AWS Certified SAP on AWS Specialty PAS-C01 (PAS-C01) — Questions 376450

1733 questions total · 24pages · All types, answers revealed

Page 5

Page 6 of 24

Page 7
376
MCQeasy

A customer wants to migrate their SAP HANA database to AWS and needs to ensure that the EBS volumes for /hana/data and /hana/log are configured for maximum throughput and low latency. Which EBS volume type should be used for /hana/data?

A.st1
B.io2
C.gp3
D.sc1
AnswerB

io2 provides low latency and high IOPS suitable for HANA.

Why this answer

For SAP HANA workloads on AWS, the /hana/data volume requires the highest level of IOPS and low latency to support real-time data processing. io2 Block Express volumes provide up to 256,000 IOPS and sub-millisecond latency, making them the correct choice for /hana/data. io2 volumes also offer 99.999% durability, which is critical for SAP HANA database consistency.

Exam trap

The trap here is that candidates often choose gp3 (Option C) because it is the default general-purpose SSD and can be provisioned for high IOPS, but they overlook that SAP HANA certification for /hana/data mandates io1 or io2 volumes to guarantee the consistent low latency and durability required for production workloads.

How to eliminate wrong answers

Option A (st1) is wrong because st1 is a throughput-optimized HDD volume designed for large sequential workloads like big data and log processing, not for the random I/O and low-latency requirements of SAP HANA /hana/data. Option C (gp3) is wrong because while gp3 offers baseline performance and can be provisioned for higher IOPS, it does not match the maximum throughput and sub-millisecond latency of io2 Block Express, and SAP HANA certification for production /hana/data specifically requires io1 or io2 volumes. Option D (sc1) is wrong because sc1 is a cold HDD volume designed for infrequently accessed data with the lowest cost, and its performance is completely inadequate for the high IOPS and low latency demands of SAP HANA /hana/data.

377
MCQmedium

A retail company is migrating its SAP ERP system to AWS. The system includes an SAP HANA database (1 TB) and an SAP NetWeaver application server. The migration strategy is to use AWS Database Migration Service (DMS) for the database and then manually install the application server on an EC2 instance. The network connection is AWS Direct Connect with 1 Gbps bandwidth. During the migration, the DMS task for the database completes successfully, but the application server installation fails because the SAP installation media is not accessible. The installation media is stored on an on-premises file server. The EC2 instance for the application server is in a private subnet with no direct internet access. The administrator has created a VPC endpoint for S3 to access the media, but the media is not in S3. Which step should the administrator take to make the installation media available?

A.Copy the installation media to an S3 bucket and use the VPC endpoint to access it.
B.Add a route in the VPC route table to direct traffic to the on-premises network via Direct Connect.
C.Attach an internet gateway to the VPC and assign a public IP to the EC2 instance.
D.Use AWS Storage Gateway to cache the media in S3.
AnswerB

Enables the EC2 instance to reach the on-premises file server.

Why this answer

Since the media is on-premises, the EC2 instance needs access to the on-premises file server. Option A is correct because using Direct Connect, the private subnet can route to on-premises via the VPC route table. Option B is wrong because the media is not in S3.

Option C is wrong because the media is not on the internet. Option D is wrong because the media is not in S3.

378
MCQeasy

A company is migrating its SAP BusinessObjects to AWS. The current on-premises deployment uses a Windows-based environment. Which AWS service should the company use to migrate the Windows servers?

A.AWS Schema Conversion Tool (AWS SCT)
B.AWS Application Migration Service (AWS MGN)
C.AWS Database Migration Service (AWS DMS)
D.AWS Server Migration Service (AWS SMS)
AnswerB

MGN automates server migration for Windows and Linux.

Why this answer

Option B is correct because AWS MGN is the recommended service for migrating Windows servers to AWS. Option A is wrong because AWS DMS is for databases, not servers. Option C is wrong because AWS SCT is for schema conversion.

Option D is wrong because AWS Server Migration Service (SMS) is deprecated.

379
Multi-Selecthard

An operations team is planning a disaster recovery (DR) strategy for an SAP system on AWS. The system includes SAP HANA database and application servers. The DR site must have a Recovery Time Objective (RTO) of 2 hours and a Recovery Point Objective (RPO) of 15 minutes. Which THREE components are essential for this DR strategy? (Choose THREE.)

Select 3 answers
A.AWS CloudFormation templates to provision the DR infrastructure
B.Multi-AZ deployment of the SAP application servers
C.Amazon S3 Cross-Region Replication for SAP backup files
D.Amazon Route 53 health checks and failover routing
E.Cross-Region replication of EBS snapshots for SAP HANA data volumes
AnswersA, C, E

Automated provisioning helps meet the 2-hour RTO.

Why this answer

A, C, and D are correct. Cross-Region replication of EBS snapshots provides RPO of 15 minutes. CloudFormation templates automate infrastructure deployment to meet RTO.

S3 Cross-Region Replication for backups ensures data availability. B is wrong because Multi-AZ is for high availability, not DR. E is wrong because while Route 53 is important, it is not the core component for meeting RTO/RPO.

380
MCQeasy

A company is planning to migrate its SAP HANA database to AWS. They require high availability with automatic failover in less than 30 seconds. Which AWS service should be used to meet this requirement?

A.Elastic Load Balancing
B.AWS Direct Connect
C.AWS Global Accelerator
D.Amazon Route 53
AnswerD

Route 53 with failover routing can meet the sub-30-second failover requirement.

Why this answer

Amazon Route 53 can be configured with health checks and DNS failover to automatically redirect traffic to a standby SAP HANA database in a different Availability Zone or region when the primary fails. With a low TTL (e.g., 5 seconds) and active-passive routing, failover can occur in under 30 seconds, meeting the high availability requirement.

Exam trap

The trap here is that candidates often confuse high-availability load balancing (ELB) with DNS-based failover (Route 53), assuming ELB can handle database failover, but ELB cannot redirect traffic to a standby database in a different AZ or region with sub-30-second failover timing.

How to eliminate wrong answers

Option A is wrong because Elastic Load Balancing operates at Layer 4/7 and is designed for distributing traffic across multiple healthy targets, but it does not provide automatic DNS-based failover for database endpoints and cannot reroute traffic to a standby database in a different region within 30 seconds. Option B is wrong because AWS Direct Connect establishes a dedicated network connection from on-premises to AWS, but it does not offer any automatic failover or routing logic for database availability. Option C is wrong because AWS Global Accelerator improves performance and provides static IP addresses with health-check-based traffic shifting, but it operates at the network layer and is not designed for DNS-level failover of database endpoints with sub-30-second failover times.

381
MCQhard

An SAP HANA database on AWS is using EBS io2 volumes. The administrator wants to increase the IOPS limit to meet peak workload demands without changing the volume size. What is the maximum IOPS that can be provisioned for an io2 volume per GB?

A.2,000 IOPS per GB
B.500 IOPS per GB
C.1,000 IOPS per GB
D.100 IOPS per GB
AnswerC

io2 volumes support up to 1,000 IOPS per GB.

Why this answer

Option C is correct. io2 volumes have a maximum ratio of 1,000 IOPS per GB (up to 256,000 IOPS per volume). Option A is wrong because 500 IOPS/GB is for io1. Option B is wrong because 100 IOPS/GB is too low.

Option D is wrong because 2,000 IOPS/GB exceeds the io2 limit.

382
Multi-Selectmedium

Which TWO statements are correct regarding SAP HANA backup strategies on AWS? (Choose two.)

Select 2 answers
A.EBS snapshots are the most cost-effective option for long-term backup retention.
B.S3 can be used as a backup destination for SAP HANA using AWS Backup.
C.S3 Standard-IA storage class is optimal for cross-region replication.
D.EBS snapshots can be used for fast recovery of HANA database volumes.
E.SAP HANA backup to EBS volumes is the recommended method for long-term archival.
AnswersB, D

AWS Backup supports SAP HANA on EC2.

Why this answer

AWS Backup natively supports SAP HANA as a managed backup service, allowing backups to be stored directly in Amazon S3. This provides a durable, scalable, and cost-effective backup destination without the need to manage backup infrastructure or scripts. Option B is correct because AWS Backup integrates with SAP HANA to automate full, incremental, and differential backups to S3.

Exam trap

The trap here is that candidates often assume EBS snapshots are the best for all backup scenarios due to their speed and simplicity, but they overlook that AWS Backup with S3 provides superior cost efficiency and lifecycle management for long-term retention and archival.

383
MCQmedium

An SAP administrator applies the IAM policy shown in the exhibit to an IAM user. The administrator reports that the user can start and stop EC2 instances but cannot tag them. Why is the user unable to tag instances?

A.The user does not have permission to describe instances.
B.The resource ARN is too restrictive.
C.There is an implicit deny for all actions not listed.
D.The policy does not include the ec2:CreateTags action.
AnswerD

Tagging requires ec2:CreateTags action.

Why this answer

Option B is correct because the policy does not include ec2:CreateTags action. Option A is wrong because ec2:DescribeInstances is allowed but does not grant tagging. Option C is wrong because the resource is set to instance/* but tagging is an action, not a resource constraint.

Option D is wrong because there is no explicit deny.

384
Multi-Selecthard

A company is migrating a large SAP Business Suite system to AWS. The system has a 10 TB SAP HANA database. The migration window is limited to 48 hours. The company has a 1 Gbps direct connect link to AWS. Which TWO actions should the company take to minimize the migration time while ensuring data consistency?

Select 2 answers
A.Use AWS Snowball Edge to transfer a full database backup from on-premises to AWS, then restore it on the target HANA instance.
B.Set up SAP HANA System Replication (HSR) and let it synchronize the full database over the Direct Connect link.
C.Use AWS DMS to migrate the HANA database directly over the Direct Connect link.
D.After the initial restore from Snowball, configure SAP HANA System Replication to synchronize incremental changes.
E.Use AWS SCT to convert the database schema before migration.
AnswersA, D

Snowball accelerates initial data transfer.

Why this answer

Option A (initialize the target HANA instance with a backup/restore using AWS Snowball) is correct because it bypasses network limitations for the initial data load. Option D (configure SAP HANA System Replication over the Direct Connect link after initial load) is correct because it syncs incremental changes. Option B would take too long over the link.

Option C is for ongoing replication not initial load. Option E is a best practice but not for minimizing migration time.

385
MCQhard

A company is migrating its SAP ERP system to AWS and needs to maintain high availability. The SAP Central Services (ASCS) and ERS instances are currently on two separate physical servers. The company wants to use a single EC2 instance for both roles with Pacemaker clustering. Which configuration ensures that both instances can run simultaneously on the same host?

A.Use a Dedicated Host and configure two separate virtual servers using VMware on AWS.
B.Configure two network interfaces (ENIs) on the instance, one for ASCS and one for ERS.
C.Assign multiple private IP addresses to the same ENI and configure ASCS and ERS to bind to different IPs.
D.Install both ASCS and ERS on the same EC2 instance using the SAP NetWeaver 7.4 or later 'same host' capability.
AnswerD

Starting with NetWeaver 7.4, SAP supports running ASCS and ERS on the same physical host, which simplifies the architecture.

Why this answer

Option D is correct because SAP NetWeaver 7.4 and later support the 'same host' configuration for ASCS and ERS. Option A is wrong because multi-IP configuration is not typically required. Option B is wrong because dedicated tenancy is not necessary.

Option C is wrong because using a single ENI with multiple IPs is not standard.

386
MCQmedium

A company is migrating an SAP Business Suite system to AWS. The system has a large database and requires high network throughput between the application and database tiers. Which Amazon EC2 placement group strategy should be used?

A.Spread placement group
B.Partition placement group
C.Cluster placement group
D.No placement group
AnswerC

Cluster groups provide low-latency, high-throughput within an AZ.

Why this answer

Option C is correct because a cluster placement group provides low-latency, high-throughput connectivity within a single Availability Zone, which is optimal for application and database tier communication. Option A is wrong because spread placement groups are for high availability and reduce correlated failures, not for low latency. Option B is wrong because partition placement groups are for large distributed workloads.

Option D is wrong because no placement group would not guarantee low latency.

387
Multi-Selecteasy

Which TWO AWS services can be used to monitor the performance of SAP applications? (Select two.)

Select 2 answers
A.Amazon CloudWatch
B.AWS Config
C.AWS Shield
D.AWS CloudTrail
E.AWS X-Ray
AnswersA, E

CloudWatch collects metrics and logs from SAP infrastructure.

Why this answer

Amazon CloudWatch is correct because it provides comprehensive monitoring for SAP applications by collecting metrics such as CPU utilization, memory usage, disk I/O, and network throughput from EC2 instances running SAP. You can set custom CloudWatch alarms to trigger actions when SAP-specific performance thresholds are breached, and integrate with SAP's CCMS (Computing Center Management System) via the AWS SAP Monitoring agent to pull SAP application-level metrics like dialog response times and buffer hit ratios.

Exam trap

The trap here is that candidates often confuse AWS CloudTrail (audit logging) with CloudWatch (monitoring), or assume AWS Config can monitor performance because it tracks resource state changes, but neither provides the real-time metric collection needed for SAP performance analysis.

388
MCQeasy

A company is migrating a critical Oracle database to Amazon RDS for Oracle. They need to minimize downtime and ensure data consistency. Which AWS service should they use to perform an online migration with minimal impact?

A.AWS Direct Connect
B.AWS Database Migration Service (DMS)
C.AWS Snowball
D.Amazon S3 Transfer Acceleration
AnswerB

DMS supports online migration with ongoing replication, minimizing downtime.

Why this answer

AWS Database Migration Service (DMS) supports ongoing replication and can perform live migrations with minimal downtime. AWS Snowball is for offline data transfer. S3 Transfer Acceleration speeds up uploads to S3.

Direct Connect establishes dedicated network connections but is not a migration service.

389
MCQeasy

An SAP administrator notices that the application logs show repeated authentication failures from a specific IP address. The SAP application is hosted on an EC2 instance behind an Application Load Balancer. What AWS service can be used to block traffic from that IP at the network level?

A.Use Amazon CloudFront with a geo-restriction to block the IP.
B.Use AWS WAF to create an IP set and block rule, associated with the ALB.
C.Update the security group of the EC2 instance to deny traffic from that IP.
D.Add a network ACL rule to the subnet to deny traffic from that IP.
AnswerB

AWS WAF can inspect source IP and block requests at the ALB level.

Why this answer

Option C is correct because AWS WAF can be associated with an ALB to filter IP addresses. Option A is wrong because Security Groups are stateful and cannot block based on IP address in the context of an ALB (they see only the ALB's IP). Option B is wrong because NACLs are stateless and applied at the subnet level, but the ALB is a managed service; WAF is more appropriate.

Option D is wrong because CloudFront is a CDN and not typically used solely for IP blocking in this scenario.

390
MCQhard

A company is running SAP HANA in a multi-node scale-out configuration on AWS. The cluster uses AWS Placement Groups with the 'cluster' placement strategy. The system is experiencing network latency between nodes. Which change should the company make to reduce latency?

A.Change the placement group to 'spread' to reduce interference.
B.Use larger instance sizes to increase network bandwidth.
C.Enable Enhanced Networking (ENA) on all instances in the cluster.
D.Use EBS-optimized instances to improve storage performance.
AnswerC

ENA provides higher throughput and lower latency for inter-node communication.

Why this answer

Option C is correct because Enhanced Networking with ENA provides lower latency and higher packet per second performance. Option A is wrong because 'spread' placement group reduces co-location, increasing latency. Option B is wrong because increasing instance size does not directly reduce latency; network bandwidth may increase but not necessarily latency.

Option D is wrong because EBS-optimized instances improve storage throughput, not network latency.

391
MCQhard

An SAP on AWS environment uses a shared file system via Amazon EFS for SAP transport files. The EFS file system is mounted on multiple EC2 instances. Users report that file operations are slow during peak hours. Which action should be taken to improve performance?

A.Enable EFS Provisioned Throughput mode and increase throughput
B.Migrate to Amazon EBS with Multi-Attach enabled
C.Move the transport files to Amazon S3 and use S3FS
D.Increase the number of EC2 instances to distribute the load
AnswerA

Provisioned Throughput provides consistent high throughput for demanding workloads.

Why this answer

Option D is correct because enabling EFS throughput mode to Provisioned with increased throughput can improve performance. Option A is wrong because moving to EBS with Multi-Attach is not suitable for shared file system across many instances. Option B is wrong because S3 does not provide a POSIX file system.

Option C is wrong because adding more instances does not improve EFS performance.

392
Multi-Selectmedium

A company is migrating an SAP HANA database to AWS. Which TWO configurations are required to ensure high availability for the SAP HANA database in a multi-AZ setup?

Select 2 answers
A.Deploy SAP HANA System Replication across two Availability Zones.
B.Use a single EBS volume with synchronous replication to both nodes.
C.Configure EBS Multi-Attach to allow both HANA instances to share the same data volume.
D.Implement a cluster manager such as Pacemaker to orchestrate failover.
E.Place an Application Load Balancer in front of the HANA database endpoints.
AnswersA, D

SAP HANA System Replication replicates data between separate HANA instances in different AZs for high availability.

Why this answer

Option B (deploy SAP HANA System Replication across Availability Zones) and Option D (use a cluster manager like Pacemaker to manage failover) are correct. SAP HANA System Replication provides data replication, and a cluster manager automates failover. Option A is incorrect because EBS Multi-Attach does not support cross-AZ scenarios.

Option C is incorrect because a single EBS volume cannot serve both HANA instances. Option E is incorrect because Network Load Balancer is not used for HANA database replication.

393
MCQeasy

A company is running SAP Business Suite on AWS and needs to back up the SAP HANA database daily. Which AWS service can be used to automate HANA backups to Amazon S3?

A.AWS Storage Gateway
B.Amazon EBS snapshots
C.AWS Backup
D.AWS DataSync
AnswerC

AWS Backup can orchestrate SAP HANA backups to S3 with application consistency.

Why this answer

AWS Backup is the correct service because it provides a fully managed, policy-based backup solution that natively supports SAP HANA databases running on Amazon EC2. It automates the creation, retention, and deletion of HANA backups directly to Amazon S3 using the Backint agent, eliminating the need for custom scripts or manual intervention.

Exam trap

The trap here is that candidates often confuse AWS Backup with EBS snapshots, assuming that block-level snapshots are sufficient for database backups, but they fail to recognize that SAP HANA requires application-consistent backups managed through its own backup catalog and the Backint interface.

How to eliminate wrong answers

Option A is wrong because AWS Storage Gateway is a hybrid storage service for on-premises integration with AWS storage, not a backup automation service for SAP HANA; it cannot orchestrate HANA-specific backups or use the Backint interface. Option B is wrong because Amazon EBS snapshots capture the entire volume at the block level, which is not crash-consistent for a running SAP HANA database and does not support HANA's log backup or point-in-time recovery requirements; they also lack integration with HANA's backup catalog. Option D is wrong because AWS DataSync is designed for high-speed data transfer between on-premises storage and AWS, not for automating database backups; it cannot trigger HANA backup jobs or manage backup retention policies.

394
MCQhard

An SAP administrator notices that the SAP HANA database is running on an EC2 instance with a single EBS volume for /hana/data and /hana/log. The system is experiencing high latency during write operations. What is the most cost-effective design change to improve performance?

A.Create separate EBS volumes for /hana/data and /hana/log, attaching them to the instance
B.Use an Instance Store volume for /hana/data
C.Modify the EBS volume to use Provisioned IOPS (io2) with higher IOPS
D.Increase the size of the existing EBS volume to gain more throughput
AnswerA

Separating data and log volumes eliminates contention and improves write latency cost-effectively.

Why this answer

Option A is correct because SAP HANA requires separate EBS volumes for /hana/data and /hana/log to avoid I/O contention. When both directories share a single volume, write operations to the log (sequential) and data (random) compete for the same queue depth and bandwidth, causing high latency. Separating them allows each workload to use dedicated IOPS and throughput, which is the most cost-effective fix without upgrading to premium volume types.

Exam trap

The trap here is that candidates often choose Provisioned IOPS (io2) or volume size increases, thinking more performance is needed, when the real issue is I/O contention from sharing a single volume between two distinct workload types.

How to eliminate wrong answers

Option B is wrong because Instance Store volumes are ephemeral and do not persist data across instance stops or terminations, making them unsuitable for SAP HANA database files that require durability. Option C is wrong because switching to Provisioned IOPS (io2) increases cost significantly without addressing the root cause of I/O contention between /hana/data and /hana/log; separation is more cost-effective. Option D is wrong because simply increasing the size of the existing EBS volume does not resolve the contention between the two workloads; throughput gains from size increases are marginal and do not eliminate queueing delays from mixed access patterns.

395
MCQhard

A company is running SAP Business Suite on AWS. The SAP application servers are behind an Application Load Balancer (ALB). Users are experiencing session timeouts because the ALB is distributing requests to different application servers. What should the company configure on the ALB to maintain session stickiness?

A.Use a Network Load Balancer instead of an Application Load Balancer.
B.Enable sticky sessions using the ALB-generated cookie.
C.Enable cross-zone load balancing on the ALB.
D.Enable path-based routing to route all requests from a user to the same server.
AnswerB

Sticky sessions ensure user requests go to the same server.

Why this answer

Option C is correct because Application Load Balancers support sticky sessions using cookies (either application-generated or AWS-generated). This ensures that a user's requests are sent to the same target group member. Option A is incorrect because path-based routing is for routing requests based on URL path, not for session stickiness.

Option B is incorrect because cross-zone load balancing distributes traffic across all zones, but does not ensure stickiness. Option D is incorrect because a Network Load Balancer does not natively support sticky sessions for SAP.

396
MCQhard

A company runs SAP HANA on AWS and uses AWS Backup to back up the HANA database volumes. The backup job fails with an error indicating that the volume is in use. What is the most likely cause of this failure?

A.The volume is attached to an instance and the filesystem is not frozen before snapshot.
B.The AWS Backup service does not have permission to create snapshots in the account.
C.The EBS volume is not tagged with the required backup tags.
D.The EC2 instance does not have the AWS Backup agent installed.
AnswerA

AWS Backup can snapshot attached volumes, but for consistent snapshots, the filesystem should be frozen or I/O paused. If not, the snapshot may be inconsistent, but the error 'volume in use' suggests the snapshot operation itself failed.

Why this answer

AWS Backup uses EBS snapshots, which require volumes to be in a consistent state. If the volume is attached and in use, the snapshot may fail if the filesystem is not frozen. The most common fix is to pause I/O before the snapshot.

397
MCQhard

An SAP system on AWS is using an Oracle database. The company wants to implement automated backups to Amazon S3. Which AWS service should be used to orchestrate the backup process?

A.Amazon RDS for Oracle
B.AWS Backup
C.Amazon S3 Lifecycle policies
D.AWS Database Migration Service (DMS)
AnswerB

AWS Backup can automate backups of Oracle databases to S3.

Why this answer

Option A is correct because AWS Backup supports Oracle databases and can automate backups to S3. Option B is wrong because DMS is for migration, not backups. Option C is wrong because RDS is a managed service, not applicable to self-managed Oracle.

Option D is wrong because S3 Lifecycle policies manage object lifecycle, not backup orchestration.

398
MCQmedium

A company runs an SAP HANA database on an EC2 instance with EBS volumes. The operations team notices increased latency and I/O errors. Which AWS service should they use to analyze performance and identify bottlenecks?

A.AWS Config
B.Amazon CloudWatch
C.AWS Service Catalog
D.AWS Trusted Advisor
AnswerB

CloudWatch collects metrics and logs for EC2 and EBS, enabling latency and I/O analysis.

Why this answer

Option B is correct because Amazon CloudWatch provides metrics and logs to monitor EC2 and EBS performance. Option A (AWS Trusted Advisor) gives recommendations but not real-time performance data. Option C (AWS Config) tracks configuration changes, not performance.

Option D (AWS Service Catalog) manages service portfolios, not monitoring.

399
MCQhard

An organization is migrating a legacy application to AWS. The application requires a static IP address for client whitelisting. After migrating the application to an Application Load Balancer (ALB) with an Auto Scaling group, clients report connection failures. What should be done to resolve this issue?

A.Place an Nginx reverse proxy in front of the ALB with an Elastic IP.
B.Assign an Elastic IP to the ALB.
C.Configure the ALB to use a round-robin routing algorithm.
D.Replace the ALB with a Network Load Balancer (NLB) and assign an Elastic IP.
AnswerD

NLB supports static IP via Elastic IP.

Why this answer

Option C is correct because an ALB does not have a static IP; using a Network Load Balancer (NLB) with an Elastic IP provides a static IP for whitelisting. Option A is wrong because an ALB cannot be assigned an Elastic IP. Option B is wrong because an ALB already distributes traffic.

Option D is wrong because an Nginx proxy adds complexity and still requires a static IP.

400
MCQhard

A company is running a mission-critical SAP S/4HANA system on AWS in the us-east-1 region. The system uses a two-tier architecture with the SAP application server and HANA database on the same EC2 instance. The instance type is an r5.24xlarge with 12 x 2 TB gp3 EBS volumes striped using LVM. The HANA data volume is 10 TB. The company has a disaster recovery (DR) requirement with an RPO of 15 minutes and an RTO of 4 hours. The DR site must be in us-west-2. The company currently takes daily EBS snapshots of the data volume and copies them to us-west-2. However, they are not meeting the RPO. The operations team is considering implementing SAP HANA System Replication (HSR) asynchronously to the DR region. However, network latency between us-east-1 and us-west-2 averages 60 ms. The SAP HANA database has a heavy write workload, with average log writes of 500 MB/sec. The team is concerned that the replication may fall behind and cause data loss. What should the team do to meet the DR requirements while minimizing data loss?

A.Implement HSR asynchronously and also enable HANA log backups to an S3 bucket in us-west-2.
B.Switch to synchronous replication to ensure zero data loss.
C.Increase the HANA log buffer size to reduce the frequency of log flushes, so that less data is sent over the network.
D.Use HSR with multiple replicas in us-west-2 to improve replication speed.
AnswerA

Log backups provide an additional recovery point if replication lags.

Why this answer

Option A is correct because combining asynchronous HANA System Replication (HSR) with HANA log backups to an S3 bucket in us-west-2 provides a dual-layer protection strategy. Asynchronous HSR will replicate log changes in near real-time, but given the 60 ms latency and 500 MB/sec write workload, it may fall behind; the log backups act as a safety net to capture any log data that hasn't been replicated yet, allowing recovery with minimal data loss while still meeting the 15-minute RPO.

Exam trap

The trap here is that candidates assume asynchronous replication alone is sufficient for DR, but they overlook that under high latency and heavy write workloads, the replication lag can exceed the RPO, making a complementary log backup strategy essential to meet the recovery objectives.

How to eliminate wrong answers

Option B is wrong because synchronous replication requires sub-millisecond latency to avoid impacting application performance; with 60 ms latency between us-east-1 and us-west-2, synchronous HSR would cause severe write latency and likely timeouts, making it impractical for a heavy write workload. Option C is wrong because increasing the HANA log buffer size does not reduce the frequency of log flushes; log flushes are triggered by transaction commits and log buffer fullness, so a larger buffer only delays flushing but does not reduce the amount of data sent over the network per second, and it can increase data loss risk if the instance crashes before a flush. Option D is wrong because using multiple replicas in us-west-2 does not improve replication speed; HSR with multiple replicas adds overhead and complexity without addressing the fundamental latency bottleneck, and it does not reduce the risk of falling behind under high write loads.

401
MCQmedium

A company is running SAP on AWS and needs to back up their SAP HANA database daily. The backup must be stored cost-effectively and retained for 7 years for compliance. Which AWS service should be used for long-term backup storage?

A.Amazon S3 One Zone-IA
B.Amazon S3 Standard
C.Amazon S3 Glacier Deep Archive
D.Amazon EBS Snapshots
AnswerC

Most cost-effective for long-term archival.

Why this answer

Option B is correct because S3 Glacier Deep Archive is the most cost-effective storage class for long-term retention of backups. Option A is wrong because S3 Standard is too expensive for 7-year retention. Option C is wrong because EBS Snapshots are not designed for long-term archival and have higher cost.

Option D is wrong because S3 One Zone-IA is not suitable for long-term retention due to lower durability and potential data loss in case of facility failure.

402
MCQhard

An SAP system on AWS is experiencing high CPU utilization on the application server during peak hours. The SAP administrator wants to add a new application server instance to distribute the load. Which AWS service should be used to automatically register the new instance with the existing SAP system's load balancer?

A.Auto Scaling group
B.AWS Lambda
C.Amazon SQS
D.AWS CloudFormation
AnswerA

Auto Scaling can automatically register new instances with a load balancer.

Why this answer

An Auto Scaling group can automatically launch new EC2 instances based on scaling policies (e.g., when CPU utilization exceeds a threshold) and, when configured with a lifecycle hook or a launch template that includes a user-data script, can register the new instance with the existing SAP system's load balancer (such as an Application Load Balancer or Classic Load Balancer). This ensures the new application server is automatically added to the load balancer target group, distributing incoming traffic without manual intervention.

Exam trap

The trap here is that candidates may confuse Auto Scaling groups with CloudFormation, thinking that CloudFormation can dynamically register instances, but CloudFormation is a provisioning tool that does not handle real-time auto-registration of instances with a load balancer.

How to eliminate wrong answers

Option B is wrong because AWS Lambda is a serverless compute service for running code in response to events, not a service for automatically registering instances with a load balancer; while it could be used in a custom solution, it is not the native AWS service designed for this purpose. Option C is wrong because Amazon SQS is a message queuing service for decoupling application components, not a service that manages instance registration with a load balancer. Option D is wrong because AWS CloudFormation is an infrastructure-as-code service for provisioning resources, but it does not automatically register new instances with a load balancer in real time; it would require manual or scheduled updates to the stack.

403
MCQhard

An SAP customer has a mission-critical system running on AWS. They need to ensure that the SAP application can survive an Availability Zone failure without manual intervention. The SAP application is stateless. The database is SAP HANA with System Replication. What is the most comprehensive architecture to achieve automatic failover?

A.Deploy the SAP application in an Auto Scaling group across multiple AZs and configure SAP HANA System Replication with automatic failover using AWS resources
B.Use Amazon Route 53 health checks to switch DNS to a standby instance in another AZ
C.Deploy the SAP application in an Auto Scaling group across two AZs and use Amazon RDS Multi-AZ for HANA
D.Deploy the SAP application behind an Application Load Balancer and use SAP HANA System Replication with manual failover scripts
AnswerA

Auto Scaling for app tier and HSR automatic failover for DB tier provide full automation.

Why this answer

Option D is correct because using an Auto Scaling group across multiple AZs for app tier and HSR with automatic failover for DB tier provides full automation. Option A is incorrect because Multi-AZ for SAP HANA is not an AWS RDS feature. Option B is incorrect because Route 53 health checks do not handle DB failover.

Option C is incorrect because Elastic Load Balancer alone does not handle DB failover automatically.

404
MCQhard

A company is designing a disaster recovery strategy for SAP S/4HANA. The primary site is in us-east-1 and the DR site is in us-west-2. The RPO must be less than 30 minutes and RTO less than 2 hours. Which approach meets these requirements?

A.Configure HANA System Replication in asynchronous mode with automatic takeover
B.Configure HANA System Replication in synchronous mode across regions
C.Take nightly backups to S3 and restore in DR
D.Use AWS Backup to copy daily snapshots to DR region
AnswerA

Async replication can meet <30 min RPO and with pre-provisioned DR instances, RTO <2 hours.

Why this answer

Option A is correct because HANA System Replication in asynchronous mode with automatic takeover meets the RPO of less than 30 minutes and RTO of less than 2 hours. Asynchronous replication provides near-real-time data transfer across AWS regions with minimal impact on primary performance, and automatic takeover enables fast failover to the DR instance, satisfying the RTO requirement.

Exam trap

The trap here is that candidates confuse synchronous mode as more reliable for DR, but fail to recognize that cross-region latency makes synchronous replication impractical, while asynchronous mode with automatic takeover is the standard AWS-recommended approach for SAP HANA disaster recovery.

How to eliminate wrong answers

Option B is wrong because HANA System Replication in synchronous mode across regions introduces high latency and potential transaction blocking, making it impractical for cross-region setups and unable to meet the RPO/RTO without significant performance degradation. Option C is wrong because nightly backups to S3 cannot achieve an RPO of less than 30 minutes, as backups are taken only once per day, and restoring from S3 typically exceeds the 2-hour RTO due to data transfer and recovery time. Option D is wrong because AWS Backup copying daily snapshots to the DR region results in an RPO of at least 24 hours, far exceeding the 30-minute requirement, and snapshot restoration is slower than HANA System Replication failover.

405
MCQeasy

An SAP Basis administrator needs to monitor the performance of SAP HANA database using Amazon CloudWatch. Which of the following metrics should be monitored to detect potential CPU bottlenecks?

A.MemoryUtilization
B.DiskReadBytes / DiskWriteBytes
C.CPUUtilization
D.NetworkPacketsIn / NetworkPacketsOut
AnswerC

CPU utilization directly indicates the percentage of CPU capacity used.

Why this answer

Option B is correct because the CPU Utilization metric directly measures the percentage of CPU capacity used. Option A is wrong because Memory utilization indicates memory pressure, not CPU. Option C is wrong because Disk Read/Write Bytes indicate I/O activity.

Option D is wrong because Network packets indicate network traffic.

406
MCQmedium

A company is migrating its SAP HANA database to AWS. The database requires high I/O and low latency. Which storage option should be used for the /hana/data volume?

A.io2 EBS volume
B.gp3 EBS volume
C.Amazon S3
D.Amazon EFS
AnswerA

io2 EBS volumes provide high IOPS and low latency required for SAP HANA data.

Why this answer

The /hana/data volume for SAP HANA requires high I/O and low latency, which is best met by io2 EBS volumes. io2 volumes are provisioned IOPS SSD volumes designed for latency-sensitive transactional workloads, offering up to 64,000 IOPS per volume and 99.999% durability, making them ideal for SAP HANA data files.

Exam trap

The trap here is that candidates often confuse gp3's high baseline performance with suitability for production SAP HANA, but the exam expects knowledge that only io2 (or io1) volumes meet the strict latency and IOPS consistency requirements for /hana/data as per SAP's official guidance.

How to eliminate wrong answers

Option B (gp3 EBS volume) is wrong because gp3 volumes are general-purpose SSDs with baseline performance that may not sustain the consistently high IOPS and sub-millisecond latency required for SAP HANA /hana/data, especially under heavy write loads. Option C (Amazon S3) is wrong because S3 is an object storage service with higher latency and no file system semantics, making it unsuitable for database block-level storage. Option D (Amazon EFS) is wrong because EFS is a network file system (NFS) that introduces additional latency and throughput variability compared to block storage, and it is not supported for SAP HANA data volumes.

407
MCQmedium

An SAP administrator executed the AWS CLI command shown in the exhibit. The EC2 instance i-0abcd1234efgh5678 is a SAP HANA database server. Which statement about the storage configuration is correct?

A.The root volume (/dev/xvda) will persist after instance termination.
B.The volume /dev/sdf is an instance store volume.
C.The data volume (/dev/sdf) will persist after instance termination.
D.The instance is booting from an instance store volume.
AnswerC

B is correct: DeleteOnTermination is false, so it persists.

Why this answer

Option B is correct: /dev/sdf has DeleteOnTermination set to false, meaning it will not be deleted when the instance is terminated, preserving the data. Option A is incorrect because /dev/xvda will be deleted. Option C is incorrect because the command only shows block device mappings, not root device type.

Option D is incorrect because /dev/sdf is an EBS volume, not instance store.

408
MCQhard

A company runs SAP Business Suite on AWS. They notice that their SAP application servers are not evenly distributing load across multiple instances. They have configured an Application Load Balancer (ALB) in front of the SAP Web Dispatchers. What is the MOST likely cause of uneven load distribution?

A.Sticky sessions (session stickiness) are enabled on the ALB.
B.The ALB health check interval is too short.
C.Cross-zone load balancing is enabled.
D.The ALB is using the least outstanding requests routing algorithm.
AnswerA

Sticky sessions cause uneven distribution with long-lived sessions.

Why this answer

When sticky sessions (session stickiness) are enabled on an Application Load Balancer, the ALB uses a cookie to bind a client's session to a specific target (SAP Web Dispatcher). This prevents the load balancer from distributing subsequent requests from that client to other healthy targets, causing an uneven distribution of load across the SAP application servers, especially if a few clients generate a disproportionate number of requests.

Exam trap

The trap here is that candidates often assume sticky sessions are always beneficial for stateful applications, but they fail to recognize that sticky sessions directly contradict the goal of even load distribution by pinning clients to specific targets.

How to eliminate wrong answers

Option B is wrong because a short health check interval would cause the ALB to mark targets as unhealthy more frequently, potentially removing them from the rotation, but it would not cause uneven distribution of load across healthy instances; it would simply reduce the number of available targets. Option C is wrong because cross-zone load balancing is enabled by default on ALBs and actually improves load distribution by evenly routing traffic across all targets in all enabled Availability Zones, so it would not cause uneven load. Option D is wrong because the least outstanding requests routing algorithm is designed to send traffic to the target with the fewest pending requests, which actively promotes even load distribution, not uneven distribution.

409
MCQeasy

A company is migrating a web application to AWS and wants to minimize latency for global users. Which AWS service should be used to cache static content at edge locations?

A.AWS WAF
B.Amazon S3 Transfer Acceleration
C.AWS Global Accelerator
D.Amazon CloudFront
AnswerD

CDN caches content at edge locations.

Why this answer

Amazon CloudFront is a content delivery network (CDN) that caches content at edge locations. Option B (AWS Global Accelerator) improves performance by routing traffic to optimal endpoints but does not cache content. Option C (Amazon S3 Transfer Acceleration) speeds up uploads to S3.

Option D (AWS WAF) is a web application firewall.

410
MCQhard

A company runs a critical SAP ERP system on AWS. The architecture includes an SAP HANA database on an r5.24xlarge instance (with 768 GB RAM) in us-east-1a, and multiple SAP application servers in an Auto Scaling group across two Availability Zones (us-east-1a and us-east-1b). The database uses EBS volumes: two 1 TB gp3 volumes for data, one 500 GB gp3 for log, and one 100 GB gp3 for backup. The system has been running without issues for months. At 3:00 PM, the operations team receives alerts from Amazon CloudWatch that the HANA database instance's CPU utilization is at 100%, memory usage is at 95%, and the disk queue length for the log volume is consistently above 10. The SAP application is experiencing intermittent timeouts. The team checks the HANA studio and sees that there are many long-running queries and that the log volume is almost full (95% used). The database backups are scheduled to run at 2:00 AM and completed successfully. There have been no changes to the system or workload recently. The team suspects a performance degradation. What is the MOST likely cause of the issue?

A.The HANA database has reached its memory limit due to the global.ini allocation.
B.The gp3 volume's baseline IOPS are insufficient for the current workload.
C.A backup job is running and consuming CPU and I/O resources.
D.The log volume is almost full, causing HANA to stall transaction processing.
AnswerD

When the log volume is near capacity, HANA cannot write new log entries, stalling transactions and causing high resource usage.

Why this answer

Option C is correct because a full log volume can cause HANA to pause transactions, leading to increased CPU/memory usage and timeouts. Option A is wrong because HANA's memory management is dynamic and not constrained by OS limits. Option B is wrong because backups are not running at 3 PM.

Option D is wrong because the disk queue length indicates I/O issues, but the root cause is log volume full, not insufficient IOPS.

411
MCQeasy

A company is migrating a SAP BusinessObjects environment to AWS. Which AWS service can be used to automate the deployment of the SAP BusinessObjects components?

A.AWS OpsWorks
B.AWS Elastic Beanstalk
C.AWS CodePipeline
D.AWS CloudFormation
AnswerD

CloudFormation can automate SAP BusinessObjects deployment with templates.

Why this answer

Option D is correct because AWS CloudFormation allows infrastructure as code to automate the deployment of SAP BusinessObjects. Option A is wrong because AWS OpsWorks is for Chef/Puppet, not directly for SAP. Option B is wrong because AWS Elastic Beanstalk is for web applications, not SAP.

Option C is wrong because AWS CodePipeline is for CI/CD, not infrastructure deployment.

412
Multi-Selecteasy

A company is designing a disaster recovery (DR) strategy for its SAP HANA database on AWS. The primary site is in us-east-1, and the DR site is in us-west-2. Which TWO actions are required to enable HANA System Replication (HSR) across AWS Regions? (Choose 2)

Select 2 answers
A.Enable cross-Region replication of EBS snapshots.
B.Set up a VPN or Direct Connect connection between the Regions for secure, low-latency communication.
C.Configure HSR with asynchronous replication mode.
D.Use S3 Cross-Region Replication to copy HANA data files.
E.Deploy an Application Load Balancer in front of the HANA instances in both Regions.
AnswersB, C

B is correct: HSR requires network connectivity.

Why this answer

Options B and D are correct. B: HSR requires low-latency network connectivity. D: For cross-region HSR, the log shipping must be asynchronous to avoid performance impact.

A is incorrect because EBS snapshots are not used for HSR. C is incorrect because HSR does not use S3. E is incorrect because HSR is a database-level replication, not an application-level load balancer.

413
MCQmedium

A company runs an SAP HANA database on an r5.8xlarge EC2 instance. The operations team notices that the instance's CPU utilization spikes to 100% every night at 2 AM, causing SAP application timeouts. CloudWatch metrics show the spike corresponds to a backup process. Which action should be taken to resolve the issue?

A.Move the backup window to an earlier time when the system is less active.
B.Increase the instance size to handle the backup load.
C.Disable the nightly backup.
D.Implement CloudWatch alarm to restart the instance when CPU is high.
AnswerA

Rescheduling backups to off-peak hours reduces CPU contention during the spike.

Why this answer

Option A is correct because adjusting the backup schedule to a non-peak time reduces CPU contention. Option B is wrong because increasing instance size might help but is not the most direct solution. Option C is wrong because it does not address the root cause.

Option D is wrong because disabling the backup is not appropriate.

414
MCQeasy

An SAP administrator needs to ensure that all API calls made to AWS services by the SAP application are logged for auditing purposes. The administrator wants to store these logs in Amazon S3 for long-term retention. Which AWS service should be used to capture the API calls?

A.VPC Flow Logs
B.AWS CloudTrail
C.AWS Config
D.Amazon CloudWatch Logs
AnswerB

CloudTrail records API calls for auditing.

Why this answer

Option B is correct: AWS CloudTrail records API calls and can deliver logs to S3. Option A is wrong because CloudWatch Logs is for application logs, not API calls. Option C is wrong because VPC Flow Logs capture network traffic, not API calls.

Option D is wrong because Config records configuration changes.

415
MCQhard

A company is migrating its SAP landscape to AWS and plans to use SAP HANA as the database. The HANA system requires high network throughput between application and database servers. Which EC2 placement strategy should be recommended?

A.No placement group
B.Partition placement group
C.Spread placement group
D.Cluster placement group
AnswerC

Spread placement group ensures instances are on different hardware but in close proximity, providing low latency and high availability.

Why this answer

A placement group with spread strategy ensures instances are on different hardware but close together for low latency. Option B (cluster placement group) is for low latency but all instances on same rack, single point of failure. Option C (partition) is for large distributed systems.

Option D (no placement group) may introduce higher latency.

416
Multi-Selecthard

An SAP administrator needs to ensure high availability for SAP NetWeaver ABAP stack on AWS. Which three components should be configured in a multi-AZ active/passive cluster? (Select THREE.)

Select 3 answers
A.Enqueue Replication Server (ERS).
B.ABAP SAP Central Services (ASCS).
C.Database instance.
D.SAP Gateway.
E.Dialog instances.
AnswersA, B, C

ERS works with ASCS for failover.

Why this answer

The Enqueue Replication Server (ERS) is a critical component in an SAP NetWeaver ABAP stack active/passive cluster because it replicates the lock table from the primary ASCS instance to the standby node. In a multi-AZ setup, this ensures that if the primary ASCS fails, the standby can take over with minimal disruption, as the lock state is preserved. Without ERS, a failover would require all locked resources to be released, causing data inconsistencies or application errors.

Exam trap

AWS often tests the misconception that all SAP components must be in an active/passive cluster for high availability, but only stateful components like ASCS, ERS, and the database require this; stateless components like SAP Gateway and Dialog instances can be distributed across AZs in an active/active manner.

417
MCQeasy

A company is setting up a disaster recovery (DR) site for SAP on AWS. They need to replicate the SAP HANA database to another region. Which AWS service is BEST suited for this?

A.SAP HANA System Replication
B.AWS Backup cross-region copy
C.AWS Database Migration Service (DMS)
D.Amazon S3 Cross-Region Replication
AnswerA

HANA System Replication is designed for cross-region DR.

Why this answer

SAP HANA System Replication (HSR) is the native, SAP-supported mechanism for replicating HANA databases asynchronously or synchronously across regions. It replicates at the database level using log shipping and is the only option that maintains full SAP HANA consistency, transaction integrity, and support for takeover in a DR scenario.

Exam trap

The trap here is that candidates confuse general-purpose AWS backup or replication services (like AWS Backup or S3 CRR) with SAP-specific replication, assuming any cross-region copy can serve as DR, but only HSR provides the required database-level consistency and SAP certification for HANA DR.

How to eliminate wrong answers

Option B (AWS Backup cross-region copy) is wrong because it creates point-in-time snapshots of the entire HANA instance, not continuous log replication, leading to potential data loss and longer recovery time objectives (RTO/RPO) unsuitable for SAP HANA DR. Option C (AWS Database Migration Service) is wrong because DMS is designed for one-time or ongoing migration between heterogeneous databases, not for continuous replication of a live SAP HANA system with full transaction consistency and failover support. Option D (Amazon S3 Cross-Region Replication) is wrong because S3 CRR replicates objects in S3 buckets, not database files or logs, and cannot maintain the transactional state of a running HANA database.

418
MCQhard

A company runs its SAP ERP system on AWS. The SAP application servers are in an Auto Scaling group across two Availability Zones. The SAP HANA database runs on a single EC2 instance in us-east-1a. The database instance has an Elastic IP and uses EBS io1 volumes with 5000 provisioned IOPS. During a recent deployment, the company experienced a complete outage when the Availability Zone us-east-1a became unavailable due to a power failure. The database was unavailable for 6 hours until the zone recovered. The company wants to implement a highly available architecture that can automatically recover from an AZ failure with minimal data loss. The Recovery Point Objective (RPO) is 15 minutes and Recovery Time Objective (RTO) is 30 minutes. What should the company do?

A.Set up HANA System Replication with synchronous replication to a secondary instance in us-east-1b and configure automatic takeover.
B.Take EBS snapshots every 15 minutes and copy them to another region.
C.Move the HANA database to a larger instance in the same Availability Zone and increase IOPS to 10000.
D.Migrate the HANA database to Amazon RDS for SAP HANA with Multi-AZ enabled.
AnswerA

Provides automatic failover with minimal data loss.

Why this answer

Option D is correct because HANA System Replication in sync mode with automatic takeover meets the RPO and RTO. Option A is wrong because a single AZ still has the same risk. Option B is wrong because Multi-AZ for RDS is not applicable to HANA on EC2.

Option C is wrong because EBS snapshots have an RPO of hours, not 15 minutes.

419
MCQhard

An SAP Basis team is migrating an SAP Business Suite system to AWS. The system has a large number of background jobs and requires consistent performance for batch processing. Which Amazon EC2 instance type is most suitable for this workload?

A.i3.2xlarge
B.g4dn.xlarge
C.z1d.xlarge
D.t3.large
AnswerC

z1d instances offer high CPU frequency and large memory, suitable for SAP batch workloads.

Why this answer

The z1d.xlarge instance is most suitable because it offers a high baseline clock speed of up to 4.0 GHz with Intel Turbo Boost, which is critical for SAP Business Suite batch processing workloads that are CPU-bound and sensitive to single-threaded performance. SAP background jobs often require consistent, high-frequency CPU performance to meet batch window SLAs, and the z1d family is specifically designed for such high-performance, memory-intensive SAP workloads on AWS.

Exam trap

The trap here is that candidates often confuse storage-optimized instances (i3) with compute-optimized needs, or mistakenly think burstable instances (t3) can handle sustained batch loads due to their low cost, ignoring CPU credit exhaustion and performance throttling.

How to eliminate wrong answers

Option A (i3.2xlarge) is wrong because it is an instance optimized for high-speed NVMe SSD storage and low-latency I/O, not for high CPU clock speed; it is intended for database workloads like SAP HANA, not for CPU-bound batch processing. Option B (g4dn.xlarge) is wrong because it is a GPU-accelerated instance designed for machine learning and graphics workloads, not for SAP batch jobs that do not leverage GPU compute. Option D (t3.large) is wrong because it is a burstable performance instance that uses CPU credits; sustained batch processing would deplete credits and throttle performance, making it unsuitable for consistent batch processing requirements.

420
Multi-Selecteasy

A company is running SAP HANA on AWS with a single Availability Zone (AZ). They want to improve high availability (HA) by deploying across multiple AZs. Which THREE components must be configured to support a multi-AZ SAP HANA HA setup? (Select THREE.)

Select 3 answers
A.Amazon Route 53 health checks for automatic failover
B.Elastic Load Balancer (ALB or NLB) for the SAP application tier
C.Amazon CloudFront distribution in front of the application servers
D.SAP HANA System Replication across AZs
E.Shared file system such as Amazon FSx for NetApp ONTAP for /sapmnt and /usr/sap/trans
AnswersB, D, E

A load balancer distributes traffic across application servers in multiple AZs.

Why this answer

Options A, C, and D are correct. SAP HANA System Replication is required for database HA across AZs. A load balancer (like ELB) is needed to distribute traffic to application servers.

EBS Multi-Attach volumes are not supported; instead, shared storage like FSx or EFS is used. Option B (CloudFront) is not relevant. Option E (Route 53) is for DNS but not a core HA component.

421
Multi-Selecthard

Which THREE considerations are important when planning the migration of an SAP HANA database to AWS using HANA System Replication (HSR)?

Select 3 answers
A.The target EC2 instance must have at least the same amount of RAM as the source.
B.The source and target must be in the same AWS Region.
C.The target storage must be able to accommodate the data volume.
D.The network latency between source and target must be less than 10 ms for synchronous replication.
E.The source database must be encrypted before replication can start.
AnswersA, C, D

HANA needs sufficient memory.

Why this answer

HSR requires network latency below 10 ms for synchronous replication, and the target instance must have sufficient memory and storage. Network bandwidth is important but not the only factor. The source and target can be in different Regions, but latency must be acceptable.

Encryption is not a prerequisite for HSR.

422
MCQhard

An SAP administrator notices that the SAP application server is experiencing high memory utilization. The system uses a cluster of EC2 instances. What is the most cost-effective solution to automatically add an additional application server when memory exceeds 80%?

A.Configure an Auto Scaling group with a scaling policy based on a custom CloudWatch metric for memory utilization.
B.Create a CloudWatch alarm that sends an email to the administrator to manually launch a new instance.
C.Use an Auto Scaling group with a scaling policy based on CPU utilization.
D.Use AWS Elastic Beanstalk to deploy the application server.
AnswerA

Auto Scaling can use custom metrics to automatically adjust capacity.

Why this answer

Option B is correct because Auto Scaling with a custom metric (memory utilization) can scale out based on the threshold. Option A is wrong because CloudWatch alarms alone do not add instances. Option C is wrong because it does not automatically scale.

Option D is wrong because scaling based on CPU does not address memory.

423
MCQeasy

A company is running SAP on AWS and uses CloudWatch to monitor the SAP HANA database. The database administrator wants to create a dashboard that shows the current memory utilization of all HANA instances. Which CloudWatch feature should they use?

A.CloudWatch Logs
B.CloudWatch Alarms
C.CloudWatch Events
D.CloudWatch Dashboards
AnswerD

Dashboards can aggregate metrics from multiple instances.

Why this answer

Option A is correct because CloudWatch dashboards can display metrics from multiple sources in one view. Option B is wrong because CloudWatch Logs is for log data, not metrics. Option C is wrong because CloudWatch Alarms are for thresholds.

Option D is wrong because CloudWatch Events is for event-driven actions.

424
MCQeasy

A company runs SAP Business Suite on AWS. The SAP application servers are behind an Application Load Balancer (ALB). The operations team notices that occasionally, some requests fail with HTTP 503 errors. The team checks the ALB and finds that the target group has healthy instances. The SAP application logs show no errors. What is the most likely cause of the 503 errors?

A.The security groups for the application servers do not allow traffic from the ALB.
B.The SSL certificate on the ALB has expired.
C.The target group health checks are misconfigured, marking instances as healthy when they are not.
D.The ALB connection draining timeout is set too low, causing requests to be routed to instances that are being de-registered.
AnswerD

Connection draining ensures in-flight requests complete, but if timeout is too short, requests may fail.

Why this answer

Option A is correct. If the ALB connection draining timeout is too short, the ALB may send requests to instances that are being de-registered, resulting in 503 errors. Option B is wrong because if instances were unhealthy, the ALB would not route traffic to them.

Option C is wrong because SSL issues would cause other errors, not necessarily 503. Option D is wrong because security group misconfigurations would typically cause connection timeouts, not 503 errors.

425
MCQhard

A company runs SAP S/4HANA in a multi-AZ deployment with a primary and standby database. During a planned failover test, the database fails over but the SAP system becomes unresponsive. Investigation reveals that the SAP application servers cannot connect to the new primary database because the database VIP is not updated. What is the most likely cause?

A.The HANA instance number changed after failover.
B.The DNS record for the HANA host still points to the old primary IP address.
C.The HANA hostname in the SAP profile is set to the physical instance hostname instead of the VIP.
D.The HANA database VIP is not configured to move to the new primary instance during failover.
AnswerD

The VIP must be reassigned to the new primary for seamless connectivity.

Why this answer

Option A is correct because in a typical SAP HANA multi-AZ setup, a virtual IP address (VIP) is used for application connectivity. If the VIP is not moved to the new primary, applications will try to connect to the old primary. Option B is wrong because DNS changes are not typically used for HANA failover.

Option C is wrong because the HANA hostname usually remains constant via VIP. Option D is wrong because the HANA instance number does not change during failover.

426
MCQhard

An SAP system administrator is troubleshooting a performance issue on an SAP application server running on an EC2 instance. The /usr/sap directory is on an EBS volume. The administrator notices high I/O wait times. Which action should be taken to improve I/O performance?

A.Migrate the /usr/sap directory to Amazon EFS
B.Move the /usr/sap directory to an instance store volume
C.Change the EBS volume type to io2 Block Express with provisioned IOPS
D.Increase the instance size to a larger instance type
AnswerC

io2 volumes with provisioned IOPS can significantly improve I/O performance for high-throughput workloads like SAP.

Why this answer

Changing the EBS volume type to io2 with provisioned IOPS can improve I/O performance for high-throughput workloads. Increasing instance size may not address I/O specifically. Moving to instance store provides high IOPS but data is ephemeral.

Converting to EFS may introduce network latency.

427
MCQmedium

An SAP system is deployed across multiple Availability Zones using an Application Load Balancer (ALB). The Operations team notices that during a failover test, the ALB is sending traffic to unhealthy instances. Which configuration change would ensure the ALB stops sending traffic to unhealthy targets?

A.Enable sticky sessions (session affinity).
B.Configure a health check with appropriate thresholds and interval.
C.Increase the deregistration delay value.
D.Enable cross-zone load balancing.
AnswerB

Health checks determine if a target is healthy; if thresholds are too lenient, unhealthy instances may still receive traffic.

Why this answer

Option C is correct because configuring health checks properly ensures the ALB marks instances as unhealthy and stops routing traffic. Option A is wrong because increasing deregistration delay only affects how long connections are drained, not health check behavior. Option B is wrong because cross-zone load balancing distributes traffic across AZs, not health.

Option D is wrong because enabling sticky sessions does not affect health routing.

428
MCQmedium

A company runs its SAP application on EC2 instances in a private subnet. The SAP application needs to access an on-premises database through a VPN connection. The company wants to improve network performance and reduce latency between the SAP application and the on-premises database. Which action should the company take?

A.Set up AWS Direct Connect between the VPC and on-premises data center.
B.Increase the VPN tunnel bandwidth to 10 Gbps.
C.Create a VPC Peering connection to the on-premises network.
D.Add a NAT Gateway to the private subnet.
AnswerA

Direct Connect provides dedicated, low-latency connection.

Why this answer

Option C is correct because AWS Direct Connect provides a dedicated network connection with lower latency and higher throughput than VPN. Option A is wrong because a NAT Gateway is for outbound internet access, not for on-premises connectivity. Option B is wrong because VPC Peering is for connecting VPCs, not on-premises.

Option D is wrong because increasing VPN tunnel bandwidth may help but still has higher latency than Direct Connect.

429
MCQeasy

A company is designing a new SAP environment on AWS. The SAP application servers communicate with the database over the network. The architect wants to minimize latency and maximize throughput. Which placement strategy should the architect use?

A.Place all servers in a single Availability Zone and use a cluster placement group.
B.Place the application servers in one Availability Zone and the database in a different Availability Zone.
C.Place the application servers in one VPC and the database in a different VPC connected via VPC peering.
D.Place the application servers in one AWS Region and the database in another Region.
AnswerA

Cluster placement group provides low latency and high throughput.

Why this answer

A cluster placement group is the correct choice because it provides the lowest possible latency and highest throughput by ensuring that all SAP application and database servers are placed in close physical proximity within a single Availability Zone. This placement minimizes network hops and leverages non-blocking, high-bandwidth networking, which is critical for SAP's latency-sensitive communication between application and database layers.

Exam trap

The trap here is that candidates may assume spreading resources across multiple Availability Zones improves availability, but for SAP workloads requiring minimal latency, a single-AZ cluster placement group is the correct performance optimization, even though it sacrifices AZ-level fault tolerance.

How to eliminate wrong answers

Option B is wrong because placing the application servers and database in different Availability Zones introduces cross-AZ network latency (typically 1-2 ms) and additional data transfer costs, which degrades SAP performance. Option C is wrong because using separate VPCs connected via VPC peering adds extra network hops and does not guarantee the same physical proximity or bandwidth as a single VPC, increasing latency. Option D is wrong because inter-Region latency (often 10-100 ms) is far too high for SAP's real-time database communication, making it impractical for production workloads.

430
MCQmedium

A company runs SAP ERP on AWS with a Sybase ASE database. The database is on an EC2 instance with a single 500 GB gp2 EBS volume. The volume shows 100% credit balance consumption frequently, causing I/O throttling. What should the company do to resolve the throttling?

A.Increase the gp2 volume size to 1,000 GB to gain more I/O credits.
B.Migrate the volume to gp3 with appropriate IOPS and throughput settings.
C.Enable EBS optimization on the EC2 instance.
D.Move the database to Amazon RDS for Sybase ASE.
AnswerB

gp3 volumes provide consistent baseline IOPS and throughput without burst credits, solving the throttling issue.

Why this answer

Option B is correct because gp3 volumes provide baseline performance without burst credits, eliminating the throttling issue. Option A (Increase gp2 volume size) would increase credit balance but not eliminate the credit model. Option C (Enable EBS optimization) is already default for modern instances.

Option D (Migrate to RDS) is not supported for Sybase ASE.

431
MCQeasy

A company is migrating its SAP ERP system to AWS and needs to ensure that the SAP application can communicate with the corporate LDAP server for authentication. The LDAP server is on-premises. Which AWS service should be used to establish a secure connection?

A.AWS Direct Connect
B.VPC Peering
C.AWS Site-to-Site VPN
D.AWS Transit Gateway
AnswerC

Site-to-Site VPN provides a secure IPsec tunnel over the internet.

Why this answer

Option A is correct because AWS Site-to-Site VPN creates an encrypted tunnel between the VPC and the on-premises network. Option B is wrong because Direct Connect is a dedicated physical connection, more expensive and slower to provision. Option C is wrong because VPC Peering is for VPC-to-VPC connections.

Option D is wrong because Transit Gateway is a hub for multiple connections but requires either VPN or Direct Connect.

432
MCQhard

An SAP system is running on EC2 instances in a VPC. The security team requires that all traffic between the SAP application and database tiers be encrypted in transit. Which solution meets this requirement with minimal latency?

A.Use an AWS Site-to-Site VPN connection between the tiers
B.Use security groups to allow traffic only between the instances, with IPsec configured
C.Use an Application Load Balancer with TLS termination in front of the database tier
D.Install TLS certificates on each EC2 instance and enable HTTPS
AnswerB

IPsec within the same VPC can encrypt traffic with minimal latency when implemented correctly.

Why this answer

Option C is correct because using an Application Load Balancer with TLS termination at the application tier adds latency and complexity. Option A (AWS VPN) is for site-to-site, not internal. Option B (TLS certificates on each instance) adds CPU overhead for encryption.

Option D is correct because using security groups with IPsec is not possible natively; IPsec requires VPN or Transit Gateway.

433
MCQmedium

A company runs SAP S/4HANA on AWS and needs to set up a disaster recovery (DR) site in another AWS Region. The RPO is 15 minutes and RTO is 4 hours. The database is SAP HANA. Which approach meets these requirements?

A.Take nightly backups to S3 and restore in the DR region.
B.Use AWS Database Migration Service (DMS) for continuous replication.
C.Enable SAP HANA System Replication across regions.
D.Use AWS Backup for cross-region EBS snapshots.
AnswerC

Supports low RPO and moderate RTO.

Why this answer

Option D is correct because HANA System Replication with log shipping can achieve RPO of 15 minutes and RTO of a few hours. Option A is wrong because EBS snapshots have longer RPO. Option B is wrong because DMS is for migrations, not DR.

Option C is wrong because backup/restore from S3 takes longer RTO.

434
MCQeasy

A company wants to migrate its SAP HANA database to AWS using SAP HANA Database Backup and Recovery. The backup files are stored on an NFS share on-premises. The company wants to restore these backups directly to an Amazon EC2 instance running SAP HANA. Which AWS storage service should they use to make the NFS backup files accessible to the EC2 instance?

A.Amazon S3
B.Amazon FSx for Windows File Server
C.Amazon EFS
D.Amazon EBS
AnswerC

EFS provides NFS file system.

Why this answer

Option C is correct because Amazon EFS provides a scalable NFS file system that can be mounted on EC2 instances. The backup files can be copied from on-premises NFS to EFS using AWS DataSync or other methods, and then used for restore. Options A, B, D are incorrect because S3 is object storage (not NFS), FSx for Windows File Server is SMB, and EBS is block storage not NFS.

435
MCQeasy

An SAP administrator needs to grant an external auditor read-only access to view SAP system logs stored in CloudWatch Logs. Which AWS identity-based policy should be used?

A.AWSSupportAccess
B.CloudWatchLogsReadOnlyAccess
C.AmazonS3ReadOnlyAccess
D.CloudWatchReadOnlyAccess
AnswerB

This policy grants read-only access to CloudWatch Logs.

Why this answer

Option A is correct because AWS managed policy CloudWatchLogsReadOnlyAccess provides read-only access to CloudWatch Logs. Option B is wrong because CloudWatchReadOnlyAccess includes metrics but not logs. Option C is wrong because AmazonS3ReadOnlyAccess is for S3.

Option D is wrong because AWSSupportAccess is for support cases.

436
MCQhard

A company runs SAP on AWS and uses a custom AMI for their EC2 instances. They want to ensure that all instances launched from this AMI automatically have the SAP host agent installed and configured. What is the most efficient way to achieve this?

A.Use AWS Systems Manager Run Command to install the agent after launch.
B.Create a new AMI that includes the SAP host agent pre-installed and configured.
C.Use a user data script that installs and configures the SAP host agent at instance launch.
D.Use AWS CodeDeploy to automatically deploy the agent to new instances.
AnswerB

A custom AMI ensures consistency and eliminates post-launch steps.

Why this answer

Option C is correct because baking the configuration into the AMI ensures that every instance launched has it without additional steps. Option A is wrong because user data runs at launch but adds a step and potential failure point. Option B is wrong because it requires manual execution.

Option D is wrong because it requires managing code and adds complexity.

437
MCQmedium

A company is planning to migrate its SAP ERP system to AWS. The system uses Oracle Database as its backend. The company wants to minimize licensing costs and administrative overhead. Which AWS database service is most suitable for this migration?

A.Amazon Redshift
B.Amazon DynamoDB
C.Amazon RDS for Oracle
D.Amazon Aurora
AnswerC

RDS for Oracle provides managed Oracle database service.

Why this answer

Option A is correct because Amazon RDS for Oracle supports Oracle Database with automated administration and can be used for SAP ERP. Option B is incorrect because Aurora is a MySQL/PostgreSQL-compatible database, not Oracle. Option C is incorrect because DynamoDB is NoSQL.

Option D is incorrect because Redshift is a data warehouse.

438
MCQhard

A company is running a large SAP S/4HANA production system on AWS. The system consists of a single HANA database instance running on an r5.24xlarge EC2 instance (with 768 GB of RAM), and multiple application server instances behind an Application Load Balancer. The database uses six EBS io1 volumes for data and log files, each with 20,000 provisioned IOPS. The application servers are in an Auto Scaling group. Recently, the company experienced a prolonged database outage when the primary EC2 instance failed. The recovery took over 4 hours because a new instance had to be launched and snapshots restored. The company wants to improve the Recovery Time Objective (RTO) to less than 30 minutes for the HANA database. They also want to minimize data loss with an RPO of less than 5 minutes. The company has a second AWS region (us-west-2) available for disaster recovery but prefers to keep costs low for the DR site. Which solution should the company implement?

A.Configure SAP HANA System Replication to a standby instance in the same region but use a larger instance to ensure capacity.
B.Configure automated Amazon EBS snapshots every 5 minutes and create an AMI for the HANA instance. In the event of a failure, launch a new instance from the AMI in the same Availability Zone.
C.Set up SAP HANA System Replication to a standby HANA instance in a different Availability Zone. Use a smaller instance type for the standby to reduce costs. Automate failover using a cluster manager like Pacemaker.
D.Use Amazon RDS for SAP HANA with Multi-AZ deployment to automatically failover to a standby in another Availability Zone.
AnswerC

HSR with failover can achieve RTO < 30 minutes and RPO < 5 minutes.

Why this answer

Option C is correct because SAP HANA System Replication (HSR) provides near-synchronous replication with a typical RPO of seconds and can be configured with automatic takeover to a standby instance in another Availability Zone. The standby can be a smaller instance (e.g., r5.12xlarge) to reduce costs. The takeover can be automated with Pacemaker, achieving RTO of minutes.

Option A is incorrect because a new EC2 instance launch and snapshot restore cannot achieve 30-minute RTO. Option B is incorrect because Multi-AZ RDS is not for HANA. Option D is incorrect because HSR to a smaller instance in the same region provides DR but does not use the second region as specified.

439
Multi-Selectmedium

A company is migrating an SAP ERP system to AWS and needs to ensure high availability for the SAP Central Services (ASCS). The company plans to use a shared file system for the SAP transport directory. Which TWO AWS services can be used to provide a highly available shared file system for this purpose?

Select 2 answers
A.Amazon EBS Multi-Attach
B.Amazon S3
C.Amazon FSx for Windows File Server
D.Amazon FSx for NetApp ONTAP
E.Amazon EFS
AnswersD, E

FSx for NetApp ONTAP provides NFS, supports HA.

Why this answer

Option A (Amazon EFS) and Option E (Amazon FSx for NetApp ONTAP) are correct because they are NFS-based file systems that support the required protocols and can be configured for high availability. Option B (EBS) is block storage, not shared. Option C (S3) is object storage.

Option D (FSx for Windows) is SMB, not NFS. For SAP, NFS is required.

440
MCQhard

A company runs SAP on AWS and uses a Multi-AZ RDS for SAP HANA as the database. The database instance is m5.8xlarge with 1000 GB of gp2 storage. The application team reports that write latency spikes during peak hours. The average write throughput is 200 MB/s. Which change would most effectively reduce write latency?

A.Increase the volume size to 2000 GB
B.Enable EBS Auto Scaling on the volume
C.Change the volume type to Throughput Optimized (st1)
D.Change the volume type to Provisioned IOPS (io1 or io2)
AnswerD

Provisioned IOPS provides consistent low-latency performance.

Why this answer

gp2 volumes have a baseline of 3 IOPS per GB. 1000 GB provides 3000 IOPS baseline. Burst balance depletes if sustained IOPS exceed baseline. The maximum throughput for gp2 is 250 MB/s, but 200 MB/s is high.

Provisioned IOPS (io1/io2) provides consistent performance and higher throughput. Option B is correct. Increasing volume size would increase baseline but may not be cost-effective.

Changing to st1 is throughput-optimized but not for HANA. Enabling Auto Scaling only increases size when burst credits depleted but still uses gp2.

441
MCQhard

An SAP system on AWS is experiencing intermittent connectivity issues between the SAP application servers and the HANA database server. The network team confirms that the VPC network ACLs and security groups allow all required traffic. However, the issue occurs only during peak load. What is the most likely cause?

A.The TCP segmentation offload (TSO) is causing packet drops.
B.The EBS-optimized instance is not providing enough bandwidth for the database workload.
C.The Elastic Network Adapter (ENA) is not enabled on the instance.
D.The instance is using IPv6 addresses for communication.
AnswerB

EBS bandwidth can bottleneck network performance.

Why this answer

Option B is correct because EBS-optimized instances provide dedicated bandwidth for EBS traffic, and during peak load, the database workload may exceed the available EBS bandwidth, causing network I/O throttling and intermittent connectivity. This manifests as packet drops or timeouts between SAP application servers and the HANA database, even though security groups and ACLs are correctly configured.

Exam trap

The trap here is that candidates often assume network ACLs or security groups are misconfigured, but the issue is actually a resource contention problem at the EBS bandwidth level, which only manifests under peak load.

How to eliminate wrong answers

Option A is wrong because TCP segmentation offload (TSO) offloads TCP segmentation to the NIC, reducing CPU overhead and typically improving performance; it does not cause packet drops under load. Option C is wrong because the Elastic Network Adapter (ENA) is a virtual NIC that provides higher throughput and lower latency, and if it were not enabled, the issue would be persistent, not intermittent during peak load. Option D is wrong because using IPv6 addresses for communication does not inherently cause intermittent connectivity issues; IPv6 is fully supported on AWS and would not degrade only under load.

442
MCQhard

An SAP HANA database on AWS is using EBS gp3 volumes with 3000 IOPS. The database team observes that the write latency is high during peak hours. The EBS volume is not exceeding its bandwidth limit. What is the most likely cause?

A.The EBS volume is not attached as a dedicated EBS bandwidth volume.
B.The EBS volume's IOPS limit is being reached, causing queuing.
C.The EC2 instance's EBS bandwidth is saturated.
D.The EC2 instance does not have EBS optimization enabled.
AnswerB

3000 IOPS may be insufficient, leading to high queue depth and latency.

Why this answer

The correct answer is B because the observed high write latency during peak hours, despite the EBS volume not exceeding its bandwidth limit, indicates that the volume's IOPS limit of 3000 is being reached. When the IOPS limit is hit, the EBS volume queues I/O requests, which increases latency. This is a classic symptom of IOPS saturation rather than bandwidth saturation.

Exam trap

The trap here is that candidates confuse IOPS limits with bandwidth limits, assuming high latency must be due to bandwidth saturation, but the question explicitly rules out bandwidth as the cause, pointing directly to IOPS queuing.

How to eliminate wrong answers

Option A is wrong because there is no such concept as a 'dedicated EBS bandwidth volume' in AWS; EBS bandwidth is determined by the EC2 instance type and volume type, not by a dedicated attachment setting. Option C is wrong because the question explicitly states the EBS volume is not exceeding its bandwidth limit, so the EC2 instance's EBS bandwidth is not saturated. Option D is wrong because EBS optimization is enabled by default on all current-generation EC2 instances, and if it were disabled, the instance would be throttled at the network level, not specifically cause write latency only during peak hours without bandwidth saturation.

443
MCQmedium

A company is running SAP S/4HANA on AWS with a high-availability setup using SAP HANA System Replication and a Pacemaker cluster. The cluster consists of two EC2 instances in different Availability Zones, each with an EBS volume for HANA data. The cluster uses a virtual IP address (VIP) managed by the AWS Route 53 health check and failover mechanism. During a recent failover test, the secondary node took over as primary, but the application was unable to connect to the database for several minutes. The investigation reveals that the VIP did not update correctly. The company wants to ensure fast and reliable VIP failover. What should the team do to improve the failover time?

A.Increase the DNS TTL to 300 seconds to reduce lookups and rely on the Pacemaker VIP update.
B.Assign an Elastic IP address to the active node and use a script to reassign it during failover.
C.Reduce the Route 53 health check interval to 10 seconds and lower the DNS TTL to 60 seconds.
D.Place the SAP HANA database behind an internal Network Load Balancer (NLB) and use the NLB's TCP health checks to route traffic to the active instance.
AnswerD

NLB provides fast health checks (every 10 seconds) and immediate traffic rerouting without DNS delays, enabling sub-second failover.

Why this answer

Option C is correct. Using an internal Network Load Balancer (NLB) as a database endpoint provides a static IP that can be redirected to the active HANA node. The NLB health check can quickly detect the failure and reroute traffic to the healthy secondary instance.

Option A is incorrect because Route 53 health checks have a default interval of 30 seconds and DNS TTL can cause delays. Option B is incorrect because EIP reassignment requires API calls and may take longer. Option D is incorrect because increasing the TTL would make failover slower, not faster.

444
MCQhard

An SAP system on AWS is using a shared /usr/sap/trans directory mounted on an NFS file server. The file server is an EC2 instance with a standard gp2 EBS volume. During SAP transports, users experience slow response times and occasional timeouts. The system administrator suspects the file server is the bottleneck. Which solution would provide a fully managed, highly available, and performant file share for SAP transport files?

A.Configure multiple EC2 file servers with a load balancer.
B.Replace the EC2 file server with Amazon EFS.
C.Migrate /usr/sap/trans to Amazon FSx for NetApp ONTAP with Multi-AZ deployment.
D.Increase the EBS volume size of the file server to improve throughput.
AnswerC

FSx for NetApp ONTAP provides a fully managed, scalable, and highly available NFS file system ideal for SAP transport files.

Why this answer

Option A is correct because Amazon FSx for NetApp ONTAP is a fully managed, high-performance NFS file system that supports multi-AZ and is SAP-certified for /usr/sap/trans. Option B (EFS) can be used but may not provide the same level of performance and features as FSx ONTAP for this use case. Option C (increase EBS size) does not address the single point of failure.

Option D (multiple file servers) adds complexity and is not fully managed.

445
Multi-Selectmedium

An SAP administrator is troubleshooting a performance issue on an SAP HANA database running on AWS. The HANA data volume is an EBS io1 volume with 10,000 provisioned IOPS. The administrator notices that the average queue length is consistently above 10, and the average latency is 20 ms. Which TWO actions will most likely improve performance?

Select 2 answers
A.Migrate the volume to an instance with NVMe instance store.
B.Increase the provisioned IOPS on the io1 volume to 20,000.
C.Move the database to a larger EC2 instance type that supports higher EBS bandwidth.
D.Configure multiple EBS volumes in a RAID 0 stripe to increase IOPS.
E.Change the volume type to gp3 with 10,000 IOPS.
AnswersB, C

More IOPS reduces queue depth and latency.

Why this answer

Option A and Option D are correct. Increasing IOPS (A) directly addresses the queue. Using a larger instance with higher EBS bandwidth (D) can improve throughput.

Option B (NVMe) requires instance store, not EBS. Option C (gp3) may not provide enough IOPS. Option E (Multiple volumes) adds complexity and may not help if the bottleneck is IOPS.

446
Multi-Selecteasy

A company is planning to migrate its SAP workloads to AWS. Which THREE AWS services are commonly used to set up a secure network connectivity between on-premises and AWS? (Choose THREE.)

Select 3 answers
A.AWS Transit Gateway
B.AWS Site-to-Site VPN
C.AWS Direct Connect
D.VPC Peering
E.AWS Client VPN
AnswersA, B, C

Acts as a hub to connect VPCs and on-premises networks.

Why this answer

Options A, B, and C are correct. AWS VPN, Direct Connect, and Transit Gateway are used for hybrid connectivity. Option D is not correct because VPC Peering is for VPC-to-VPC, not on-premises.

Option E is not correct because Client VPN is for individual clients.

447
MCQhard

A company is migrating a large SAP HANA system to AWS. The SAP system has strict latency requirements for storage and requires high IOPS. Which storage solution should be used for the SAP HANA data volume?

A.Amazon S3
B.Amazon EBS io2 Block Express volumes
C.Amazon EFS
D.Amazon EBS gp3 volumes
AnswerB

io2 Block Express delivers up to 256K IOPS and low latency, meeting HANA requirements.

Why this answer

SAP HANA on AWS requires high-performance storage. io2 Block Express volumes provide up to 256K IOPS and sub-millisecond latency, meeting HANA's requirements. Option A (gp3) is general purpose but not as high performance. Option C (Amazon EFS) is file storage, not block.

Option D (Amazon S3) is object storage, not suitable.

448
Multi-Selectmedium

Which TWO of the following are best practices for running SAP HANA on AWS?

Select 2 answers
A.Use RAID 0 across multiple EBS volumes to increase IOPS.
B.Deploy the HANA database in multiple Availability Zones for high availability.
C.Store HANA data and log files on Amazon S3.
D.Use EBS-optimized instances for dedicated storage throughput.
E.Use burstable instance types for cost savings.
AnswersB, D

Multi-AZ is key for HA.

Why this answer

Deploying the HANA database in multiple Availability Zones is a best practice for high availability because it protects against an entire AZ failure. SAP HANA supports system replication (HSR) in synchronous or synchronous-memory mode across AZs, enabling automatic failover with minimal data loss. This aligns with the AWS Well-Architected Framework's reliability pillar for critical SAP workloads.

Exam trap

The trap here is that candidates often confuse high availability (multi-AZ) with disaster recovery (multi-Region), or they assume RAID 0 is a performance best practice without considering the data integrity risks for a mission-critical database like SAP HANA.

449
MCQhard

A company runs SAP ECC on AWS with a multi-ASCS architecture for high availability. During a failover test, the secondary ASCS instance does not take over. The cluster logs indicate that the 'aws-cluster' resource agent failed to release the Elastic IP. What is the MOST likely cause?

A.The Elastic IP is associated with the primary private IP address of the ENI.
B.The Elastic IP is in a different Availability Zone than the secondary ASCS instance.
C.The cluster is using a NAT Gateway for outbound traffic, conflicting with the Elastic IP.
D.The IAM role assigned to the instances does not have permission to release the Elastic IP.
AnswerA

EIPs are associated with private IPs; if it's on the primary IP, the ENI cannot be moved without detaching. A secondary IP allows reassignment.

Why this answer

In a multi-ASCS SAP cluster on AWS, the 'aws-cluster' resource agent manages Elastic IP (EIP) failover by disassociating the EIP from the primary instance and associating it with the secondary instance. If the EIP is associated with the primary private IP address of the Elastic Network Interface (ENI) rather than the ENI itself, the resource agent cannot release it because the association is at the IP level, not the ENI level. This prevents the secondary ASCS instance from acquiring the EIP, causing the failover to fail.

Exam trap

The trap here is that candidates often assume IAM permissions (Option D) are the root cause of any AWS resource management failure, but the specific log message about 'failed to release' points to a technical limitation of the resource agent with IP-level EIP associations, not an authorization issue.

How to eliminate wrong answers

Option B is wrong because Elastic IPs are regional resources that can be associated with instances in any Availability Zone within the same region; a different AZ does not prevent release or association. Option C is wrong because a NAT Gateway is used for outbound internet traffic and does not conflict with Elastic IP operations; the cluster resource agent interacts directly with the EC2 API to manage EIPs, independent of NAT Gateway routing. Option D is wrong because the IAM role permissions issue would typically cause an authorization error in the logs, but the question states the logs indicate the resource agent 'failed to release the Elastic IP' — this points to a technical limitation of the agent, not a permissions failure.

450
MCQeasy

A small business runs its SAP Business One on a single EC2 instance in AWS. The database is SAP HANA, and the application is also on the same instance. The company wants to ensure that in the event of an instance failure, they can quickly restore the system from backups. They take daily EBS snapshots of the root volume and the data volume. One day, the instance fails and becomes unreachable. The IT administrator attempts to launch a new instance from the most recent AMI, but the new instance does not have the same private IP address, causing connectivity issues for the company's on-premises systems that use VPN to connect to the SAP server. The company uses a Site-to-Site VPN connection to the VPC. What should the administrator do to ensure that the private IP address is preserved after recovery?

A.Modify the VPC subnet to use a smaller CIDR range to ensure the IP is available.
B.Create a new AMI from the failed instance and use that AMI to launch a new instance, specifying the same private IP in the subnet.
C.Assign an Elastic IP to the instance and update the VPN configuration to use the Elastic IP.
D.Create an Elastic Network Interface (ENI) with the desired private IP, attach it to the instance, and after failure, detach it from the old instance and attach to the new instance.
AnswerD

ENI retains the private IP and can be moved to another instance.

Why this answer

Option B is correct because an ENI with a fixed private IP can be detached from the failed instance and attached to the new instance. Option A is wrong because Elastic IP is for public IPs. Option C is wrong because creating a new AMI does not preserve the private IP.

Option D is wrong because modifying the VPC is unnecessary.

Page 5

Page 6 of 24

Page 7