AWS Certified SAP on AWS Specialty PAS-C01 (PAS-C01) — Questions 76150

1733 questions total · 24pages · All types, answers revealed

Page 1

Page 2 of 24

Page 3
76
MCQmedium

An SAP system is deployed on EC2 instances with EBS volumes. The operations team needs to implement a backup strategy that provides point-in-time recovery for the EBS volumes with minimal downtime. Which AWS service should they use?

A.AWS Storage Gateway
B.AWS Backup
C.Amazon EBS Snapshots
D.Amazon S3
AnswerC

EBS Snapshots are designed for point-in-time backup of EBS volumes.

Why this answer

Option A is correct because EBS Snapshots provide point-in-time backups and can be taken while the volume is attached and in use (with some performance impact). Option B is wrong because AWS Backup can orchestrate snapshots but is not the service that directly creates them. Option C is wrong because S3 is object storage, not for EBS backups.

Option D is wrong because Storage Gateway is for hybrid storage, not for backing up EBS volumes.

77
MCQhard

An SAP system running on AWS is experiencing intermittent connectivity issues between the application server and the database server. Both servers are in the same VPC but different subnets. The security groups and network ACLs are correctly configured. Which AWS service can help diagnose the network path and identify packet loss?

A.AWS Direct Connect
B.VPC Flow Logs
C.AWS CloudTrail
D.AWS Site-to-Site VPN
AnswerB

VPC Flow Logs capture network traffic information for analysis.

Why this answer

VPC Flow Logs capture IP traffic metadata and can be analyzed to detect packet loss or rejected connections. Option D is correct. Option A is wrong because CloudTrail logs API calls.

Option B is wrong because Direct Connect is for on-premises connectivity. Option C is wrong because VPN is also for external connectivity.

78
MCQeasy

A company is migrating an SAP environment to AWS and wants to automate the provisioning of infrastructure using code. Which AWS service should be used for this purpose?

A.AWS Elastic Beanstalk
B.AWS CloudFormation
C.AWS CodeDeploy
D.AWS OpsWorks
AnswerB

CloudFormation provides infrastructure as code for provisioning.

Why this answer

AWS CloudFormation allows infrastructure as code to provision AWS resources in a repeatable manner. Option A is wrong because OpsWorks is for configuration management, not provisioning. Option B is wrong because Elastic Beanstalk is for application deployments, not full infrastructure.

Option D is wrong because CodeDeploy is for application deployment, not infrastructure.

79
MCQmedium

A company runs SAP HANA on AWS using a single EC2 instance with EBS volumes. The system experiences performance degradation during peak hours. Which approach would provide the MOST immediate improvement in disk I/O performance without downtime?

A.Add additional EBS volumes and configure RAID 0 across them.
B.Migrate the EC2 instance to a larger instance type.
C.Modify the EBS volume type and IOPS using Elastic Volumes.
D.Create a new EBS volume with higher performance and copy data using rsync.
AnswerC

Elastic Volumes allow online modification of volume type and IOPS without downtime.

Why this answer

Option B is correct because EBS elastic volumes allow modifying volume type (e.g., to gp3 or io2) and IOPS without detaching the volume or stopping the instance. Option A is wrong because migrating to a larger instance type may improve CPU but not necessarily disk I/O immediately. Option C is wrong because creating a new volume and migrating data requires downtime.

Option D is wrong because adding more volumes with RAID0 requires reconfiguration and possible downtime.

80
Multi-Selecteasy

An SAP administrator is setting up monitoring for an SAP HANA database. Which TWO metrics should be monitored from the HANA database using Amazon CloudWatch?

Select 2 answers
A.CPU utilization of the HANA process
B.SAPS (SAP Application Performance Standard)
C.EBS volume queue length
D.Network packet loss
E.Memory usage (used memory / total memory)
AnswersA, E

CPU utilization directly affects query performance.

Why this answer

Options A and D are correct because memory usage and CPU usage are critical for HANA performance. Option B is wrong because EBS volume metrics are not HANA-specific. Option C is wrong because SAPS is not a standard CloudWatch metric.

Option E is wrong because network packet loss is not a standard HANA metric.

81
Multi-Selecteasy

A company is planning to run SAP HANA on AWS. Which three are best practices for configuring the EC2 instance for SAP HANA? (Choose THREE.)

Select 3 answers
A.Enable CPU hyper-threading
B.Use burstable instance types (T2/T3)
C.Use EBS-optimized instances
D.Allocate swap space on the instance
E.Use placement groups for HANA instances
AnswersA, C, E

Hyper-threading is recommended for HANA.

Why this answer

Option A (Enable CPU hyper-threading) is correct for HANA performance. Option C (Use EBS-optimized instances) is correct for storage performance. Option D (Use placement groups) is correct for high network throughput.

Option B is wrong because swap space is not recommended for HANA. Option E is wrong because T2/T3 instances are burstable and not suitable for production HANA.

82
Multi-Selecthard

A company is planning to migrate its SAP HANA database to AWS. The database is 5 TB in size and requires high IOPS for online transaction processing (OLTP) workloads. Which THREE AWS storage options are suitable for SAP HANA data volumes? (Choose THREE.)

Select 3 answers
A.EC2 instance store (NVMe SSD)
B.Amazon EBS io2 Block Express volumes
C.Amazon S3
D.Amazon EBS gp3 volumes
E.Amazon EFS
AnswersA, B, D

Instance store provides very high IOPS, but data is ephemeral; suitable for /hana/data with replication.

Why this answer

Options A, B, and D are correct: io2 Block Express provides high IOPS, instance store provides very low latency, and gp3 can be used for less critical data. Option C is wrong because Amazon EFS is not supported for HANA data. Option E is wrong because S3 is not block storage.

83
Multi-Selecthard

An SAP system on AWS is experiencing high latency. Which THREE metrics should be examined in Amazon CloudWatch to diagnose the issue?

Select 3 answers
A.NetworkIn/NetworkOut
B.DiskReadBytes
C.StatusCheckFailed
D.CPUUtilization
E.EBS VolumeQueueLength
AnswersA, D, E

Network metrics can reveal congestion.

Why this answer

Options A, C, and E are correct. A (CPUUtilization) can indicate CPU bottleneck. C (NetworkIn/NetworkOut) shows network throughput.

E (EBS VolumeQueueLength) indicates storage I/O wait. B (StatusCheckFailed) is for instance health, not latency. D (DiskReadBytes) alone is less informative without queue length.

84
Drag & Dropmedium

Drag and drop the steps to set up an SAProuter connection between an on-premises network and AWS for SAP support access into the correct order.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order

Why this order

SAProuter setup involves deploying instance, configuring SAProuter, opening port, establishing connectivity, and routing.

85
MCQmedium

An SAP administrator runs the AWS CLI command shown in the exhibit to describe an EBS volume attached to an EC2 instance running SAP HANA. The instance is in the us-east-1a Availability Zone. The administrator needs to create a volume in us-east-1b and copy the data from the existing volume. What is the most efficient way to achieve this?

A.Use rsync to copy data from the instance to a new volume in us-east-1b over the network
B.Detach the volume from the instance and attach it to an instance in us-east-1b
C.Create a snapshot of the volume and then create a new volume in us-east-1b from the snapshot
D.Create an AMI from the instance and launch a new instance in us-east-1b
AnswerC

Snapshots are AZ-independent and can be used to create volumes in different AZs.

Why this answer

Creating a snapshot of the existing volume is the most efficient way to copy data across Availability Zones. Then, create a new volume in us-east-1b from that snapshot. Detaching the volume and attaching it to an instance in us-east-1b is not possible because the volume is tied to its AZ.

Creating an AMI is unnecessary overhead. Using rsync over the network would require an instance in the same AZ and network bandwidth.

86
MCQeasy

An operations team needs to monitor the disk space usage of SAP application servers running on EC2. Which combination of AWS services should they use?

A.Amazon CloudWatch and AWS CloudTrail
B.Amazon CloudWatch agent and Amazon CloudWatch alarms
C.AWS Lambda and Amazon DynamoDB
D.Amazon S3 and Amazon SNS
AnswerB

CloudWatch agent collects disk metrics, and alarms can notify when thresholds are exceeded.

Why this answer

Amazon CloudWatch agent is required to collect custom metrics like disk space usage from EC2 instances, as the standard CloudWatch metrics only cover CPU, memory, network, and disk I/O. By installing the agent and configuring it to report disk space metrics, you can then set CloudWatch alarms to trigger notifications when thresholds are breached, enabling proactive monitoring of SAP application servers.

Exam trap

The trap here is that candidates assume standard EC2 CloudWatch metrics include disk space usage, but they only include disk read/write operations (I/O), not percentage of disk space used, so the CloudWatch agent is mandatory for this specific monitoring requirement.

How to eliminate wrong answers

Option A is wrong because AWS CloudTrail records API activity and governance events, not system-level metrics like disk space usage; it cannot monitor disk space. Option C is wrong because AWS Lambda and Amazon DynamoDB are serverless compute and database services, not designed for collecting or alerting on EC2 disk metrics; they lack native agent-based metric collection. Option D is wrong because Amazon S3 is object storage and Amazon SNS is a notification service; while SNS can send alerts, S3 cannot collect or analyze disk space data from EC2 instances, and this combination omits the necessary metric collection agent.

87
MCQeasy

A company runs SAP Business Suite on AWS and wants to implement a disaster recovery (DR) solution with a Recovery Time Objective (RTO) of 4 hours and a Recovery Point Objective (RPO) of 1 hour. The primary site is in us-east-1, and DR site will be in us-west-2. The database is running on SAP ASE. The company wants to minimize changes to the existing SAP environment and avoid complex replication setups. What is the most suitable DR approach?

A.Deploy a Multi-AZ database in the primary region.
B.Set up SAP ASE native replication to a standby database in the DR region.
C.Use AWS Backup to schedule snapshots of the EBS volumes and copy them to the DR region.
D.Use AWS Database Migration Service to continuously replicate data to the DR region.
AnswerC

Simple and meets RPO/RTO with proper scheduling.

Why this answer

Option A is correct. Using AWS Backup to take frequent snapshots of the database and application volumes and copying them to the DR region can meet the RPO of 1 hour if snapshots are taken every hour. Restoring from snapshots can be automated to meet the RTO.

Option B is wrong because Database Migration Service is for ongoing replication, not backup/restore. Option C is wrong because SAP ASE native replication requires significant changes and licensing. Option D is wrong because Multi-AZ is for high availability within a region, not DR across regions.

88
Multi-Selecthard

A company is migrating an SAP ERP system to AWS using a heterogeneous migration. Which THREE components must be converted or migrated?

Select 3 answers
A.Database schema
B.Networking configuration
C.Data
D.Operating system
E.Custom ABAP code and stored procedures
AnswersA, C, E

Schema must be converted to target format.

Why this answer

Schema (using AWS SCT), data (using AWS DMS), and custom ABAP code (using SCT) are all required for a heterogeneous migration. Networking configuration is not part of the data migration; operating system is not migrated as part of database migration.

89
MCQhard

A company is migrating a Hadoop cluster to Amazon EMR. The cluster processes sensitive financial data. Which configuration ensures data encryption at rest and in transit without performance degradation?

A.Use client-side encryption with the EMRFS S3 client.
B.Use SSE-KMS for at-rest and VPC peering for in-transit.
C.Disable encryption to maximize performance; use security groups for isolation.
D.Enable EMRFS encryption with SSE-S3 for at-rest and enable in-transit encryption using TLS.
AnswerD

SSE-S3 is low overhead, and TLS secures data in transit.

Why this answer

Option A is correct because EMRFS with S3 SSE-S3 provides at-rest encryption, and EMR in-transit encryption uses TLS. Option B is incorrect because client-side encryption adds overhead. Option C is incorrect because disabling encryption is not secure.

Option D is incorrect because KMS adds latency.

90
Multi-Selecthard

A company is designing a disaster recovery solution for SAP HANA on AWS using HANA System Replication. The primary site is in us-east-1 and the DR site is in us-west-2. Which TWO components are required to enable replication across Regions? (Choose two.)

Select 2 answers
A.AWS Site-to-Site VPN or AWS Direct Connect between the two Regions
B.VPC peering between the two VPCs
C.Automated EBS snapshots of /hana/data and /hana/log volumes in us-east-1, copied to us-west-2
D.AWS Global Accelerator
E.Amazon S3 Transfer Acceleration
AnswersA, C

Provides network connectivity.

Why this answer

Option B and Option D are correct: A VPN or Direct Connect (B) provides network connectivity, and EBS snapshots (D) can be used to replicate data if synchronous replication is not feasible. Option A is wrong because S3 Transfer Acceleration is not needed. Option C is wrong because VPC peering does not work across Regions (use Transit Gateway or VPN).

Option E is wrong because AWS Global Accelerator improves latency but is not required.

91
MCQmedium

An SAP administrator runs the CLI commands shown in the exhibit for a production EC2 instance. The output indicates that the instance is running but the system status is impaired. Which action should the administrator take to recover the instance?

A.Reboot the instance using the AWS console.
B.Restart the SAP application services.
C.Configure EC2 Auto Recovery and wait for recovery.
D.Stop and start the instance.
AnswerC

Auto Recovery handles hardware impairment automatically.

Why this answer

Option D is correct because EC2 Auto Recovery can automatically recover an instance when system status is impaired. Option A is wrong because the instance is already running. Option B is wrong because rebooting might not fix underlying hardware issues.

Option C is wrong because stopping and starting moves the instance to new hardware, which is similar to recovery, but EC2 Auto Recovery is the automated solution.

92
MCQmedium

An SAP administrator needs to migrate an on-premises SAP HANA system to AWS. The total size of the HANA data and log volumes is 5 TB. The administrator wants to minimize downtime and use the fastest possible initial data transfer method. Which approach should they use?

A.Use Amazon S3 Transfer Acceleration to upload the data over the internet
B.Use AWS Snowball Edge to physically ship the data
C.Use AWS Direct Connect to transfer the data over a dedicated network connection
D.Use VPC Peering to connect on-premises to AWS and copy data
AnswerB

Snowball Edge can transfer 5 TB quickly and securely, minimizing downtime.

Why this answer

AWS Snowball Edge provides a physical data transfer device that can be shipped to the on-premises site, loaded with the 5 TB of SAP HANA data and log volumes, and then shipped back to AWS for ingestion into an S3 bucket. This approach offers the fastest initial transfer for large datasets (multi-TB) over a WAN, as it bypasses network bandwidth limitations entirely, minimizing downtime compared to internet-based or dedicated network transfers.

Exam trap

The trap here is that candidates often choose Direct Connect (Option C) assuming a dedicated network is always fastest, but for large initial bulk transfers (multi-TB), physical shipping via Snowball Edge is faster because it avoids network bandwidth constraints and transfer time, which is a key concept tested in the PAS-C01 exam for minimizing downtime during SAP HANA migrations.

How to eliminate wrong answers

Option A is wrong because Amazon S3 Transfer Acceleration still relies on internet connectivity and is limited by available bandwidth; for 5 TB, it would take significantly longer than a physical shipment, especially with typical on-premises upload speeds. Option C is wrong because AWS Direct Connect provides a dedicated network connection but is still constrained by the provisioned bandwidth (e.g., 1 Gbps or 10 Gbps); transferring 5 TB over even a 10 Gbps link would take over an hour, and setup latency plus potential throttling make it slower than a physical shipment for initial bulk transfer. Option D is wrong because VPC Peering is a networking feature for connecting VPCs within AWS, not for on-premises to AWS connectivity; it cannot be used to transfer data from on-premises to AWS, and even if combined with a VPN, it would still be network-bound and slower than Snowball Edge.

93
MCQeasy

An SAP system uses a custom RFC destination to an external SOAP web service. After a recent network change, the RFC call fails with a timeout error. The SAP administrator has verified that the web service is reachable from the SAP application server using ping. What is the MOST likely cause of the timeout?

A.The DNS resolution is incorrect for the web service hostname.
B.The SAP router configuration is blocking the connection.
C.The SSL certificate of the web service has expired.
D.A firewall between the application server and the web service is blocking the required port.
AnswerD

Firewall rules may block the specific port while allowing ICMP.

Why this answer

Option C is correct because the firewall might block the specific port used by the SOAP service (e.g., 443 or 8080) even if ICMP (ping) is allowed. Option A (DNS) is unlikely if ping works. Option B (SAP router) is not involved.

Option D (SSL certificate) would cause a different error (e.g., certificate validation failure).

94
MCQeasy

An SAP system uses Amazon EFS for shared file storage for transport directories. The system is deployed across multiple Availability Zones. Which EFS performance mode is most suitable for this workload?

A.Max I/O performance mode.
B.Provisioned Throughput mode.
C.General Purpose performance mode.
D.Bursting Throughput mode.
AnswerC

General Purpose provides low latency for file operations.

Why this answer

General Purpose performance mode is the most suitable for SAP transport directories because it provides the lowest latency for file operations, which is critical for the frequent, small I/O operations typical of SAP transport processes. Max I/O mode, while offering higher throughput for large sequential I/O, introduces higher latency that can degrade SAP performance. General Purpose mode is the default and recommended mode for most EFS workloads, including SAP shared file systems.

Exam trap

The trap here is that candidates confuse performance modes (General Purpose vs. Max I/O) with throughput models (Bursting vs. Provisioned), leading them to select a throughput option like Provisioned or Bursting when the question explicitly asks for the most suitable performance mode for a latency-sensitive SAP workload.

How to eliminate wrong answers

Option A is wrong because Max I/O performance mode is designed for highly parallel, large-file workloads (e.g., big data, media processing) and has higher latency per operation, which is unsuitable for the latency-sensitive, small-file I/O patterns of SAP transport directories. Option B is wrong because Provisioned Throughput mode is a throughput setting, not a performance mode; it can be applied to either General Purpose or Max I/O modes to set a baseline throughput independent of file system size, but it does not define the latency or concurrency characteristics needed for this workload. Option D is wrong because Bursting Throughput mode is also a throughput model (not a performance mode) that allows throughput to burst based on accumulated credits; while it can be used with General Purpose mode, it is not a performance mode choice and does not address the latency requirements of SAP transport directories.

95
MCQhard

An SAP system administrator is troubleshooting an issue where an application cannot connect to an SAP HANA database running on an EC2 instance. The security group for the HANA instance allows inbound traffic on port 39013 (SQL) from the application server's security group. The network ACLs for the subnet allow all traffic. What could be the cause of the connectivity issue?

A.The security group for the HANA instance does not allow inbound traffic on port 39013 from the application server's IP address.
B.The network ACL for the application server's subnet does not allow outbound traffic on port 39013.
C.The network ACL for the HANA instance's subnet is missing an outbound rule to allow return traffic on ephemeral ports.
D.The security group for the application server does not allow outbound traffic on port 39013.
AnswerC

C is correct: NACLs are stateless; outbound rules for return traffic are required.

Why this answer

Option C is correct: The network ACL is stateless and must allow both inbound and outbound traffic; the outbound rule for ephemeral ports may be missing. Option A is incorrect because the security group allows the port. Option B is incorrect because the NACL allows all inbound traffic.

Option D is incorrect because the security group allows the application server's security group.

96
MCQhard

An organization is deploying a large SAP HANA system on AWS. They need to ensure that the EBS volumes for the /hana/data and /hana/log directories are configured with optimal performance and resilience. Which configuration should they use?

A.Use io2 Block Express volumes with /hana/data on a RAID 1 set and /hana/log on a RAID 0 set
B.Use a single large gp3 EBS volume for both /hana/data and /hana/log
C.Use io2 Block Express volumes with /hana/data on a RAID 0 set and /hana/log on a RAID 1 set
D.Use io2 Block Express volumes with /hana/data on one volume and /hana/log on another, no RAID
AnswerC

RAID 0 for data performance, RAID 1 for log resilience.

Why this answer

SAP HANA on AWS requires /hana/data and /hana/log to be on separate EBS volumes. Using io2 Block Express volumes with RAID 0 for data and RAID 1 for log is recommended. Option A is wrong because gp3 may not provide enough IOPS.

Option B is wrong because /hana/log should be on separate volumes from /hana/data. Option D is wrong because /hana/data should use RAID 0 for performance.

97
MCQhard

An architect is designing a storage solution for an SAP Business Warehouse (BW) system on AWS. The system requires high throughput for data extraction and transformation. The existing on-premises system uses SAN storage with 10,000 IOPS. Which Amazon EBS volume type should the architect choose to meet or exceed this performance at the lowest cost?

A.sc1 with 10,000 IOPS
B.io1 with 10,000 Provisioned IOPS
C.gp3 with 10,000 IOPS and 500 MB/s throughput
D.st1 with 10,000 IOPS
AnswerC

gp3 can achieve 10,000 IOPS at lower cost than io1, and throughput is adequate.

Why this answer

Amazon EBS gp3 volumes can provision up to 16,000 IOPS and 1,000 MB/s throughput independently, making them suitable for SAP BW workloads requiring 10,000 IOPS. gp3 offers a lower cost than io1 because it includes a baseline performance (3,000 IOPS and 125 MB/s) and only charges for additional provisioned IOPS and throughput, whereas io1 charges for every provisioned IOPS. This makes gp3 the most cost-effective choice to meet or exceed the required 10,000 IOPS and 500 MB/s throughput.

Exam trap

The trap here is that candidates may assume io1 is the only option for guaranteed IOPS due to its 'Provisioned IOPS' branding, overlooking gp3's ability to provision IOPS independently at a lower cost, or they may incorrectly think HDD-based volumes (sc1, st1) can achieve high IOPS values.

How to eliminate wrong answers

Option A is wrong because sc1 (Cold HDD) is a throughput-optimized volume designed for infrequently accessed data, with a maximum IOPS of 250 per volume and cannot achieve 10,000 IOPS. Option B is wrong because io1 (Provisioned IOPS SSD) can provide 10,000 IOPS but at a higher cost than gp3, as io1 charges for every provisioned IOPS regardless of usage, making it less cost-effective for this requirement. Option D is wrong because st1 (Throughput Optimized HDD) is designed for large, sequential workloads with a maximum IOPS of 500 per volume and cannot sustain 10,000 IOPS.

98
MCQeasy

A company is migrating its SAP BusinessObjects BI platform to AWS. They plan to use an SAP-certified AMI for the SAP BusinessObjects application server. Which instance type is SAP-certified for SAP BusinessObjects on AWS?

A.c5.2xlarge
B.r5.xlarge
C.i3.4xlarge
D.t3.large
AnswerB

r5 instances are memory-optimized and SAP-certified for SAP BusinessObjects.

Why this answer

Option B is correct. SAP publishes certified instance types for each SAP application. For SAP BusinessObjects, memory-optimized instances like r5 are certified.

Option A (t3) is burstable and not certified. Option C (c5) is compute-optimized and not certified for BO. Option D (i3) is storage-optimized.

99
MCQmedium

A company is running an SAP HANA database on an EC2 instance with EBS volumes. The database experiences high write latency during peak hours. Which configuration change would most effectively reduce latency?

A.Switch to gp3 EBS volumes with maximum throughput.
B.Increase the EC2 instance size to a compute-optimized type.
C.Use EBS io2 Block Express volumes with multi-attach enabled.
D.Migrate the data to instance store volumes.
AnswerC

io2 Block Express volumes offer up to 256,000 IOPS and sub-millisecond latency, meeting SAP HANA performance requirements.

Why this answer

Option B is correct because using EBS io2 Block Express volumes provides consistent low latency and high IOPS for demanding workloads like SAP HANA. Option A is wrong because gp3 volumes have lower performance compared to io2 Block Express. Option C is wrong because increasing instance size may not directly address storage latency.

Option D is wrong because instance store volumes are ephemeral and not suitable for persistent database storage.

100
MCQhard

A company is planning a migration of their SAP ERP system to AWS. They want to use SAP HANA as the database. The current on-premises database size is 2 TB. The migration must have minimal downtime. Which combination of AWS services and methods should be used to achieve a near-zero downtime migration?

A.Use AWS DMS with a SAP HANA source and target, configuring ongoing replication to minimize downtime
B.Use AWS Database Migration Service (DMS) with an SAP HANA source and S3 as target
C.Use SAP HANA System Replication (HSR) to replicate data to an EC2 instance in AWS
D.Use AWS Backup to perform a continuous backup of the on-premises HANA database and restore to AWS
AnswerA

DMS supports ongoing replication to keep data in sync with minimal downtime.

Why this answer

Option D is correct because AWS DMS with HANA as target supports minimal downtime using ongoing replication. Option A is incorrect because HSR requires a compatible HANA version setup. Option B is incorrect because DMS cannot replicate from HANA to HANA directly without a source HANA.

Option C is incorrect because AWS Backup cannot replicate data in near-real-time.

101
Multi-Selecthard

A company is designing a disaster recovery (DR) strategy for its SAP system on AWS. The primary site is in us-east-1, and the DR site is in us-west-2. The system uses SAP HANA as the database. Which THREE components must be configured to enable a successful DR failover?

Select 3 answers
A.SAP HANA system replication across regions.
B.Amazon Route53 DNS failover configuration.
C.AWS Backup cross-region backup copy for the HANA database.
D.S3 Cross-Region Replication for SAP transport files.
E.AWS Transit Gateway peering between the two regions.
AnswersA, B, C

HANA SR provides real-time data replication.

Why this answer

Options A, C, and D are correct. Cross-region replication for HANA (A) ensures data consistency. Route53 (C) provides DNS failover.

AWS Backup cross-region copy (D) ensures backups are available. Option B (S3 CRR) is not needed for HANA replication. Option E (AWS Transit Gateway) is for network connectivity, not DR failover.

102
MCQmedium

A company runs a critical web application on EC2 instances behind an Application Load Balancer. The application uses Auto Scaling and a MySQL RDS Multi-AZ DB instance. Users report intermittent connection timeouts, and CloudWatch metrics show CPUUtilization spikes to 90% on the DB instance. The application queries are read-heavy with occasional writes. What is the MOST cost-effective design change to improve performance?

A.Implement ElastiCache Redis cluster to cache query results and reduce DB load.
B.Enable RDS Performance Insights and create a CloudWatch alarm to reboot the DB instance on high CPU.
C.Add an RDS read replica in the same region and configure the application to route read queries to the replica.
D.Switch the DB instance to a larger instance type to handle the load.
AnswerC

A read replica offloads read traffic, reducing CPU on the primary, and is cost-effective for read-heavy workloads.

Why this answer

Option C is the most cost-effective design change because adding an RDS read replica offloads read-heavy queries from the primary DB instance, reducing CPU utilization without requiring a larger instance. Since the workload is read-heavy with occasional writes, a read replica handles SELECT traffic while the Multi-AZ primary manages writes, improving performance at a lower cost than scaling up.

Exam trap

The trap here is that candidates often choose ElastiCache (Option A) thinking caching always reduces DB load, but for a read-heavy workload with occasional writes, an RDS read replica is more cost-effective and directly addresses the CPU spikes from read queries without the overhead of cache invalidation and additional infrastructure.

How to eliminate wrong answers

Option A is wrong because ElastiCache Redis caches query results, which reduces DB load for repeated queries but does not address the root cause of high CPU from read-heavy queries that may not be cacheable; it also adds complexity and cost for a workload better served by a read replica. Option B is wrong because enabling Performance Insights and rebooting the DB instance on high CPU is a reactive measure that does not prevent CPU spikes, and rebooting causes downtime, which is unacceptable for a critical application. Option D is wrong because switching to a larger instance type increases cost significantly without optimizing the read-heavy workload, whereas a read replica provides dedicated read capacity at a lower incremental cost.

103
MCQeasy

A company is migrating its SAP system to AWS and needs to maintain compliance with regulatory requirements that mandate data encryption at rest. Which AWS service should be used to manage encryption keys for Amazon EBS volumes?

A.AWS Secrets Manager
B.AWS Certificate Manager (ACM)
C.AWS Key Management Service (KMS)
D.AWS CloudHSM
AnswerC

KMS is the managed service for encryption keys and integrates with EBS.

Why this answer

AWS Key Management Service (KMS) allows creation and management of encryption keys used to encrypt EBS volumes. Option A (CloudHSM) is a hardware security module but more complex. Option C (Secrets Manager) is for secrets.

Option D (ACM) is for certificates.

104
MCQeasy

A company runs a critical SAP application on AWS. The SAP team needs to reduce network latency between application servers and the database. Which AWS service should be used to achieve this?

A.Amazon Route 53
B.AWS Global Accelerator
C.VPC Peering
D.Placement Groups (cluster)
AnswerD

Cluster placement groups place instances in a single AZ with low-latency networking.

Why this answer

Option B is correct because placement groups, specifically cluster placement groups, provide low-latency network performance by placing instances in a single Availability Zone with high-bandwidth, low-latency connections. Option A is incorrect because VPC Peering connects networks but doesn't guarantee low latency between instances. Option C is incorrect because AWS Global Accelerator improves global traffic routing but not within a region.

Option D is incorrect because Route 53 is a DNS service.

105
Multi-Selectmedium

A company is planning to deploy SAP S/4HANA on AWS with high availability. Which TWO actions should be taken to achieve high availability for the SAP Central Services (ASCS/ERS) instance?

Select 2 answers
A.Deploy ASCS and ERS in the same Availability Zone.
B.Run both ASCS and ERS on the same EC2 instance.
C.Place ASCS and ERS in the same subnet.
D.Deploy ASCS and ERS in different Availability Zones.
E.Use a cluster placement group for ASCS and ERS instances.
AnswersD, E

Provides AZ-level redundancy.

Why this answer

Option D is correct because deploying ASCS and ERS in different Availability Zones (AZs) ensures that if one AZ fails, the SAP Central Services can fail over to the other AZ, maintaining high availability. This aligns with AWS best practices for SAP HANA HA, which typically uses a Pacemaker cluster across AZs with fencing and STONITH to handle failover. Option E is correct because a cluster placement group provides low-latency, high-bandwidth connectivity between the ASCS and ERS instances, which is critical for the synchronous replication and heartbeat communication required for a reliable HA cluster.

Exam trap

The trap here is that candidates often confuse high availability with fault tolerance, assuming that same-AZ deployment (Option A) or same-subnet placement (Option C) is sufficient, when in fact SAP HA on AWS requires cross-AZ separation and a cluster placement group to meet the strict latency and fencing requirements.

106
MCQhard

A company runs SAP ERP Central Component (ECC) on AWS with an Oracle database. The system is deployed on a single EC2 instance with EBS volumes. The company has scheduled a maintenance window for applying Oracle patches. The database administrator (DBA) will apply the patches during the maintenance window, which requires the database to be shut down. The DBA wants to minimize downtime and ensure that if the patching fails, the system can be rolled back quickly. The current setup includes daily EBS snapshots of the data volume, but these are taken at midnight. What should the DBA do to minimize downtime and ensure a quick rollback?

A.Create a snapshot of the EBS data volume immediately before applying the patches. If the patching fails, restore the volume from the snapshot.
B.Use AWS Database Migration Service (DMS) to create a replica of the database before patching. If patching fails, redirect traffic to the replica.
C.Create an AMI of the entire EC2 instance before the maintenance window. If patching fails, launch a new instance from the AMI.
D.Stop the EC2 instance, create a snapshot of the data volume, then apply the patches. If patching fails, restore from the snapshot.
AnswerA

A snapshot provides a quick rollback point without additional downtime.

Why this answer

Option A is correct because creating a snapshot of the EBS data volume immediately before applying the patches captures a point-in-time, crash-consistent state of the Oracle database. Since the database will be shut down during the maintenance window, this snapshot provides a reliable restore point. If patching fails, the DBA can quickly restore the volume from this snapshot, minimizing downtime by avoiding the need to restore from the older midnight snapshot, which would lose an entire day's worth of transactions.

Exam trap

The trap here is that candidates may overthink the solution and choose a more complex option like DMS or AMI, not realizing that a simple EBS snapshot taken immediately before patching provides the fastest and most cost-effective rollback for a single-instance SAP ECC with Oracle, as it avoids the overhead of instance recreation or replication setup.

How to eliminate wrong answers

Option B is wrong because AWS Database Migration Service (DMS) is designed for ongoing replication or one-time migrations between heterogeneous or homogeneous databases, not for creating a quick, rollback-ready replica of a running Oracle database for patching. DMS requires setup time, incurs additional costs, and does not provide a simple, immediate rollback mechanism for a single-instance SAP ECC system. Option C is wrong because creating an AMI of the entire EC2 instance captures the OS, application, and data volumes, but it is a heavier, slower operation compared to a data volume snapshot.

Restoring from an AMI would require launching a new instance, reconfiguring networking, and reattaching volumes, leading to significantly longer downtime than a simple volume restore. Option D is wrong because stopping the EC2 instance before creating the snapshot adds unnecessary downtime; the database must be shut down for patching anyway, but the snapshot can be taken while the instance is running (with the database shut down) or even with a brief quiesce, making the stop step redundant and increasing total downtime.

107
MCQhard

A company recently migrated SAP ERP to AWS. The SAP application logs indicate repeated 'ORA-1555 snapshot too old' errors in the Oracle database. Which AWS-specific parameter could be causing this?

A.Enhanced Networking is disabled
B.Incorrect Oracle DB parameter settings
C.EBS snapshot schedule is too frequent
D.EBS volume queue depth is too low causing I/O throttling
AnswerD

Low queue depth leads to I/O bottlenecks and rollback segments issues.

Why this answer

Option C is correct because EBS volume queue depth can cause I/O delays leading to transaction rollback. Option A is wrong as snapshot creation does not affect live database. Option B is wrong as DB parameter groups don't cause this error directly.

Option D is wrong as Enhanced Networking is for network, not storage.

108
Multi-Selectmedium

An SAP system administrator is troubleshooting a failed HANA database backup to Amazon S3. The backup job returns an error: 'Access Denied'. Which TWO actions should the administrator take to resolve the issue?

Select 2 answers
A.Review the S3 bucket policy for any deny statements that may block the backup.
B.Enable S3 Transfer Acceleration on the bucket.
C.Check the IAM role attached to the EC2 instance for S3 permissions.
D.Verify that the S3 bucket's KMS key is enabled.
E.Set up a VPC endpoint for S3.
AnswersA, C

Bucket policies can explicitly deny access to certain principals.

Why this answer

Options B and D are correct because ensuring correct IAM permissions and bucket policies are common causes of access denied errors. Option A is wrong because KMS key might be separate but not the direct issue. Option C is wrong because S3 Transfer Acceleration is for speed, not access.

Option E is wrong because VPC endpoint is not required if using public S3.

109
Multi-Selectmedium

Which THREE of the following are best practices for securing an SAP HANA database on AWS? (Choose 3.)

Select 3 answers
A.Assign a public IP address to the HANA instance for easy access
B.Disable the HANA password policy to simplify user access
C.Enable encryption at rest for EBS volumes attached to the HANA instance
D.Enable SAP HANA data encryption for data in transit and at rest
E.Use security groups to restrict inbound traffic to the HANA database
AnswersC, D, E

Encryption protects data at rest.

Why this answer

Options A, B, and C are correct. Using security groups, encrypting EBS volumes, and enabling HANA encryption are all security best practices. Option D is incorrect because disabling password policies weakens security.

Option E is incorrect because making the database publicly accessible increases risk.

110
Multi-Selecteasy

Which TWO AWS services can be used to automate the deployment of SAP infrastructure using infrastructure as code? (Choose 2)

Select 2 answers
A.AWS Service Catalog
B.AWS CloudFormation
C.AWS OpsWorks
D.AWS CodeDeploy
E.AWS Elastic Beanstalk
AnswersB, E

CloudFormation provisions AWS resources using templates.

Why this answer

Options A and C are correct. AWS CloudFormation allows defining infrastructure in templates; AWS Elastic Beanstalk can deploy and manage applications but is less commonly used for SAP. Option B is wrong because OpsWorks is for Chef/Puppet, not typical for SAP.

Option D is wrong because CodeDeploy deploys applications, not infrastructure. Option E is wrong because Service Catalog creates a catalog of products, not direct deployment.

111
MCQeasy

An SAP system administrator needs to ensure high availability for an SAP HANA database using AWS services. What is the recommended architecture?

A.Deploy SAP HANA on EC2 instances in a cluster across multiple Availability Zones with synchronous replication
B.Use Amazon RDS for SAP HANA with Multi-AZ deployment
C.Use Amazon RDS Multi-AZ for SAP HANA database
D.Deploy a single EC2 instance in one Availability Zone and take daily snapshots
AnswerA

SAP HANA can be deployed as a multi-node cluster using EC2 instances in different AZs with synchronous replication and automatic failover using cluster software like Pacemaker.

Why this answer

SAP HANA can be deployed as a multi-node cluster using EC2 instances in different Availability Zones with synchronous replication and automatic failover using cluster software like Pacemaker. RDS does not support SAP HANA. A single EC2 instance in one AZ is not highly available.

Multi-AZ RDS is for other databases, not SAP HANA.

112
Multi-Selecthard

Which TWO AWS services can be used to monitor the health and performance of an SAP HANA database on AWS?

Select 2 answers
A.AWS Trusted Advisor
B.Amazon CloudWatch
C.AWS Config
D.SAP HANA monitoring tools (e.g., HANA cockpit)
E.VPC Flow Logs
AnswersB, D

CloudWatch can monitor metrics and logs from HANA.

Why this answer

Options A and D are correct. CloudWatch can monitor OS and custom HANA metrics. HANA itself provides monitoring via SQL queries (e.g., SAP HANA cockpit).

Option B is incorrect because AWS Config tracks configuration, not performance. Option C is incorrect because VPC Flow Logs monitor network traffic. Option E is incorrect because Trusted Advisor provides best-practice checks, not real-time monitoring.

113
MCQhard

A company runs SAP HANA on AWS using a multi-node scale-out configuration. During a routine maintenance window, the administrator needs to apply an HANA database software update. What is the BEST practice to minimize downtime?

A.Perform a rolling update by updating one node at a time while keeping the system operational.
B.Use HANA System Replication to fail over to a standby system, then update the primary.
C.Stop all HANA services, apply the update to all nodes, then restart.
D.Create a new HANA cluster with the updated version and migrate data.
AnswerA

Rolling updates minimize downtime by keeping most nodes active.

Why this answer

Option C is correct because HANA scale-out supports rolling updates, allowing nodes to be updated one by one with minimal downtime. Option A is wrong because stopping all services causes full downtime. Option B is wrong because using HSR failover is complex and may cause data inconsistency if not properly managed.

Option D is wrong because creating a new cluster and migrating is not efficient for a minor update.

114
MCQhard

A company is deploying SAP S/4HANA on AWS and needs to ensure high availability for the central services (ASCS and ERS). The architecture uses two EC2 instances in different Availability Zones with a shared file system using Amazon EFS for /sapmnt. The SAP system is configured with an enqueue replication server. The operations team needs to automate the failover of the ASCS instance in case of a failure. The team is considering using AWS services for this purpose. Which approach should the team use?

A.Use Amazon Route 53 with health checks and a custom script to update DNS record on failover.
B.Use an Application Load Balancer with a target group containing both ASCS instances.
C.Use an Auto Scaling group with a minimum of 2 instances and a lifecycle hook to handle failover.
D.Enable EC2 Auto Recovery to automatically recover the ASCS instance on new hardware.
AnswerA

DNS-based failover can redirect clients to the secondary ASCS instance.

Why this answer

Using AWS Route 53 health checks to monitor the ASCS instance and a custom script to update DNS records on failover provides a simple and effective HA solution. Option D is correct. Option A is wrong because ALB cannot direct traffic to a single SAP instance for ASCS.

Option B is wrong because Auto Scaling is for scaling out, not HA for stateful services. Option C is wrong because EC2 Auto Recovery recovers the instance but does not handle failover to another AZ.

115
MCQhard

An SAP HANA database on AWS experiences a failover from the primary to the secondary node. After the failover, the secondary node (now primary) is running on a different AZ. The SAP application cannot connect to the new primary. What is the MOST likely cause?

A.HANA system replication is not configured correctly.
B.The security group for the new primary does not allow inbound traffic from the app.
C.The EBS volumes are not attached to the new primary.
D.The application connection string points to the old primary's IP address.
AnswerD

After failover, the new primary has a different private IP; the app must use a virtual IP or DNS that updates.

Why this answer

Option B is correct because the SAP application likely uses the private IP of the old primary; after failover, the new primary has a different IP. Option A is wrong because HANA replication is independent of DNS. Option C is wrong because security groups are not AZ-specific.

Option D is wrong because storage type does not affect connectivity.

116
MCQmedium

A company is running SAP ERP on AWS and wants to set up a disaster recovery (DR) strategy using AWS Regions. The DR site must have a copy of the SAP application and database data. Which solution provides the fastest recovery time objective (RTO) with the lowest data loss?

A.Use an EC2 instance with SAP HANA system replication across regions.
B.Take daily snapshots of the database and copy them to the DR region. Restore from snapshots during a disaster.
C.Use an RDS Multi-AZ DB cluster with a cross-region read replica.
D.Use AWS Database Migration Service (DMS) to continuously replicate changes to a database in the DR region.
AnswerC

Cross-region read replicas provide asynchronous replication with minimal data loss and allow fast promotion to primary during disaster.

Why this answer

Multi-AZ DB cluster provides synchronous replication and automatic failover, but it is within a single region. For cross-region DR, using a standby DB instance in another region with Amazon RDS for SAP ASE cross-region read replicas provides near-synchronous replication and fast failover.

117
MCQmedium

A company is migrating its SAP ERP system to AWS. The SAP application requires low-latency access to the database and high network throughput between application and database tiers. Which AWS architecture should the company use?

A.Place the SAP application servers in a different AWS Region than the database.
B.Use Amazon S3 as the database storage layer.
C.Place the SAP application servers in one Availability Zone and the database in another Availability Zone.
D.Use a placement group with enhanced networking for both application and database instances.
AnswerD

Placement groups provide low latency and high throughput within a single AZ.

Why this answer

Option D is correct because placing application and database in the same placement group with enhanced networking ensures low latency and high throughput. Option A is wrong because different Availability Zones add latency. Option B is wrong because different Regions adds significant latency.

Option C is wrong because S3 is not for database storage.

118
MCQmedium

An SAP administrator wants to ensure that the SAP application server can communicate with the HANA database using the private IP address within the same VPC. What configuration is necessary?

A.Attach an Internet Gateway to the VPC.
B.Set up a NAT Gateway for the database subnet.
C.Establish a VPN connection to the on-premises network.
D.Configure a security group rule allowing traffic on the HANA database port from the application server's security group.
AnswerD

Security groups control traffic within VPC.

Why this answer

Option D is correct because within the same VPC, AWS resources can communicate using private IP addresses without internet or VPN connectivity. The key requirement is that the security group attached to the HANA database must allow inbound traffic on the HANA database port (typically 3<span+>15<span+>17 or 3<span+>00<span+>15 for HANA) from the security group associated with the SAP application server. This ensures that only traffic originating from the application server is permitted, maintaining security while enabling private IP communication.

Exam trap

The trap here is that candidates often confuse the need for external connectivity (internet or VPN) with internal VPC communication, mistakenly thinking that a NAT Gateway or Internet Gateway is required for any traffic between subnets, when in fact AWS VPCs natively route private IP traffic within the same VPC using the VPC router and security groups for access control.

How to eliminate wrong answers

Option A is wrong because an Internet Gateway is used to enable communication between a VPC and the internet, not for private IP communication within the same VPC; attaching an IGW would expose the resources unnecessarily and does not facilitate internal routing. Option B is wrong because a NAT Gateway is used to allow instances in a private subnet to initiate outbound traffic to the internet (e.g., for updates) while preventing inbound internet traffic; it is not required for internal VPC communication between application and database servers. Option C is wrong because a VPN connection is used to connect an on-premises network to the AWS VPC, not for communication between two AWS resources already within the same VPC; it adds unnecessary complexity and latency.

119
MCQhard

An SAP system running on AWS is experiencing intermittent connectivity issues between the SAP application servers and the database server. Both are in the same VPC but different subnets. The security groups and network ACLs are correctly configured. The issue occurs only during peak hours. Which of the following is the most likely cause?

A.Security group outbound rules are blocking return traffic.
B.The VPC peering connection is throttling traffic.
C.Network ACLs do not have rules to allow ephemeral ports for return traffic.
D.Security group inbound rules are misconfigured.
AnswerC

NACLs are stateless; failing to allow ephemeral ports can cause intermittent connectivity during high traffic.

Why this answer

Option D is correct because network ACLs are stateless and require explicit rules for both inbound and outbound traffic, and ephemeral ports are often missed. Option A is wrong because NACL rules are evaluated before security groups. Option B is wrong because VPC peering is not mentioned.

Option C is wrong because security groups are stateful and would not cause asymmetric traffic issues.

120
MCQeasy

A company runs SAP S/4HANA on AWS with a single-instance deployment. The database is hosted on an r5.8xlarge instance with 5000 provisioned IOPS EBS volumes. Recently, the system experienced a performance degradation during peak hours. CloudWatch metrics show that the EBS volume read latency is consistently above 10 ms, and the queue length is frequently peaking at 20. The instance is in the same Availability Zone as the EBS volumes. What should the administrator do to resolve the performance issue?

A.Move the instance to a different Availability Zone to reduce network latency.
B.Increase the provisioned IOPS on the EBS volumes to 10000.
C.Move the database to an instance with instance store volumes for better performance.
D.Migrate the EBS volumes to gp3 volume type with baseline performance.
AnswerB

Higher IOPS reduces latency and queue depth, improving performance.

Why this answer

The correct answer is B. The CloudWatch metrics show high read latency (>10 ms) and a queue length peaking at 20, which indicates that the EBS volume is throttling due to insufficient IOPS for the workload. Increasing provisioned IOPS from 5000 to 10000 directly addresses the bottleneck by allowing more I/O operations per second, reducing queue depth and latency.

Since the instance and volumes are in the same Availability Zone, network latency is not a factor, and instance store volumes are ephemeral and unsuitable for persistent SAP HANA data.

Exam trap

The trap here is that candidates may assume high latency is due to network distance (Option A) or that gp3 volumes always provide better performance (Option D), but the key metric is queue length, which directly points to IOPS exhaustion on the provisioned IOPS volume.

How to eliminate wrong answers

Option A is wrong because moving the instance to a different Availability Zone would increase network latency between the instance and the EBS volumes, worsening the performance issue, not resolving it. Option C is wrong because instance store volumes are ephemeral (data is lost on stop/termination) and do not provide the durability or snapshot capabilities required for SAP HANA database persistence; they are also not available on all instance types. Option D is wrong because gp3 volumes have a baseline of 3000 IOPS regardless of size, which is lower than the current 5000 IOPS, and while they can be provisioned with additional IOPS, the default baseline performance would degrade the workload further; the immediate fix is to increase IOPS on the existing io1/io2 volumes.

121
MCQeasy

A company is planning to migrate its SAP HANA database to AWS. The database size is 3 TB, and they need high I/O performance with low latency. The SAP workload is critical and requires high availability. Which AWS storage solution should they choose for the HANA data volume?

A.Amazon EBS gp3 volumes.
B.EC2 Instance Store volumes.
C.Amazon EFS with Provisioned Throughput.
D.Amazon EBS io2 Block Express volumes.
AnswerD

io2 Block Express offers high performance, low latency, and high durability, making it ideal for SAP HANA.

Why this answer

Option C is correct because AWS strongly recommends using io2 Block Express volumes for SAP HANA due to their high performance, durability, and ability to meet SAP's high availability requirements. Option A (EFS) is a file system, not block storage. Option B (gp3) is cost-effective but may not provide the consistent low latency needed for HANA.

Option D (Instance Store) provides low latency but is ephemeral and not suitable for persistent data.

122
MCQeasy

An SAP system administrator wants to automate the patching of SAP HANA database instances running on EC2. Which AWS service can schedule and execute patching workflows with approval gates?

A.AWS Systems Manager Maintenance Windows
B.AWS Config
C.AWS CloudFormation
D.Amazon CloudWatch Events
AnswerA

Maintenance Windows can schedule patching with approval gates.

Why this answer

Option A is correct because AWS Systems Manager Maintenance Windows allow scheduling of patching with optional approval workflows. Option B is wrong because AWS Config is for compliance, not patching. Option C is wrong because CloudWatch Events can trigger actions but lacks built-in approval gates.

Option D is wrong because CloudFormation is for infrastructure provisioning, not patching.

123
Multi-Selectmedium

A company is migrating an SAP system to AWS and needs to ensure backup compliance. The SAP database is SAP HANA. Which TWO AWS services can be used to back up SAP HANA databases?

Select 2 answers
A.Backint agent for SAP HANA
B.Amazon S3 lifecycle policies
C.AWS Storage Gateway
D.AWS Database Migration Service (DMS)
E.AWS Backup
AnswersA, E

Backint is SAP-certified for HANA backups to S3.

Why this answer

AWS Backup can automate HANA backups, and Backint agent for SAP HANA is an SAP-certified backup integration. Option A (Amazon S3) is storage, not a backup service. Option C (AWS Storage Gateway) is for hybrid storage.

Option E (AWS DMS) is for migration.

124
MCQhard

A company runs SAP on AWS and uses a Multi-AZ RDS for SAP HANA database. The database fails over unexpectedly, causing application downtime. The operations team wants to analyze the cause of the failover. Which set of logs should be examined?

A.AWS CloudTrail logs and S3 access logs.
B.RDS events and DB instance logs.
C.CloudWatch Logs from the EC2 instance hosting the database.
D.VPC Flow Logs and Network Load Balancer logs.
AnswerB

RDS events and DB logs contain failover causes.

Why this answer

Option B is correct because RDS events and DB instance logs (error log, slow query log) provide information about failover causes. Option A is wrong because CloudTrail logs API calls, not database events. Option C is wrong because VPC Flow Logs are for network traffic.

Option D is wrong because CloudWatch Logs for the OS are not available for RDS.

125
MCQmedium

A company manages a multi-account AWS environment using AWS Organizations. The operations team needs to ensure that all accounts have CloudTrail enabled and that logs are delivered to a centralized S3 bucket. What is the MOST efficient way to enforce this configuration?

A.Configure CloudTrail in the management account with an S3 bucket policy that grants access to all member accounts.
B.Deploy an AWS CloudFormation StackSet with a template that enables CloudTrail and configures the S3 bucket in every account and region.
C.Create a custom script using AWS CLI to enable CloudTrail in each account and region.
D.Use AWS Service Catalog to publish a CloudTrail product and require each account to launch it.
AnswerB

StackSets provide centralized, consistent deployment and drift detection.

Why this answer

Option B is correct because AWS CloudFormation StackSets allow you to deploy a CloudTrail configuration template across multiple accounts and regions in a single, automated operation. This approach ensures consistent enforcement of the policy without manual intervention, leveraging the centralized management capabilities of AWS Organizations.

Exam trap

The trap here is that candidates often assume a single CloudTrail configuration in the management account with a shared S3 bucket is sufficient, but CloudTrail must be enabled independently in each account to capture its own API activity.

How to eliminate wrong answers

Option A is wrong because configuring CloudTrail in the management account only enables it for that account, not for member accounts; the S3 bucket policy alone does not enable CloudTrail in other accounts. Option C is wrong because a custom CLI script is less efficient, error-prone, and does not provide automated drift detection or centralized rollback compared to StackSets. Option D is wrong because AWS Service Catalog requires each account to manually launch the product, which does not enforce the configuration automatically across all accounts.

126
MCQhard

An SAP administrator runs the AWS CLI command shown in the exhibit. The SAP HANA instance is running on an r5.4xlarge in us-east-1a. The administrator wants to change the instance type to r5.8xlarge to improve performance. What must the administrator do first?

A.Create an AMI of the instance and launch a new instance with the larger type.
B.Detach the EBS volumes and attach them to a new instance.
C.Stop the instance from the AWS Management Console.
D.Modify the instance type in the instance settings while it is running.
AnswerC

Instance must be stopped to modify instance type.

Why this answer

Option D is correct. To change the instance type, the instance must be in the stopped state. Option A is incorrect because you cannot change instance type while running.

Option B is incorrect because r5.4xlarge and r5.8xlarge are in the same instance family. Option C is incorrect because you can change instance type to any size within the same family without re-attaching volumes.

127
MCQhard

An SAP environment on AWS uses Amazon FSx for NetApp ONTAP for shared storage. The system is experiencing high write latency. The storage administrator suspects the volume is not optimized for SAP workloads. Which configuration change would most likely reduce write latency?

A.Enable data compression on the volume.
B.Enable tiering policy to allow all data to be served from the SSD tier.
C.Enable the capacity pool tiering to auto-tier cold data to Amazon S3.
D.Increase the size of the volume.
AnswerB

Moving data to SSD tier reduces latency compared to HDD.

Why this answer

Option A is correct because read-write SSD tiering reduces latency. Option B is wrong because compression increases CPU overhead. Option C is wrong because it does not affect write latency.

Option D is wrong because it increases latency.

128
MCQeasy

An SAP system on AWS needs to send alerts when the CPU utilization of the application server exceeds 90% for more than 5 minutes. Which AWS service should be used to set up this monitoring?

A.AWS Config
B.Amazon Inspector
C.AWS CloudTrail
D.Amazon CloudWatch
AnswerD

CloudWatch monitors metrics and can trigger alarms.

Why this answer

Amazon CloudWatch is the correct service because it can monitor CPU utilization metrics for EC2 instances and trigger alarms based on thresholds. You can configure a CloudWatch alarm to evaluate the CPUUtilization metric over a 5-minute period and send notifications via Amazon SNS when the 90% threshold is breached.

Exam trap

The trap here is that candidates often confuse AWS CloudTrail (API logging) with CloudWatch (metrics and alarms), or think AWS Config can monitor performance metrics because it tracks configuration changes.

How to eliminate wrong answers

Option A is wrong because AWS Config is used for resource inventory, configuration history, and compliance auditing, not for real-time metric monitoring or alerting. Option B is wrong because Amazon Inspector is a vulnerability assessment service that scans for software vulnerabilities and unintended network exposure, not for tracking CPU utilization metrics. Option C is wrong because AWS CloudTrail records API activity and governance events, not performance metrics like CPU utilization.

129
MCQhard

A customer runs SAP HANA on an AWS Multi-AZ deployment with a primary and secondary instance. They want to ensure automatic failover in case of instance failure. What is the recommended approach?

A.Implement SAP HANA System Replication in a multi-AZ configuration with automatic failover using AWS services.
B.Set up a Route 53 health check to redirect traffic to the secondary instance manually.
C.Use Amazon RDS for SAP HANA with Multi-AZ enabled.
D.Configure an Auto Scaling group with a lifecycle hook to launch a new HANA instance.
AnswerA

HANA System Replication with automatic failover is the recommended method.

Why this answer

Option D is correct because AWS offers a native HANA multi-AZ solution using HANA System Replication with automatic failover. Option A is wrong because auto-scaling doesn't handle database failover. Option B is wrong because RDS custom does not support HANA.

Option C is wrong because manual DNS change is not automatic.

130
MCQhard

A company is migrating an SAP ECC 6.0 system to SAP S/4HANA on AWS. They plan to use SAP DMO. Which AWS service can be used to accelerate the data transfer during the migration?

A.AWS Database Migration Service (AWS DMS)
B.AWS Snowball Edge
C.AWS DataSync
D.AWS Direct Connect
AnswerB

Snowball Edge can be integrated with SAP DMO for offline data transfer.

Why this answer

AWS Snowball Edge can be used with SAP DMO to transfer data offline, especially for large databases. AWS Direct Connect improves network speed but is not a service for acceleration. AWS DataSync is for file data.

AWS DMS is not used with DMO.

131
MCQeasy

A company runs its SAP system on AWS and uses a Multi-AZ RDS for Oracle database for the SAP Central Services (SCS) instance. The SCS instance is currently on a single EC2 instance in one Availability Zone. The company wants to ensure high availability for the SCS service. What should they do?

A.Implement an SAP ASCS/ERS cluster using two EC2 instances and a shared file system.
B.Place the SCS instance on a larger EC2 instance and use EBS snapshots for recovery.
C.Use an Application Load Balancer to distribute traffic to multiple SCS instances.
D.Configure the SCS instance on the existing RDS for Oracle database.
AnswerA

This is the standard HA setup for SAP Central Services on AWS.

Why this answer

Option A is correct because SAP Central Services can be deployed in an ASCS/ERS cluster using two EC2 instances with shared storage (like EBS Multi-Attach or FSx for Windows) and a floating IP. Option B (RDS for Oracle) can be HA but not for SCS. Option C (single instance with EBS snapshots) does not provide HA.

Option D (Application Load Balancer) is for HTTP traffic, not SAP protocols.

132
Multi-Selecthard

An organization has an SAP S/4HANA system running on AWS. The system uses a multi-node HANA scale-out configuration. The company wants to implement a disaster recovery solution with an RPO of less than 1 hour and an RTO of less than 2 hours. The DR site is in a different AWS Region. Which THREE components should be included in the DR plan?

Select 3 answers
A.Cross-region Amazon Machine Image (AMI) copies for the SAP application servers.
B.AWS Global Accelerator to route traffic to the closest Region.
C.Amazon Route 53 DNS failover routing policy to redirect traffic to the DR Region in case of failure.
D.SAP HANA System Replication from the primary to the DR region using asynchronous replication.
E.Daily EBS snapshots of all volumes copied to the DR Region.
AnswersA, C, D

Pre-copied AMIs allow quick instance launch in DR.

Why this answer

Option A is correct because AMI copies can be automated to replicate SAP application server configurations across regions, enabling rapid recovery of stateless application servers within the RTO. Since SAP application servers are stateless and can be recreated from AMIs, cross-region AMI copies provide a fast and reliable method to restore the application tier in the DR region without relying on storage-level replication.

Exam trap

The trap here is that candidates often assume daily EBS snapshots are sufficient for DR, but they fail to meet the strict RPO of less than 1 hour because snapshots are not continuous replication, and the restore time from snapshots can easily exceed the 2-hour RTO for large SAP HANA volumes.

133
Multi-Selectmedium

Which TWO actions should be taken to improve the high availability of a single-instance SAP HANA database running on EC2? (Choose two.)

Select 2 answers
A.Set up HANA System Replication to a second EC2 instance in a different Availability Zone.
B.Enable Multi-AZ on the RDS instance.
C.Move the HANA data files to Amazon FSx for Lustre.
D.Increase the instance size to a larger type.
E.Configure automated EBS snapshots for the HANA data volumes.
AnswersA, E

HANA System Replication provides automatic failover across AZs.

Why this answer

Options B and D are correct. Option B creates a standby instance in another AZ using replication. Option D creates automated snapshots for point-in-time recovery.

Option A is wrong because increasing instance size does not improve availability. Option C is wrong because Multi-AZ RDS is for RDS, not EC2-based HANA. Option E is wrong because Amazon FSx does not replace the database.

134
MCQhard

An SAP Basis administrator notices that the SAP application server logs show repeated connection timeouts to the database. The database is running on an RDS for SAP HANA instance. The application server and database are in the same VPC but different subnets. The security groups allow inbound traffic from the application server's security group on port 3xx17. Network ACLs allow both inbound and outbound traffic on ephemeral ports. Despite this, connections fail intermittently. What is the most likely cause?

A.The RDS instance's DNS name resolves to a different IP address intermittently.
B.The network ACL is stateful and blocking return traffic.
C.The security group for the RDS instance does not allow inbound traffic on the HANA internal communication port (e.g., 3xx18).
D.The application server's subnet has a route table that points to a NAT gateway instead of the database subnet.
AnswerC

HANA requires multiple ports; missing one causes intermittent failures.

Why this answer

Option A is correct because RDS for SAP HANA uses a database port (e.g., 3xx17) but also requires an additional port for internal services. If the security group does not allow traffic on that additional port, connections may fail. Option B is incorrect because NACLs are stateless but properly configured.

Option C is incorrect because RDS does not use DNS-based routing issues typically. Option D is incorrect because the issue is not about routing tables if within same VPC.

135
Multi-Selecthard

A company runs SAP Business Suite on AWS and wants to implement a disaster recovery solution using a pilot light approach. Which THREE components should be pre-provisioned in the DR region to reduce recovery time?

Select 3 answers
A.An Amazon RDS for SAP HANA instance
B.Running EC2 instances for all SAP components
C.Pre-allocated Elastic IP addresses
D.Custom AMIs for SAP application servers
E.Pre-provisioned EBS volumes with HANA data replicated via log shipping
AnswersC, D, E

Elastic IPs can be quickly associated to recovered instances.

Why this answer

Options A, B, and D are correct. Pre-provisioning EBS volumes (A), AMIs (B), and Elastic IPs (D) helps reduce RTO. Option C is wrong because EC2 instances should not be running to avoid costs.

Option E is wrong because Amazon RDS for SAP HANA is not used; HANA runs on EC2.

136
Multi-Selectmedium

Which THREE factors should be considered when planning a recovery point objective (RPO) and recovery time objective (RTO) for an SAP system on AWS?

Select 3 answers
A.Storage type (EBS vs. instance store)
B.AWS Region and Availability Zone
C.EC2 instance type and size
D.Number of SAP users
E.Backup frequency and retention period
AnswersA, C, E

EBS volumes can be restored faster, affecting RTO.

Why this answer

RPO is determined by backup frequency and replication lag; RTO is affected by instance size and storage type; cross-region replication can help but RTO depends on failover time.

137
Multi-Selecteasy

A company is deploying SAP S/4HANA on AWS and needs to ensure high availability for the database layer. Which TWO actions should the company take?

Select 2 answers
A.Store HANA backups in Amazon S3 Standard-IA
B.Configure SAP HANA System Replication across two Availability Zones
C.Use Amazon EFS as the data volume for HANA
D.Provision Amazon EBS io2 Block Express volumes for HANA data
E.Enable EC2 Auto Scaling for the HANA instance
AnswersB, D

HANA System Replication provides synchronous replication for HA.

Why this answer

Options A and C are correct. HANA System Replication across AZs (A) and using EBS io2 volumes (C) are key for HA. Option B is wrong because EFS is not used for database data.

Option D is wrong because Auto Scaling is not for HANA. Option E is wrong because S3 Standard-IA is for backups, not primary storage.

138
Multi-Selecthard

An SAP system running on AWS is experiencing high latency in the application layer. The system uses a load balancer to distribute traffic across multiple EC2 instances. Which THREE actions could help diagnose the latency issue? (Choose THREE.)

Select 3 answers
A.Monitor the EC2 instance CPU and memory utilization using Amazon CloudWatch metrics.
B.Check AWS Config rules for any non-compliant resources.
C.Use Amazon CloudWatch detailed monitoring to get 1-minute metrics for EC2 instances.
D.Enable and analyze the Application Load Balancer access logs to identify slow requests.
E.Review VPC Flow Logs to check for packet loss or throttling.
AnswersA, C, D

High CPU/memory can cause latency.

Why this answer

Options A, B, and D are correct. CloudWatch metrics help identify resource bottlenecks. ALB access logs show request-level details.

Detailed monitoring provides high-resolution metrics. Option C (VPC Flow Logs) helps with network analysis but not application latency. Option E (AWS Config) tracks configuration changes, not performance.

139
MCQmedium

A company runs an SAP HANA system on AWS. The system uses a three-node cluster with HANA System Replication (HSR) in a scale-out configuration. The cluster spans three Availability Zones. Which architecture ensures the highest availability for the SAP HANA database?

A.Use a cluster of nodes across three Availability Zones with HANA System Replication and automatic failover.
B.Configure HANA System Replication in active/active mode across all nodes.
C.Use Amazon RDS for SAP HANA with Multi-AZ deployment.
D.Deploy all nodes in a single Availability Zone with synchronous replication.
AnswerA

B is correct: multi-AZ with HSR provides high availability.

Why this answer

Option B is correct: for HSR scale-out, a multi-AZ cluster with automatic failover provides high availability. Option A is incorrect because a single AZ is a single point of failure. Option C is incorrect because HSR active/active is not supported for scale-out.

Option D is incorrect because Multi-AZ is for RDS, not HANA on EC2.

140
Matchingmedium

Match the AWS managed service to its SAP-related capability.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Track SAP license usage and compliance

Patch management and automation for SAP instances

Monitoring SAP metrics and logs

Best practice checks for SAP on AWS

Why these pairings

These AWS services help manage SAP operations.

141
Multi-Selectmedium

An SAP customer is running SAP HANA on AWS using m5.8xlarge instances. They want to implement a disaster recovery (DR) strategy using a secondary region with a standby HANA instance. Which TWO options should they consider to replicate the HANA data to the DR region? (Select TWO.)

Select 2 answers
A.Use AWS Database Migration Service (DMS) to continuously replicate HANA to the DR region.
B.Use Amazon EBS Snapshots and copy them to the DR region for periodic restore.
C.Configure SAP HANA System Replication (HSR) to replicate data to the secondary region.
D.Use Amazon EFS to replicate the HANA data directory to the DR region.
E.Use AWS S3 Transfer Acceleration to continuously upload HANA log files to the DR region.
AnswersB, C

EBS Snapshots can be used for backup and copied across regions for DR, though with potential data loss.

Why this answer

Options B and C are correct. SAP HANA System Replication is the standard method for replicating data between HANA instances across regions. Amazon EBS Snapshots can be copied to another region and used to restore volumes.

Option A (EFS) is not suitable for HANA data volumes. Option D (S3 Transfer Acceleration) is not a replication method for HANA. Option E (DMS) is for database migrations, not ongoing replication.

142
MCQmedium

A company runs SAP NetWeaver on AWS and notices that the application server is experiencing high CPU utilization during peak hours. They need to scale out the SAP application tier. What is the best approach?

A.Use AWS Global Accelerator to distribute traffic
B.Increase the instance size of the existing application server
C.Manually launch additional EC2 instances and configure them as application servers
D.Use an Auto Scaling group to automatically launch additional application servers and register them with the SAP application load balancer
AnswerD

Auto Scaling enables dynamic scaling and load distribution.

Why this answer

Adding more SAP application servers (ASCS) behind an Application Load Balancer distributes load and provides HA. Option A is wrong because vertical scaling is limited. Option B is wrong because ASG alone does not register with SAP load balancer.

Option C is wrong because launching manually is not automated.

143
Multi-Selectmedium

A company is migrating an SAP HANA system to AWS using SAP HANA System Replication (HSR). The migration must have a Recovery Point Objective (RPO) of less than 15 minutes and a Recovery Time Objective (RTO) of less than 2 hours. Which TWO actions should the company take to meet these objectives?

Select 2 answers
A.Deploy the target system in a different Availability Zone
B.Use Amazon EBS snapshots for data replication
C.Place the target system in a different AWS Region
D.Use a single Availability Zone for both source and target
E.Configure SAP HANA System Replication in synchronous mode
AnswersA, E

Multi-AZ deployment enables fast failover and meets RTO requirements.

Why this answer

Options A and D are correct. Synchronous replication provides near-zero RPO but increases latency; asynchronous mode with a short RPO can meet <15 minutes with proper network. Using a multi-AZ deployment ensures rapid failover for RTO <2 hours.

Option B (single AZ) increases risk. Option C (separate region) increases latency. Option E (EBS snapshots) does not meet RPO.

144
MCQhard

A company is designing a multi-tier SAP architecture on AWS. They want to separate the SAP application tier and database tier into different subnets for security. Which AWS networking component should they use to connect the tiers?

A.AWS Direct Connect
B.VPC peering connection
C.AWS Site-to-Site VPN
D.AWS Transit Gateway
AnswerB

VPC peering connects VPCs, allowing communication between tiers.

Why this answer

Option B is correct because VPC peering connection allows direct network connectivity between two VPCs using private IPv4 or IPv6 addresses, enabling the SAP application tier and database tier to communicate securely across different subnets without traversing the public internet. This is a common pattern for multi-tier SAP architectures on AWS where each tier resides in its own VPC for isolation, and VPC peering provides low-latency, high-bandwidth connectivity ideal for SAP's performance requirements.

Exam trap

The trap here is that candidates may choose AWS Transit Gateway because they think it is required for any multi-VPC connectivity, but the question specifically asks for connecting only two tiers (two VPCs), where VPC peering is simpler, cheaper, and sufficient—Transit Gateway is only needed when connecting three or more VPCs or when transitive routing is required.

How to eliminate wrong answers

Option A is wrong because AWS Direct Connect is a dedicated physical network connection from on-premises to AWS, not a mechanism to connect two VPCs or subnets within AWS; it would be used for hybrid connectivity, not inter-tier communication. Option C is wrong because AWS Site-to-Site VPN is also designed for hybrid connectivity between on-premises networks and AWS, not for connecting VPCs or subnets within the same AWS region; it introduces unnecessary latency and complexity for intra-AWS traffic. Option D is wrong because AWS Transit Gateway is a hub-and-spoke network transit service for connecting multiple VPCs and on-premises networks, which is overkill for a simple two-tier connection; VPC peering is simpler and more cost-effective for this specific use case.

145
MCQmedium

A company runs SAP on AWS and needs to implement a disaster recovery (DR) strategy. The primary site is in us-east-1, and the DR site is in us-west-2. The database is SAP HANA. Which approach provides the lowest RPO?

A.SAP HANA system replication in asynchronous mode.
B.Database backups to S3 and cross-region replication of S3 bucket.
C.EBS snapshots replicated to the DR region using cross-region snapshot copy.
D.SAP HANA system replication in synchronous mode across regions.
AnswerD

Synchronous replication ensures data is committed at both sites, minimizing data loss.

Why this answer

Option A is correct because HANA system replication with synchronous mode provides near-zero RPO. Option B is wrong because asynchronous replication may have higher RPO. Option C is wrong because EBS snapshots have higher RPO.

Option D is wrong because restoring from S3 is slow and has higher RPO.

146
MCQmedium

An organization is migrating a large data lake (500 TB) from on-premises HDFS to Amazon S3. The migration must be completed within 3 weeks. The network bandwidth between on-premises and AWS is 1 Gbps. What is the MOST efficient migration approach?

A.Use AWS DataSync over the existing internet connection.
B.Order a dedicated AWS Direct Connect circuit at 10 Gbps and use AWS DataSync.
C.Use Amazon S3 Transfer Acceleration to speed up the transfer over the internet.
D.Use multiple AWS Snowball Edge devices to transfer the data in parallel.
AnswerD

Snowball Edge provides high-capacity offline storage and multiple devices can be used concurrently, meeting the deadline.

Why this answer

Given the 500 TB data volume and a 3-week deadline, the 1 Gbps network bandwidth yields a theoretical maximum transfer of only ~340 TB in 3 weeks (1 Gbps * 21 days * 86400 seconds / 8 bits per byte), which is insufficient. AWS Snowball Edge devices provide a petabyte-scale, offline data transfer solution that bypasses network constraints entirely, allowing parallel transfers to meet the timeline. This is the most efficient approach because it avoids network bottlenecks and leverages physical shipping for massive datasets.

Exam trap

The trap here is that candidates underestimate the time required for network-based transfers over limited bandwidth and overestimate the effectiveness of acceleration technologies like S3 Transfer Acceleration or Direct Connect, failing to recognize that physical shipping is the only viable option for hundreds of terabytes within a strict deadline.

How to eliminate wrong answers

Option A is wrong because AWS DataSync over a 1 Gbps internet connection would take approximately 46 days to transfer 500 TB (accounting for overhead and realistic throughput), far exceeding the 3-week deadline. Option B is wrong because even with a dedicated 10 Gbps Direct Connect circuit, the transfer would still take ~4.6 days under ideal conditions, but provisioning and configuring a 10 Gbps circuit typically takes weeks, making it impractical for the 3-week window. Option C is wrong because S3 Transfer Acceleration only optimizes network path routing and does not increase bandwidth; it cannot overcome the fundamental limitation of a 1 Gbps link, which would still require over 46 days for 500 TB.

147
MCQmedium

A company runs SAP on AWS and has configured a cross-region DR strategy using Amazon EBS snapshots. The DR region is in us-west-2. After a region-wide outage, the administrator attempts to restore the snapshots but finds the latest snapshot is incomplete. What is the most likely cause?

A.The IAM role used for copying snapshots does not have permissions
B.The latest snapshot copy had not completed before the outage
C.The snapshots are encrypted with a KMS key that is not available in us-west-2
D.The snapshot ID used for recovery is not valid
AnswerB

Cross-region copy takes time; if outage occurs during copy, snapshot may be partial.

Why this answer

Option B is correct because cross-region snapshot copies are asynchronous and may fail if the source region becomes unavailable. Option A is wrong because IAM does not prevent copying. Option C is wrong because KMS keys can be used cross-region with proper configuration.

Option D is wrong because the snapshot ID would not become invalid.

148
MCQhard

An SAP system uses a shared file system via Amazon FSx for Windows File Server. The system administrators report that file locks are not being released properly, causing application errors. What is the most likely cause and solution?

A.Increase the throughput capacity of the FSx file system.
B.Enable the file lock duration feature on the FSx file system to automatically release stale locks.
C.The file system is using NFSv3 protocol; switch to NFSv4.
D.The file system is using Amazon S3 as the backing store; migrate to EFS.
AnswerB

FSx for Windows supports file lock duration to release locks automatically.

Why this answer

Option C is correct because stale file locks can be released by enabling automatic file lock duration or using the FSx file lock command. Option A is wrong because S3 does not support file locking. Option B is wrong because EFS supports NFSv4 locks but this is Windows.

Option D is wrong because increasing throughput does not address lock issues.

149
MCQhard

A company is migrating their SAP Business Suite on SAP HANA to AWS. They need to transfer the data securely and efficiently. The source environment is in a different country with limited network bandwidth. The total data size is 100 TB. What is the most efficient migration approach?

A.Establish an AWS Direct Connect connection and use AWS DMS for full load and replication
B.Use AWS Snowball Edge for the initial data load, then AWS DMS for ongoing replication
C.Use a VPN connection and AWS DMS for both full load and continuous replication
D.Use AWS DataSync over the internet to transfer data and then switch to DMS
AnswerB

Snowball handles the large initial load offline; DMS handles incremental changes.

Why this answer

For large data volumes with limited bandwidth, using AWS Snowball devices for offline transfer is most efficient. After the initial load, AWS DMS can replicate ongoing changes. Option A is correct.

Option B (AWS Direct Connect) would require high bandwidth and time. Option C (VPN + DMS) is slow for initial load. Option D (AWS DataSync) is also network-based.

150
MCQmedium

An organization is migrating its SAP ECC system to AWS. The system currently uses a physical IBM Db2 database. The company wants to minimize licensing costs and management overhead after migration. The SAP system will be deployed on Amazon EC2. Which database option should the company choose?

A.Migrate to SAP ASE (Sybase) on EC2.
B.Continue using IBM Db2 on EC2 to avoid migration complexity.
C.Migrate to SAP HANA on EC2 to gain in-memory benefits.
D.Migrate to Oracle Database on Amazon RDS.
AnswerA

SAP ASE is supported and often lower cost.

Why this answer

SAP ASE (Sybase) is the recommended database for SAP workloads on AWS when minimizing licensing costs and management overhead is a priority. Unlike IBM Db2 or Oracle, SAP ASE has lower licensing fees and is fully supported by SAP for production use on EC2. It also avoids the complexity and higher cost of migrating to SAP HANA, which is unnecessary for an existing SAP ECC system that does not require in-memory capabilities.

Exam trap

The trap here is that candidates may assume SAP HANA is always the best choice for SAP workloads due to its in-memory performance benefits, but for existing ECC systems, the higher licensing cost and complexity outweigh the advantages, making SAP ASE the more practical option.

How to eliminate wrong answers

Option B is wrong because continuing with IBM Db2 on EC2 incurs high licensing costs and management overhead, contradicting the goal of minimizing both. Option C is wrong because migrating to SAP HANA on EC2 introduces significant licensing expense and operational complexity, and the in-memory benefits are not required for a standard SAP ECC system. Option D is wrong because Oracle Database on Amazon RDS is not a supported database platform for SAP workloads; SAP only supports specific databases like SAP ASE, IBM Db2, SAP HANA, and Oracle on EC2, not on RDS.

Page 1

Page 2 of 24

Page 3