by `VolumeReadOps`) and directly observe queue depth via `VolumeQueueLength`, making it the correct service for SAP HANA disk I/O monitoring.

Exam trap

The trap here is that candidates may confuse AWS CloudTrail (which logs API calls) with CloudWatch (which monitors performance metrics), or assume AWS Config or AWS Health provide operational performance data when they are designed for configuration auditing and service health notifications, respectively.

How to eliminate wrong answers

Option A is wrong because AWS Config is a service for evaluating, auditing, and recording configuration changes of AWS resources, not for capturing real-time performance metrics like disk latency or queue depth. Option B is wrong because AWS Health provides information about service health and events affecting your AWS infrastructure, but it does not expose granular EBS performance metrics. Option D is wrong because AWS CloudTrail records API activity and user actions for auditing and governance, not operational metrics such as I/O latency or queue depth.

859
MCQeasy

An SAP administrator runs the AWS CLI command shown. The output shows /dev/sdf. Which SAP HANA volume is typically mounted at this device?

A./hana/log
B./usr/sap
C./hana/data
D./hana/shared
AnswerC

The /dev/sdf device is typically assigned to the HANA data volume.

Why this answer

Option A is correct. The /dev/sdf device is commonly used for the /hana/data volume in SAP HANA on AWS. Option B is wrong because /hana/log is often /dev/sdg.

Option C is wrong because /usr/sap is typically /dev/sdh. Option D is wrong because /hana/shared is usually on EFS or another device.

860
MCQmedium

An organization is migrating their SAP ERP system to AWS and needs to set up a disaster recovery (DR) site in another AWS region. They want to use AWS Elastic Disaster Recovery (DRS) for SAP HANA. The source HANA system is running on-premises on a physical server. They have installed the DRS agent on the source server. During the initial replication, they notice that the data transfer is very slow. What should they do to improve replication speed?

A.Switch to asynchronous replication mode
B.Use Amazon RDS for HANA as the DR target instead of EC2
C.Increase the size of the staging area subnet
D.Increase the number of concurrent data streams in the DRS agent configuration
AnswerD

More streams can utilize available bandwidth better.

Why this answer

Option D is correct because DRS can use multiple parallel connections (concurrent streams) to improve throughput. Option A is wrong because RDS is a managed service, not for DR of on-premises HANA. Option B is wrong because increasing staging area size does not improve speed.

Option C is wrong because changing to asynchronous mode may cause data loss.

861
MCQeasy

A company wants to automate the backup of their SAP HANA database running on an EC2 instance. The backup should be stored in Amazon S3 and retained for 30 days. Which AWS service can be used to schedule and manage these backups?

A.AWS Lambda
B.Amazon S3 Lifecycle policies
C.AWS Storage Gateway
D.AWS Backup
AnswerD

AWS Backup automates backups and can store in S3.

Why this answer

Option A is correct because AWS Backup can be used to automate backups of EC2 instances and store in S3. Option B is wrong because AWS Storage Gateway is for hybrid storage. Option C is wrong because Amazon S3 Lifecycle policies manage object retention, not scheduling backups.

Option D is wrong because AWS Lambda can be used but requires custom code; AWS Backup is simpler.

862
Multi-Selecthard

A company is migrating a legacy application to AWS. The application requires a static IP address that does not change during instance stop/start. The application also needs to be highly available across two Availability Zones. Which THREE actions should the company take to meet these requirements?

Select 3 answers
A.Use a Network Load Balancer with an Elastic IP address
B.Allocate an Elastic IP address and associate it with the primary instance
C.Place the instances in a placement group to ensure high availability
D.Configure an Auto Scaling group across two Availability Zones
E.Use an Application Load Balancer to distribute traffic to the instances
AnswersA, B, D

NLB supports static IP via EIP and is highly available across AZs.

Why this answer

A Network Load Balancer (NLB) supports static IP addresses by allowing you to associate an Elastic IP address with each of its Availability Zone subnets. This provides a fixed entry point that does not change when backend instances are stopped or started, meeting the requirement for a static IP. Combined with an Auto Scaling group spanning two Availability Zones, the NLB ensures high availability by distributing traffic across healthy instances in both zones.

Exam trap

The trap here is that candidates often confuse the static IP capability of a Network Load Balancer with the DNS-based routing of an Application Load Balancer, or mistakenly think that a single Elastic IP on an instance provides high availability across zones.

863
MCQeasy

A company has an SAP HANA database running on an EC2 instance with a single 500 GB gp2 volume. The database is experiencing I/O bottlenecks. The operations team wants to increase IOPS without changing the volume size. Which action should they take?

A.Enable EBS optimization on the EC2 instance.
B.Change the volume type to st1 (throughput optimized).
C.Modify the volume to increase its size to 1,000 GB.
D.Attach an additional gp2 volume and use it for temporary data.
AnswerC

gp2 IOPS increase with volume size at a rate of 3 IOPS per GB.

Why this answer

Option A is correct because gp2 IOPS scale linearly with size; increasing volume size increases baseline IOPS. Option B is wrong because changing to st1 is not suitable for database workloads. Option C is wrong because enabling EBS optimization on the instance does not increase volume IOPS.

Option D is wrong because attaching additional volumes requires RAID configuration and may not be straightforward.

864
Multi-Selectmedium

A company is designing a disaster recovery plan for SAP S/4HANA on AWS. The plan must have a recovery point objective (RPO) of 15 minutes and a recovery time objective (RTO) of 2 hours. Which solutions can meet these requirements? (Choose TWO.)

Select 2 answers
A.Multi-AZ deployment of SAP HANA within the same region
B.SAP HANA log shipping to Amazon S3 every 15 minutes and restore in another region
C.Cross-Region Amazon S3 backup and restore using AWS Backup
D.Synchronous storage-level replication using EBS snapshots every 15 minutes and automated restore
E.SAP HANA system replication to a secondary region with automatic failover
AnswersD, E

With EBS snapshots every 15 minutes and automated restore in a secondary region, RPO of 15 minutes and RTO of 2 hours can be achieved.

Why this answer

SAP HANA system replication with synchronous replication can achieve RPO of seconds and RTO of minutes. Storage-level replication with EBS snapshots scheduled every 15 minutes can achieve RPO of 15 minutes, but RTO may be longer due to restore time. However, with pre-warmed instances and automation, RTO of 2 hours is achievable.

Log shipping to S3 may not meet RPO. Cross-Region Amazon S3 backup and restore is slower. Multi-AZ deployment in one region does not protect against region failure.

865
MCQhard

A company is using SAP HANA on AWS and needs to back up the database to Amazon S3. The backup must be encrypted at rest in S3. The company already uses AWS KMS for encryption. What is the MOST secure way to configure the backup?

A.Use SSE-KMS with a customer managed key and restrict key usage with key policies.
B.Use client-side encryption before uploading to S3.
C.Enable default S3 encryption with SSE-S3.
D.Use SSE-KMS with the AWS managed key for S3.
AnswerA

Provides control and integration with existing KMS.

Why this answer

Option D is correct because using a customer managed key with appropriate key policies ensures the backup is encrypted and access is controlled. Option A is wrong because SSE-S3 uses AWS-managed keys, not the company's KMS keys. Option B is wrong because SSE-C requires managing keys yourself, which is less integrated.

Option C is wrong because SSE-KMS with an AWS managed key does not allow the same level of control.

866
MCQhard

During the migration of an SAP ERP system to AWS, the SAP application team reports that after migrating the database to Amazon RDS for SAP HANA, batch jobs that previously ran in 2 hours now take 5 hours. The system uses AWS Direct Connect with adequate bandwidth. Which action is most likely to resolve this performance issue?

A.Enable Multi-AZ deployment for RDS.
B.Increase the RDS instance size and storage IOPS.
C.Reduce the automated backup retention period.
D.Increase the Direct Connect bandwidth.
AnswerB

Larger instance provides more CPU and memory for HANA.

Why this answer

SAP HANA on RDS uses a single-AZ deployment by default; enabling Multi-AZ adds a standby but does not improve performance. However, the most impactful change is increasing the instance size (compute and memory) to match the on-premises capacity. Option A is wrong because RDS Multi-AZ does not improve performance.

Option B is wrong because the bandwidth is already adequate. Option D is wrong because reducing backup retention does not affect runtime performance.

867
MCQhard

A company runs SAP BusinessObjects on AWS using multiple EC2 instances. The system uses a shared file system (EFS) for the repository and output files. Recently, users have reported that generating large reports takes much longer than usual. The SAP administrator checks the EFS metrics in CloudWatch and sees that the BurstCreditBalance is consistently near zero. The EFS file system is in General Purpose mode with default throughput settings. The current size of the file system is 500 GB. What should the administrator do to improve performance?

A.Migrate the EFS file system to EFS One Zone for better performance.
B.Enable Max I/O throughput mode on the EFS file system.
C.Switch to Provisioned Throughput mode and set a higher value.
D.Increase the size of the EFS file system by adding more data to it.
AnswerB

Max I/O provides higher throughput at scale.

Why this answer

Option B is correct because enabling Max I/O throughput mode increases the throughput baseline for larger file systems, providing more consistent performance. Option A is wrong because increasing EFS size does not directly improve burst credits; the burst model depends on size. Option C is wrong because using Provisioned Throughput would incur costs but may be appropriate; however, Max I/O is a better first step for a system that has exhausted burst credits.

Option D is wrong because transitioning to EFS One Zone does not improve throughput performance.

868
MCQmedium

A company runs SAP BusinessObjects on AWS and needs to scale the application tier based on CPU utilization. Which AWS service should be used to automatically add or remove EC2 instances?

A.AWS Elastic Load Balancing
B.AWS Lambda
C.AWS Auto Scaling
D.AWS CloudFormation
AnswerC

Auto Scaling can adjust instance count based on CPU metrics.

Why this answer

AWS Auto Scaling can automatically adjust the number of EC2 instances based on CloudWatch alarms for CPU utilization. AWS Elastic Load Balancing distributes traffic but does not scale instances. AWS Lambda is for serverless, not EC2 scaling.

AWS CloudFormation is for infrastructure provisioning, not auto-scaling.

869
MCQmedium

A company is designing an SAP HANA multi-node scale-out deployment on AWS. The system requires high bandwidth and low latency between nodes. Which AWS networking feature should be used to meet these requirements?

A.Elastic Fabric Adapter (EFA)
B.AWS Direct Connect
C.Transit Gateway
D.VPC Peering
AnswerA

EFA provides low-latency, high-bandwidth inter-instance communication required for HANA scale-out.

Why this answer

Elastic Fabric Adapter (EFA) is correct because it provides OS-bypass capabilities using the Libfabric API, enabling direct memory access (DMA) between SAP HANA nodes. This eliminates kernel overhead, delivering the high bandwidth (up to 100 Gbps per adapter) and ultra-low latency (microsecond-level) required for SAP HANA multi-node scale-out workloads, where inter-node communication is critical for table partitioning and data replication.

Exam trap

The trap here is that candidates confuse EFA with standard Elastic Network Adapters (ENA) or assume that any high-bandwidth network feature (like Direct Connect or Transit Gateway) can solve inter-node latency, when only EFA provides the OS-bypass and RDMA semantics required for SAP HANA scale-out performance.

How to eliminate wrong answers

Option B (AWS Direct Connect) is wrong because it is a dedicated network connection from on-premises to AWS, not an inter-node networking feature within a VPC; it does not reduce latency or increase bandwidth between SAP HANA compute nodes. Option C (Transit Gateway) is wrong because it is a hub-and-spoke router for connecting multiple VPCs and on-premises networks, not a high-performance, low-latency interconnect for tightly coupled compute nodes within the same VPC. Option D (VPC Peering) is wrong because it is a simple layer-3 connection between VPCs that still traverses the standard AWS network stack with kernel overhead, lacking the OS-bypass and RDMA capabilities needed for SAP HANA scale-out performance.

870
MCQhard

A company runs its SAP S/4HANA system on AWS using a multi-node HANA scale-out configuration. After a recent OS update, the application layer cannot connect to the HANA database. The HANA database processes are running, but the SAP application servers report 'communication failure' errors. Initial checks show that the security group rules allow traffic on the required ports. What is the MOST likely cause of the issue?

A.The DNS resolution is misconfigured after the OS update, causing hostname lookup failures.
B.The NTP synchronization is off, causing time drift and authentication errors.
C.The OS update has reset the iptables firewall rules, blocking internal HANA ports.
D.The SAP system is not correctly licensed for the new OS version.
AnswerC

OS updates can clear iptables rules, blocking required ports even if security groups allow traffic.

Why this answer

Option D is correct because after OS updates, the firewall (iptables) rules may be reset or changed, blocking HANA internal communication even if security groups are correct. Option A (incorrect SAP license) would cause license errors, not communication failure. Option B (incorrect DNS resolution) is possible but less likely if hostnames are in /etc/hosts.

Option C (NTP synchronization) would affect time, not connectivity.

871
Multi-Selecteasy

An organization runs SAP BusinessObjects on AWS and wants to improve the performance of report generation. The current environment uses EBS gp2 volumes. Which TWO changes could potentially reduce report generation time?

Select 2 answers
A.Increase the size of the EBS root volume.
B.Enable EBS optimization on the instance.
C.Configure automated snapshots of the EBS volumes.
D.Switch to EBS io2 Block Express volumes with higher IOPS.
E.Add more SAP BusinessObjects application servers to distribute the workload.
AnswersD, E

Higher IOPS improves data access speed.

Why this answer

Option D is correct because switching to EBS io2 Block Express volumes provides higher IOPS and lower latency compared to gp2 volumes, which directly improves the I/O performance for SAP BusinessObjects report generation that often involves heavy database and file system reads. Option E is correct because adding more SAP BusinessObjects application servers distributes the report generation workload across multiple nodes, reducing the processing bottleneck on a single server and decreasing overall generation time.

Exam trap

The trap here is that candidates often confuse EBS optimization (a prerequisite for dedicated bandwidth) with a performance-tuning feature, or assume that increasing volume size (Option A) is a valid performance improvement method, when in fact switching to a higher-performance volume type like io2 Block Express is the correct storage-level optimization.

872
MCQmedium

A company is deploying SAP on AWS and wants to ensure that the SAP system can automatically recover from an EC2 instance failure. Which AWS feature should be used?

A.Auto Scaling group with a scheduled scaling policy
B.Elastic Load Balancer health checks
C.EC2 Auto Recovery with CloudWatch alarms
D.Manual restart of the instance from the AWS Management Console
AnswerC

Auto Recovery automatically recovers the instance.

Why this answer

Option B is correct because EC2 Auto Recovery automatically recovers an instance if it becomes impaired. Option A requires manual intervention. Option C is for load balancing, not recovery.

Option D is for scaling, not recovery.

873
MCQeasy

During an SAP migration, the team needs to transfer a large number of small files (SAP transport requests) from on-premises to AWS. Which AWS service is most cost-effective for this transfer?

A.AWS Transfer Family (SFTP)
B.AWS Snowmobile
C.AWS DataSync
D.AWS Snowcone
AnswerD

Snowcone is a small, portable device for offline data transfer, suitable for smaller datasets.

Why this answer

Option B is correct because AWS Snowcone is a small, rugged device suitable for transferring small amounts of data or small files. Option A is wrong because AWS Snowmobile is for exabytes of data. Option C is wrong because AWS DataSync is for large datasets over network.

Option D is wrong because AWS Transfer Family is for file transfer workflows, not bulk data movement.

874
MCQmedium

An SAP administrator is setting up an SAP HANA system replication across two AWS Availability Zones (AZs). The primary and secondary instances use EBS volumes for data and log storage. What is the best practice for ensuring data consistency and minimizing data loss during a failover?

A.Take frequent EBS snapshots of the primary volume and restore them on the secondary.
B.Enable synchronous replication mode in SAP HANA.
C.Use asynchronous replication mode for better performance.
D.Configure the EBS volumes as Multi-Attach to allow both instances to access the same volume.
AnswerB

Synchronous replication ensures data consistency and minimal data loss.

Why this answer

SAP HANA synchronous replication mode ensures that a transaction is committed on both the primary and secondary instances before an acknowledgment is sent to the application. This guarantees zero data loss (RPO=0) during a failover, because the secondary always has an identical copy of the committed data. For cross-AZ deployments, this is the best practice to maintain data consistency while still providing high availability.

Exam trap

The trap here is that candidates often choose asynchronous replication (Option C) because they mistakenly prioritize performance over data consistency, failing to recognize that SAP HANA synchronous replication is the only mode that guarantees zero data loss across AZs in a system replication configuration.

How to eliminate wrong answers

Option A is wrong because EBS snapshots are point-in-time backups, not real-time replication; they introduce significant lag and cannot guarantee data consistency at the moment of failover, leading to potential data loss. Option C is wrong because asynchronous replication, while offering better performance, allows the secondary to lag behind the primary, which can result in data loss (RPO > 0) during a failover. Option D is wrong because EBS Multi-Attach does not support attaching a single volume to instances in different Availability Zones, and it does not provide the log-shipping or synchronization logic required for SAP HANA system replication.

875
MCQmedium

A company is migrating its SAP Business Warehouse (BW) system from on-premises to AWS. The system uses IBM DB2 as the database and is 2 TB in size. The company wants to use the SAP BW/4HANA version on AWS. The migration must be completed within a 72-hour window. The company has a 1 Gbps AWS Direct Connect connection. The migration team decides to use the SAP Software Update Manager (SUM) with the Database Migration Option (DMO) to migrate and upgrade to BW/4HANA. During the migration, they encounter an error that the source DB2 database has a tablespace that uses automatic storage and is larger than 2 TB. The SUM DMO tool stops with an error indicating insufficient space in the target SAP HANA database. The target SAP HANA system is provisioned with 1 TB of memory and 2 TB of disk storage. The team needs to proceed with the migration. Which action should the team take to resolve this issue?

A.Use AWS Database Migration Service (AWS DMS) to migrate the data directly to SAP HANA, bypassing SUM DMO.
B.Increase the disk storage of the SAP HANA instance to at least 2.5 TB to accommodate the migrated data.
C.Compress the DB2 database on the source side to reduce its size before migration.
D.Split the migration into two phases: migrate the data using AWS DMS first, then use SUM for the upgrade.
AnswerB

Increasing disk storage provides the necessary space for the migration.

Why this answer

The source database is larger than the target HANA disk storage. The team needs to increase the HANA disk size to accommodate the migration. Option B is wrong because splitting the migration into chunks is complex and not standard.

Option C is wrong because DB2 compression may not help if the issue is tablespace size. Option D is wrong because AWS DMS does not support HANA.

876
Multi-Selectmedium

Which TWO actions are recommended to ensure high availability for SAP NetWeaver on AWS? (Choose 2).

Select 2 answers
A.Use an Application Load Balancer with health checks to distribute traffic.
B.Use a single Availability Zone to reduce latency.
C.Take frequent EBS snapshots to ensure data durability.
D.Deploy SAP application instances in different Availability Zones.
E.Use t2 instance types to reduce cost.
AnswersA, D

ALB with health checks can route traffic away from unhealthy instances.

Why this answer

Placing instances in different Availability Zones (B) and using a load balancer with health checks (C) are best practices for high availability. Option A is wrong because single zone is not HA. Option D is wrong because t2 series are burstable and not recommended for production SAP.

Option E is wrong because EBS volumes are already durable; snapshots don't provide HA.

877
MCQeasy

A company plans to migrate its SAP ERP system to AWS. The system currently runs on IBM Db2 and uses a large amount of memory. The architect needs to choose an EC2 instance type that is SAP certified and provides high memory. Which instance family should the architect select?

A.c5.18xlarge
B.x1e.32xlarge
C.r5.24xlarge
D.i3.16xlarge
AnswerB

x1e instances are SAP-certified with up to 3,904 GiB of memory, suitable for large SAP systems.

Why this answer

The x1e.32xlarge instance is SAP-certified for high-memory workloads and is specifically designed for large in-memory databases like IBM Db2. It offers up to 3,904 GiB of memory, making it suitable for SAP ERP systems that require a large memory footprint. Other instance families like C5, R5, and I3 are not SAP-certified for high-memory SAP workloads or lack the necessary memory capacity.

Exam trap

The trap here is that candidates often confuse memory-optimized families (like R5) with SAP-certified high-memory families (like X1e), not realizing that SAP certification requires specific instance types that have passed SAP's validation for large memory configurations and database compatibility.

How to eliminate wrong answers

Option A is wrong because the C5 instance family is compute-optimized and not SAP-certified for high-memory workloads; it lacks the memory capacity required for large SAP ERP systems on Db2. Option C is wrong because the R5 instance family is memory-optimized but not SAP-certified for the high-memory requirements of this scenario; it offers less memory per vCPU compared to the X1e family and is not listed in the SAP AWS certified instances for large memory configurations. Option D is wrong because the I3 instance family is storage-optimized for high I/O workloads (e.g., NVMe SSD) and is not designed for high-memory SAP applications; it is not SAP-certified for memory-intensive ERP systems.

878
MCQmedium

A company runs SAP on AWS and wants to reduce costs for non-production environments that are used only during business hours (8 AM to 6 PM). Which action should the administrator take to minimize costs without losing data?

A.Convert the instances to Reserved Instances
B.Terminate the instances after business hours
C.Downsize the instance types to the smallest available
D.Stop the instances during non-business hours and use Amazon EBS snapshots for backup
AnswerD

Stopping instances reduces cost; snapshots preserve data.

Why this answer

Option D is correct because stopping instances when not in use reduces costs, and using Amazon EBS snapshots for backup preserves data. Option A is wrong because reducing instance size may impact performance. Option B is wrong because converting to Reserved Instances is for steady-state usage.

Option C is wrong because terminating instances loses data.

879
MCQmedium

A company runs a production application on EC2 instances behind an Application Load Balancer. The instances are in an Auto Scaling group across three Availability Zones. The operations team notices that during a recent deployment, a small percentage of instances failed health checks and were replaced, causing a brief increase in error rates. What is the MOST effective way to reduce deployment-related errors?

A.Use a lifecycle hook to delay instance registration until a script completes.
B.Increase the health check interval on the ALB to reduce rapid replacements.
C.Configure the Auto Scaling group with a warm-up time in the instance refresh settings.
D.Increase the desired capacity of the Auto Scaling group to absorb failures.
AnswerC

Warm-up time ensures new instances pass health checks before receiving traffic.

Why this answer

Option C is correct because configuring a warm-up time in the Auto Scaling group's instance refresh settings ensures that newly launched instances are fully initialized and pass health checks before they start receiving traffic. This prevents brief error spikes during deployments by allowing instances to stabilize before being marked as healthy and added to the ALB target group.

Exam trap

The trap here is that candidates often confuse lifecycle hooks (which handle initialization before registration) with warm-up times (which control the gradual introduction of traffic after registration), leading them to pick Option A instead of the correct C.

How to eliminate wrong answers

Option A is wrong because lifecycle hooks delay instance registration until a script completes, but they do not control the rate at which instances are replaced during a deployment or provide a gradual ramp-up of traffic; they only ensure initialization before registration. Option B is wrong because increasing the health check interval on the ALB would slow down the detection of genuinely unhealthy instances, potentially increasing error rates rather than reducing them, and does not address the root cause of premature traffic routing during deployment. Option D is wrong because increasing the desired capacity of the Auto Scaling group does not prevent deployment-related errors; it only adds more instances, which could mask the problem but not fix the underlying issue of instances being marked healthy before they are ready.

880
MCQeasy

An SAP administrator is creating an IAM policy for an automation script that needs to start and stop a specific SAP HANA EC2 instance. The policy is shown in the exhibit. However, the script fails with an authorization error when trying to start the instance. What is the most likely cause?

A.The policy is missing an effect for the specific instance.
B.The policy does not include ec2:DescribeInstances action.
C.The ARN in the resource element does not match the actual instance ID.
D.The script does not have the correct region specified.
AnswerC

The instance ID in the policy is likely different from the actual instance.

Why this answer

The policy uses a resource ARN that specifies a particular instance ID. If the ARN does not match the actual instance ID of the SAP HANA EC2 instance, the `ec2:StartInstances` action will fail with an authorization error because IAM evaluates the resource ARN against the instance being started. AWS IAM policies require an exact match between the resource ARN in the policy and the instance ID for actions that operate on specific resources.

Exam trap

The trap here is that candidates often overlook the exact ARN matching requirement and assume the error is due to missing permissions or region misconfiguration, rather than a simple mismatch in the instance ID within the resource element.

How to eliminate wrong answers

Option A is wrong because the policy already includes an 'Allow' effect for the `ec2:StartInstances` and `ec2:StopInstances` actions, so adding another effect is unnecessary. Option B is wrong because `ec2:DescribeInstances` is a read-only action that is not required for starting or stopping instances; the `ec2:StartInstances` and `ec2:StopInstances` actions are sufficient for the automation script. Option D is wrong because the region is specified in the ARN (e.g., `us-east-1`) and the script's region configuration does not affect IAM policy evaluation; the error is due to the instance ID mismatch, not the region.

881
Multi-Selectmedium

A company runs SAP HANA on AWS using an r5.8xlarge instance with 3.8 TB of EBS gp3 storage. The HANA data volume is 2 TB. The system is experiencing performance issues, and the database administrator suspects that the storage I/O is the bottleneck. Which TWO actions should be taken to improve I/O performance?

Select 2 answers
A.Increase the size of the log volume to improve write performance.
B.Change the data volume type from gp3 to io2 Block Express with higher IOPS.
C.Enable HANA delta merge operations to run more frequently.
D.Upgrade the instance to a larger size with higher network bandwidth.
E.Increase the provisioned IOPS on the HANA data volume.
AnswersB, E

io2 provides consistent low-latency performance.

Why this answer

Option B is correct because io2 Block Express provides up to 256,000 IOPS per volume with sub-millisecond latency, which is essential for SAP HANA's demanding I/O patterns. The current gp3 volume, while offering baseline performance, cannot match the consistent low-latency and high-IOPS capabilities required for HANA data volumes under heavy write workloads. Option E is also correct because increasing provisioned IOPS on the existing gp3 volume directly addresses the I/O bottleneck by raising the performance ceiling, though gp3 has a maximum of 16,000 IOPS per volume, which may still be insufficient for large HANA deployments.

Exam trap

The trap here is that candidates may confuse increasing volume size with improving performance, or assume that network bandwidth upgrades affect storage I/O, when in fact EBS performance is independent of instance network bandwidth and governed by volume type and IOPS provisioning.

882
Multi-Selecthard

A company is migrating their SAP environment using AWS Launch Wizard. Which THREE prerequisites must be met before using Launch Wizard for SAP deployment? (Choose 3)

Select 3 answers
A.An AWS account with appropriate permissions.
B.A pre-configured Amazon S3 bucket for SAP media.
C.A Virtual Private Cloud (VPC) configured with subnets.
D.An existing SAP license.
E.IAM roles with permissions to create resources.
AnswersA, C, E

You need an AWS account to use Launch Wizard.

Why this answer

Launch Wizard requires an AWS account, IAM permissions, and a VPC. It does not require an existing SAP license or S3 bucket, though these may be needed later. EC2 instances are created by the wizard.

883
MCQeasy

A DevOps engineer is troubleshooting an AWS CodePipeline that fails at the Deploy stage. The pipeline deploys a static website to an S3 bucket configured for website hosting. The error message indicates 'Access Denied' when the pipeline tries to upload files. Which IAM policy should be attached to the CodePipeline service role to resolve this?

A.CloudFrontFullAccess
B.AdministratorAccess
C.AmazonS3ReadOnlyAccess
D.A custom policy allowing s3:PutObject and s3:ListBucket on the target bucket.
AnswerD

These are the minimum permissions needed to upload files to S3.

Why this answer

The CodePipeline service role needs permissions to write objects to the S3 bucket and list its contents to verify the upload. A custom policy with s3:PutObject and s3:ListBucket on the target bucket grants exactly these required actions, resolving the 'Access Denied' error during the Deploy stage.

Exam trap

The trap here is that candidates often choose a broad managed policy like AdministratorAccess or CloudFrontFullAccess, overlooking that the minimal custom policy with specific S3 actions is the correct and secure solution for the 'Access Denied' error.

How to eliminate wrong answers

Option A is wrong because CloudFrontFullAccess grants permissions to manage CloudFront distributions, not to write to S3 buckets, and does not address the S3 upload failure. Option B is wrong because AdministratorAccess is overly permissive and violates the principle of least privilege; it would work but is not the best practice or the minimal required policy. Option C is wrong because AmazonS3ReadOnlyAccess only allows read operations (e.g., GetObject, ListBucket) and explicitly denies write actions like s3:PutObject, so it cannot resolve the upload failure.

884
MCQeasy

An administrator needs to monitor the CPU utilization of an SAP HANA database running on an EC2 instance. The monitoring data must be stored for 15 months. Which AWS service should be used to meet this requirement?

A.Amazon S3
B.AWS CloudTrail
C.Amazon CloudWatch Logs
D.Amazon CloudWatch Metrics
AnswerD

CloudWatch metrics can be retained for up to 15 months.

Why this answer

Option B is correct because CloudWatch Logs is for log data, not metrics; CloudWatch Metrics can store data for up to 15 months for custom metrics. Option A is wrong because CloudWatch Logs stores logs, not metrics. Option C is wrong because S3 can store data but is not designed for metrics retention.

Option D is wrong because CloudTrail records API calls, not performance metrics.

885
MCQmedium

A company is running SAP HANA on AWS and needs to perform a backup to S3 using the SAP HANA BACKUP command. The backup fails with an error indicating that the S3 bucket cannot be accessed. The EC2 instance has an IAM role assigned with the necessary S3 permissions. What is the most likely cause of the failure?

A.The S3 bucket is in a different region.
B.The instance does not have internet access.
C.The IAM role does not have the correct trust policy.
D.The S3 bucket policy denies access from the instance's VPC.
AnswerD

A bucket policy can explicitly deny access even if IAM allows.

Why this answer

SAP HANA backup to S3 requires a properly configured S3 bucket and the backup tool must be able to write to it. The error is likely due to the bucket policy blocking the request. IAM role permissions are correct, but bucket policies can override them.

886
MCQmedium

An SAP administrator is troubleshooting a high CPU utilization issue on an SAP application server running on an Amazon EC2 instance. The administrator suspects a specific ABAP program is consuming excessive resources. Which AWS service can be used to capture detailed performance metrics and identify the process?

A.AWS CloudTrail
B.Amazon CloudWatch Agent
C.AWS Config
D.Amazon VPC Flow Logs
AnswerB

CloudWatch Agent collects OS-level metrics like per-process CPU.

Why this answer

Option D is correct because CloudWatch Agent can collect detailed OS-level metrics. Option A is wrong because VPC Flow Logs capture network traffic, not CPU. Option B is wrong because Config is for compliance.

Option C is wrong because CloudTrail is for API calls.

887
Multi-Selectmedium

Which TWO tasks require the use of AWS Systems Manager Session Manager? (Choose TWO.)

Select 2 answers
A.Transfer files between on-premises and AWS
B.Execute a one-time command on an EC2 instance interactively
C.Establish a secure shell session to an EC2 instance without using SSH keys
D.Store database connection strings securely
E.Apply operating system patches to a fleet of EC2 instances
AnswersB, C

Session Manager allows interactive command execution.

Why this answer

Options A and D are correct. Session Manager provides secure shell access without SSH keys (A) and can be used to execute commands interactively (D). Options B and C are wrong because Session Manager does not manage patches or store parameters.

Option E is wrong because Session Manager is not for file transfers.

888
MCQmedium

An SAP administrator has created the IAM policy shown in the exhibit and attached it to an IAM role used by an EC2 instance running SAP HANA. The instance needs to download backup files from the S3 bucket 'sap-backup-bucket' and then stop itself after the backup is complete. However, the backup script fails with an access denied error when trying to list the bucket. What is the most likely cause? (Note: This question is reused from above but with correct exhibit now. I need to change the exhibit to have a mistake. Let me fix: remove the bucket ARN from the Resource list for S3 actions, so only the object ARN is present. That will cause the list operation to fail.)

A.The S3 bucket is encrypted and the policy does not allow kms:Decrypt
B.The instance does not have an internet gateway to reach S3
C.The policy does not include the ec2:StopInstances permission
D.The policy does not allow the s3:ListBucket action on the bucket ARN
AnswerD

The policy allows s3:ListBucket but the Resource array only includes the object ARN (sap-backup-bucket/*), not the bucket ARN. The ListBucket action requires the bucket ARN as resource.

889
MCQeasy

A company plans to migrate its SAP ERP system from an on-premises environment to AWS. The system uses an Oracle database. Which AWS service provides the most cost-effective and high-performance storage for the Oracle data files?

A.Amazon EBS io2 Block Express volumes
B.EC2 Instance Store
C.Amazon EFS
D.Amazon S3
AnswerA

Provides high performance for databases.

Why this answer

Option B is correct because Amazon EBS io2 Block Express volumes offer high durability, high IOPS, and low latency suitable for Oracle databases. Option A is wrong because S3 is object storage. Option C is wrong because EFS is file storage.

Option D is wrong because Instance Store is ephemeral.

890
Multi-Selectmedium

A company is migrating its SAP ERP system to AWS and wants to minimize downtime during the migration. Which THREE strategies should be considered? (Choose three.)

Select 3 answers
A.Use Amazon S3 Transfer Acceleration to speed up data transfer.
B.Shut down the source system and perform a full database export to S3.
C.Perform a full export and import of the SAP system during a maintenance window.
D.Use SAP Landscape Transformation (SLT) to replicate data in real-time to the target system.
E.Set up AWS Database Migration Service (DMS) for ongoing replication after initial load.
AnswersA, D, E

S3 Transfer Acceleration speeds up data transfer, reducing migration window.

Why this answer

Using SAP Landscape Transformation (SLT) for real-time data replication, setting up AWS DMS for ongoing replication, and performing a near-zero downtime migration using SAP SWPM with DB migration option are all valid strategies. Option B (shutting down source) causes downtime. Option D (full export/import) causes extended downtime.

Option E (using only S3) is not a migration strategy for live systems.

891
MCQeasy

An administrator needs to back up an SAP HANA database running on an EC2 instance. The backup must be stored in a durable, cost-effective storage solution. Which AWS service is best suited for storing the backup files?

A.Amazon S3
B.Amazon S3 Glacier
C.Amazon EFS
D.Amazon EBS snapshots
AnswerA

S3 is durable, scalable, and cost-effective for backup files.

Why this answer

Option A is correct because Amazon S3 is designed for durable, cost-effective object storage, ideal for backups. Option B is incorrect because EBS snapshots are stored in S3 but are not directly accessible as files. Option C is incorrect because EFS is a file system, not optimized for backup storage.

Option D is incorrect because Glacier is a lower-cost archival storage, but S3 is more appropriate for general backups with faster retrieval.

892
Multi-Selectmedium

An operations team is troubleshooting an issue where an SAP application is unable to connect to an RDS for SQL Server database. The database is in a private subnet, and the application is in a public subnet. Which TWO actions should the team take to resolve the connectivity issue? (Choose TWO.)

Select 2 answers
A.Attach an internet gateway to the VPC
B.Create a VPC peering connection between the application and database subnets
C.Add a route to the route table of the database's subnet that directs traffic to the application's subnet
D.Modify the security group for the database to allow inbound traffic from the application's security group
E.Add a route to the route table of the application's subnet that directs traffic to the database subnet
AnswersD, E

The security group must allow inbound traffic on the database port from the application.

Why this answer

The database is in a private subnet, so the application needs a route to it. The route table must have a route to the private subnet, and the security group for the database must allow inbound traffic from the application's security group or CIDR. An internet gateway is not needed for database access.

A NAT gateway is for outbound traffic. VPC peering is for cross-VPC connectivity.

893
MCQhard

An SAP system on AWS is experiencing high read latency from the SAP HANA database. The system uses Provisioned IOPS EBS volumes. Which action would most likely improve read latency?

A.Change the EBS volume type to gp2.
B.Disable write caching on the EBS volumes.
C.Move the HANA data to instance store volumes.
D.Increase the provisioned IOPS on the EBS volumes.
AnswerD

More IOPS can reduce read latency.

Why this answer

Increasing the provisioned IOPS on the EBS volumes directly addresses high read latency by raising the I/O performance ceiling for the SAP HANA database. Since the system already uses Provisioned IOPS (io1/io2) volumes, higher IOPS reduces queue depth and read latency under heavy workloads, which is a common requirement for SAP HANA.

Exam trap

The trap here is that candidates may think increasing IOPS always helps, but the key nuance is that the system already uses Provisioned IOPS, so the correct action is to increase the provisioned IOPS value, not change volume types or rely on ephemeral storage.

How to eliminate wrong answers

Option A is wrong because changing to gp2 (general purpose SSD) would likely reduce performance, as gp2 offers lower and burstable IOPS compared to Provisioned IOPS volumes, worsening latency under sustained SAP HANA loads. Option B is wrong because disabling write caching on EBS volumes does not improve read latency; write caching affects write operations, and EBS volumes do not support configurable read caching at the volume level. Option C is wrong because instance store volumes are ephemeral and not suitable for SAP HANA data, which requires persistent, durable storage; moving data there would risk data loss on instance stop/termination and does not guarantee lower read latency.

894
MCQhard

A company is using AWS Systems Manager to manage their SAP environment. They want to ensure that only specific users can run automation documents on production SAP instances. Which IAM policy action should be used to control access to executing automation documents?

A.ssm:SendCommand
B.ssm:GetParameter
C.ssm:StartAutomationExecution
D.ssm:ListDocuments
AnswerC

This action permits starting automation documents.

Why this answer

Option B is correct because the ssm:StartAutomationExecution action allows starting an automation execution. Option A is for running commands (not automations). Option C is for getting parameters.

Option D is for listing documents.

895
MCQmedium

A company is migrating an SAP environment and wants to automate the provisioning of infrastructure using Infrastructure as Code (IaC). Which AWS service should they use to define and deploy AWS resources?

A.AWS OpsWorks
B.AWS CodeDeploy
C.AWS CloudFormation
D.AWS Elastic Beanstalk
AnswerC

CloudFormation allows you to define and provision AWS infrastructure declaratively.

Why this answer

AWS CloudFormation allows you to define infrastructure as code. OpsWorks is for configuration management. Elastic Beanstalk is for application deployment.

CodeDeploy is for code deployment.

896
MCQeasy

A company is migrating its SAP ERP system to AWS. The system has a custom ABAP code that uses RFC calls to an external system. The company wants to test the migrated system in a sandbox environment before the final cutover. What is the best practice for handling the RFC connections during testing?

A.Create a separate sandbox environment that is isolated from production and uses mock endpoints for RFC calls.
B.Use the same RFC destinations as production but disable the external system.
C.Set up a VPN between the sandbox and the external system to test real connectivity.
D.Configure the sandbox to use the production RFC endpoints but with read-only access.
AnswerA

Isolation prevents unintended effects on production.

Why this answer

Option A is correct because using a sandbox environment disconnected from the production system prevents accidental data changes or impacts. Options B, C, D are incorrect because they either involve production connections or are not best practices.

897
MCQmedium

An AWS administrator needs to monitor the CPU utilization of an EC2 instance running SAP NetWeaver. The instance type is r5.2xlarge. Which CloudWatch metric should the administrator use to track the CPU usage of the instance?

A.MemoryUtilization
B.CPUUtilization
C.NetworkIn
D.DiskReadOps
AnswerB

Default metric for CPU usage.

Why this answer

Option A is correct because CPUUtilization is the standard metric for EC2 CPU usage. Option B is wrong because NetworkIn is network traffic. Option C is wrong because DiskReadOps is disk I/O.

Option D is wrong because Memory utilization is not a default metric; it requires a custom agent.

898
MCQhard

A company is migrating an SAP Business Suite system to AWS. The system runs on AIX on IBM Power Systems. The company wants to rehost the system on AWS using a lift-and-shift approach. Which AWS service can replicate the AIX operating system to run on AWS?

A.AWS CloudEndure Migration
B.AWS Database Migration Service (AWS DMS)
C.AWS Server Migration Service (AWS SMS)
D.AWS Application Migration Service (AWS MGN)
AnswerD

AWS MGN supports AIX via the AWS Replication Agent for lift-and-shift.

Why this answer

Option C is correct. AWS Application Migration Service (AWS MGN) supports agent-based migration for AIX via the AWS Replication Agent. Option A (AWS CloudEndure Migration) has been rebranded as AWS MGN.

Option B (AWS SMS) does not support AIX. Option D (AWS Database Migration Service) is for databases, not OS.

899
MCQmedium

A company runs its SAP environment on AWS and needs to ensure that all changes to the SAP landscape are tracked for auditing. The environment includes EC2 instances, RDS databases, and Lambda functions. Which combination of AWS services provides the most comprehensive audit trail?

A.AWS Systems Manager Inventory and AWS Config
B.AWS CloudTrail and AWS Config
C.Amazon VPC Flow Logs and AWS CloudTrail
D.Amazon CloudWatch Logs and Amazon CloudWatch Metrics
AnswerB

CloudTrail logs API calls; Config records resource configuration changes.

Why this answer

Option B is correct because CloudTrail logs API calls for all services, and AWS Config records resource configuration changes, together providing a complete audit trail. Option A is wrong because CloudWatch Logs and Metrics are for monitoring, not auditing changes. Option C is wrong because Systems Manager Inventory collects software inventory, not configuration changes.

Option D is wrong because VPC Flow Logs capture network traffic, not configuration changes.

900
MCQeasy

A company is running an SAP HANA database on an EC2 instance with a large amount of memory. The system is experiencing performance issues during peak loads. Which AWS service should be used to capture detailed performance metrics for analysis?

A.AWS Config
B.AWS CloudTrail
C.AWS X-Ray
D.Amazon CloudWatch
AnswerD

CloudWatch with agent can capture detailed performance metrics including memory.

Why this answer

Option D is correct because Amazon CloudWatch can collect detailed performance metrics from EC2 instances, including memory utilization, if the CloudWatch agent is installed. Option A is wrong because AWS CloudTrail records API activity, not performance metrics. Option B is wrong because AWS Config tracks resource configuration changes.

Option C is wrong because AWS X-Ray traces application requests, not system-level performance.

Page 11

Page 12 of 24

Page 13